Distribution 2.20.1

JFrog Release Information


Released September 10, 2023

New Features

  • Xray integration when distributing/exporting Release Bundles v2

    Scan results performed by JFrog Xray on Release Bundles v2 can now be used to block a Release Bundle from being distributed or exported. If the scan reveals vulnerabilities in the Release Bundle that violate a Policy rule, the distribution/export operation will be blocked if this action has been configured in the Policy.

Feature Enhancements

  • UI improvements

    This release features several minor UI improvements that enhance the user experience when distributing and exporting Release Bundles.

  • Improved logic when distribution to an Edge node is stuck

    If Release Bundle distribution to a particular Edge node gets stuck, the system will move this distribution operation to the end of the list and continue distributing to other Edge nodes. This improved logic prevents the other Edge nodes from experiencing starvation.

  • Error message displayed when Air Gap export fails

    Any attempt to export a Release Bundle v2 in an Air Gap environment will fail if the public key has not been propagated. If the export fails, the platform UI now displays a clear error message to the user about the issue.

  • Improved error message displayed when Release Bundle v2 has the same name & version as Release Bundle v1

    If you attempt to distribute a Release Bundle v2 that has the same name and version as an existing Release Bundle v1, the distribution fails and an error message is displayed to the user that clearly describes the issue.

Bug Fixes

Jira Issues



Fixed an issue to prevent the system .jfrog directory from being included in a Release Bundle v2.


Fixed an issue that prevented the Distribution Tracking popup window for a Release Bundle v2 version from refreshing automatically.


Fixed an issue that caused an invalid Router internalPort configuration in the system.yaml file. Following the fix the following config paths are now both considered valid:

  • router.entrypoints.internalPort

  • router/entrypoints.internal.port

Resolved Vulnerabilities

This release contains resolved CVEs - security vulnerability issues.