Skip to main content

2025 Release Notes

This page contains a list of 2025 Sonatype Nexus Repository releases, links to each release's release notes, and a brief list of major changes per release.

Summary of Major Nexus Repository Changes in 2025

The following table lists major changes to Sonatype Nexus Repository in 2025. Consider these changes when upgrading to a new version. Select a release to see the full release notes.

Release

Release Date

Major Changes

3.78.0 - 3.78.1

March 7, 2025 (3.78.1)

March 4, 2025 (3.78.0)

Known Issue Impacting 3.78.1 and 3.78.0

Nexus Repository not using some settings in nexus.vmoptions

Sonatype is aware of an issue where Nexus Repository deployments on versions 3.78.0 and 3.78.1 are not fully using custom data directory settings in nexus.vmoptions. This affects karaf.data, karaf.log, java.io.tmpdir, and XX:LogFile configurations, forcing the application to use the default ../sonatype-work/nexus3 directory. We will release a fix for this issue as soon as possible.

3.78.1

  • Multiple fixes for bugs impacting release 3.78.0; see the full release notes for details.

  • Reverted previous core dependency updates, including moving back to SLF4J 1.7 and Logback 1.2.

3.78.0

  • Breaking change for custom plugins: Nexus Repository migrates to Spring Boot architecture.

  • Custom OSGi bundle deployment no longer supported.

  • Important breaking change for Windows users. JReleaser replaces Install4J as our tool for building installers. If you configure Windows Service Manager to run Nexus Repository, please review the updated instructions in our installation help docs before upgrading for details, including the commands you will need to use for starting, stopping, and uninstalling the service.

  • Unix archive now comes with platform-specific JDK and can no longer be used in a Mac environment.

  • Simpliefied JDK upgrades with Nexus Repository source code migration to Java.

  • ARM Docker images now available on Docker Hub.

  • Improved npm audit security with Firewall integration.

  • Sunsetting Log4J Visualizer and Bower format.

  • Core dependency updates, including move from SLF4J 1.7 to SLF4J 2.0 and from Logback 1.2 to Logback 1.5. (Reverted in 3.78.1)

Breaking Changes with JFrog Artifactory 7.104

JFrog Artifactory 7.104 is the latest and is incompatible with the Repository Firewall plugin. JFrog Artifactory has introduced a newer version of groovy-core that is not backward compatible with the version the Repository Firewall plugin is compiled against.

We recommend not upgrading to Artifactory 7.104 as doing so causes an interruption with the Repository Firewall service and exposes you to malware entering the environment.

3.70.0 - 3.70.4

February 13, 2025 (3.70.4)

October 10, 2024 (3.70.3)

September 3, 2024 (3.70.2)

July 10, 2024 (3.70.1)

July 9, 2024 (3.70.0)

Important

The Nexus Repository 3.70.x line is the last release line to support OrientDB. If you must remain on OrientDB, you will need to remain on our 3.70.x release line until you can migrate to H2 or PostgreSQL.

This marks OrientDB's transition to Extended Maintenance as defined in our sunsetting documentation.

There is no official sunset date for OrientDB at this time.

3.70.4

  • New Docker Tag for 3.70.x Releases

  • Multiple bug fixes

3.77.0 - 3.77.2

February 25, 2025 (3.77.2)

February 6, 2025 (3.77.1)

February 4, 2025 (3.77.0)

  • 3.77.2

    • Multiple bug fixes to improve performance.

  • 3.77.1

    • Fixes an issue in 3.77.0 where using the X-Forwarded-Port header with that exact letter case caused Docker repositories to return a 500 Server Error due to a conversion issue.

    • Fixes an issue in 3.77.0 that prevented the option to automatically remove malware from displaying when configuring the Automatic Malware Management task.

  • 3.77.0

    • Nexus Repository OSS becomes Nexus Repository Community Edition

    • Support for Hugging Face Proxy Repositories (Pro and Community Edition)

    • Automatically Remove Malicious Components with Repository Firewall (Pro Only)

    • Content Replication for Conan V2 (Pro Only)

    • Helm Staging Support (Pro Only)

    • Status Check for Embedded Database Use (H2 Only)

3.76.0 - 3.76.1

January 23, 2025 (3.76.1)

January 7, 2025 (3.76.0)

Known Issue

Sonatype is aware of an issue impacting Azure Blob Store users where attempting to download binary files exceeding 2GB can cause Nexus Repository to become unresponsive. We will release a patch for this issue as soon as possible.

  • 3.76.1

    • Fixed a bug that caused 404 errors during yum install commands for some 3.76.0 deployments.

    • Fixed a bug that prevented the Assets REST API from returning maven2 assets in some 3.76.0 deployments.

  • 3.76.0

    • Native support for Conan 2.0 (Pro only)

    • Malware remediation task

    • Firewall added to solution switcher

    • Google Cloud Platform (GCP) blob store Region field is now auto-populated when creating a new blob store