JFrog CLI

Version v2.99.0 introduces new features like Ghost Frog Tests workflow and package alias metrics across jfrog-cli and jfrog-cli-core, alongside several bug fixes.

This release introduces new features across several components, including pnpm command support in jfrog-cli and malicious detection capabilities in jfrog-cli-artifactory. Numerous bug fixes address environment issues, Docker OOM errors, and regex parsing problems.

This release introduces new features across CLI tools, including dependency exclusion support in Artifactory and enhanced static SCA validation in Security. Numerous bug fixes were applied across Artifactory, Security, and Client Go modules.

This release focuses on improving the user experience by addressing critical, major, and minor violations found during a UX writing audit of the Jfrog CLI.

This release introduces new logic for updating Hugging Face endpoints and tokens, and adds the huggingface command name.

Version 2.94.0 introduces support for docker containerd-snapshotter storage and resolves a bug concerning the conan project key build directory.

This release primarily focuses on internal maintenance, including bumping the Go version and fixing a flaky test case related to Artifactory Client Certificates on Windows.

This release introduces support for nested paths in docker builds and npm run native commands. It also fixes an issue related to checking the latest jfrog cli version.

This release primarily focuses on internal improvements, adding end-to-end tests for draft release bundle commands and welcoming new contributors.

Version 2.90.0 primarily focuses on fixing a merge artifact issue and includes additional test coverage for upload and rbc commands.

Version 2.89.0 introduces automatic setting of CI VCS properties on artifacts and includes several bug fixes, notably improving Maven 3.9.12 compatibility.

This release introduces support for HELM and Conan packages within the CLI, adds Docker curation audit support, and includes several bug fixes across dependency handling and command visibility.

This release introduces support for the docker build command and adds native helm commands support. It also includes fixes related to spec file handling and dependency updates.

Version 2.86.0 introduces support for native Conan commands and resolves a bug in the docker scan help command.

This release primarily contains internal updates and maintenance, as indicated by the lack of specific feature or fix announcements in the provided notes.

JFrog CLI version 2.84.0 primarily addresses a bug related to curl execution with additional flags in the 'jf rt' command.

Version 2.83.0 introduces support for direct download commands and includes several bug fixes, notably for poetry publish and curl argument parsing. The release also includes dependency updates and new IDE support.

Version 2.82.0 introduces an updated IDE design with VS Code persistence support and refactors 'jf evd' into a separate embedded plugin.

JFrog CLI v2.81.0 introduces AppTrust commands and a Maven native implementation using flexpack, alongside a fix for the autocomplete survey display.

Version 2.80.0 primarily includes a bug fix related to adding a timestamp property for the python package.

This patch release includes an alignment fix for VCS parameters and hides the survey when running in a CI environment.

This release introduces a new flag to disable token refresh and includes fixes for npm workspace handling and binary builds.

Version 2.79.0 introduces Poetry native support, docker login capabilities, and new build process tasks for collecting environment and git information.

This patch release addresses a specific bug related to caching in pip dependencies within the JFrog CLI.

This patch release addresses a bug fix related to the xz dependency and welcomes two new contributors.

This patch release addresses a bug in SARIF generation by ensuring missing invocation attributes are filled.

This patch release focuses on security by fixing reported vulnerabilities related to SCA location reporting for SARIF and null attributes.

This release (v2.78.5) provides updated binaries for various platforms, including Linux, MacOS, and Windows, as a patch update from v2.78.3.

This patch removes empty properties from build-info and improves CLI version checking by utilizing a GitHub token to prevent rate limiting. It also adds a summary section to the create evidence command in GitHub Actions.

This release introduces support for using a GitHub token, enhancing authentication capabilities for certain operations.

This patch release introduces improvements to SAST fingerprinting and SARIF output, alongside several bug fixes across the CLI and client libraries, including IDE setup updates.

Version 2.78.0 introduces new features like Ruby gems support and repository properties, while also removing the deprecated 'audit' command in favor of 'scan'.

Version 2.77.0 introduces a new curation audit for Gradle and support for the source-mcp command, alongside a fix for macOS ARM64 CPU type mismatches.

This release introduces support for JFrog Advanced Security (JAS) scanning and improves npm tarball handling by supporting non-standard package.json locations. Several minor bugs related to Xray API calls and spec flag reading were also resolved.

JFrog CLI version 2.76.0 introduces a new lifecycle annotate command and includes fixes related to Maven wrapper usage and BuildScan violation parsing.

This patch release updates the Analyzer Manager to v1.17.0 and includes fixes for the `jf eot` command output and the gradle dependency tree command.

Version 2.75.0 introduces OIDC authentication, a new worker execution history command, and enhancements to configuration profile support for security scanners. It also includes several bug fixes related to build publishing and security violation handling.

Version 2.74.1 primarily contains bug fixes and improvements related to JAS and internal dependency updates.

Version 2.74.0 introduces several new features, including an overwrite flag for build publishing and SBOM information retrieval, alongside bug fixes for `rt curl` and `rbc` commands.

Version v2.73.3 renews the Windows executables certificate and includes fixes for operational risk reporting duplication and the worker's deploy command.

This patch release (v2.73.2) introduces support for RBV2 downloads and includes several bug fixes related to Zsh completion, GPG keys, and temporary directory creation.