Distribution 2.15.0

JFrog Release Information

Content Type
Release Notes
ft:sourceType
Paligo

Released September 28, 2022

New Features

Updated the Design and Functionality of the Received Bundles Table

The Received Bundles table in the JFrog Platform has been updated to support easier search and filtering for Release Bundles. These updates include:

  • Improved search that enables you to find any Release Bundle by name or by using a wildcard together with other Release Bundle details

  • All Release Bundles are pulled using the REST API, ensuring that you can search for any Release Bundle regardless of when it was released

  • Release Bundles can now be sorted according to name, latest version or creation date

See Distribute Release Bundles (v1).Distribute Release Bundles (v1)

Feature Enhancements

Improved Distribution and Xray integration

The improved integration allows Distribution to retry triggering XRay scans for Release Bundles in cases where XRay is not available (previously this required manually triggering via API).

Bug Fixes

Jira Issues

Description

JR-5825

Added support for a Reference token to the Distribution APIs.

JR-5678

Changed the distributor-foreman.log format to begin with a date in the following pattern:{yyyy-MM-dd'T'HH:mm:ss.SSSZ}

JR-3783

Improved Distribution and XRay integration, allowing Distribution to retry triggering XRay scans for Release Bundles in cases where XRay is not available (previously this required manually triggering via API). See Distribution Application Config YAML File.Distribution Application Config YAML File

Fixed an issue related to the behavior of Distribution when Xray is started:

  • Added a grace period time to reconnect Xray upon connectivity issues.

  • Updated two cluster configuration flags:

    • allow-distribution-when-xray-is-unavailable: true # allow distribution when xray is unavailable

    • grace-period-for-xray-triggering-in-millis: 600000 # the time in milliseconds for retry xray vulnerability scanning triggering

JR-5938

Fixed an issue related to using GPG signing keys by non-admins.

JR-5894

Updated the PostgreSQL driver version to resolve a security issue.

Resolved Vulnerabilities

This release contains resolved CVEs - security vulnerability issues.