Skip to main content

Nexus Repository 3.31.0 - 3.31.1 Release Notes

Nexus Repository Manager 3.31.1

2021-06-23

Warning

If you installed this version and utilize the Docker - Delete unused manifests and images task this message is critical.

A bug in this Nexus Repository version can cause loss of some Docker data when running the Docker - Delete unused manifests and images task. We recommend disabling this task immediately to avoid data loss. If this is not possible for your organization, we recommend not updating to this version. For more information, see NEXUS-28247.

NEXUS-28078

Docker - Delete unused manifests and images task may delete referenced layers if the database query to select components encounters limits

Nexus Repository Manager 3.31.0

Includes a security fix for an Information Disclosure CVE. See theCVE-2021-34553advisory for details.

Sonatype recommends administrators running Nexus Repository Manager 3.30.1 and earlier to upgrade immediately.

2021-06-16

These notes are a compilation of new features and significant bug fixes for Nexus Repository Manager 3.31.0.

Warning

If you installed this version and utilize the Docker - Delete unused manifests and images task this message is critical.

A bug in this Nexus Repository can cause loss of some Docker data when running the Docker - Delete unused manifests and images task. We recommend disabling this task immediately to avoid data loss. If this is not possible for your organization, we recommend not updating to this version. For more information, see NEXUS-28247.

New and Noteworthy

Database Externalization

This release adds important new database options. Nexus Repository Pro can now use an externalized PostgreSQL database instead of the embedded OrientDB. This means you can use highly available, cloud-provided databases like Amazon Aurora for improved resiliency and ease of operation.

This feature is fully supported for general use. This initial release supports a subset of formats: Maven, Docker, NuGet V3, PyPI, Helm, Raw, and Yum. Over the next few versions, we will continue to add support for other formats along with new reference architectures to help you make full use of these new database options.

General Improvements

  • [NEXUS-26931] Added UI validation to ensure container name is all lower case alphanumeric.

  • [NEXUS-27683] StorageFacetCleanupTaskManager should remove & schedule task.

  • [NEXUS-20252] Support Staging with PyPI format.

  • [NEXUS-24311] Added hardlinks to import/export.

  • [NEXUS-27953] Upgrade Eclipse Jetty to 9.4.42.v20210604.

Bug Fixes

Docker

  • [NEXUS-26732] - Race Condition in Docker format can cause assets to be mistakenly deleted.

  • [NEXUS-26938] - Use HEAD request to determine whether remote content has changed instead of conditional GET to avoid hitting DockerHub rate limit prematurely.

  • [NEXUS-27014] - Cleanup policies and tasks do not fully consider Docker layers can be referenced by manifests in other repositories.

  • [NEXUS-26737] - Deleting manifest with Docker API does not delete all tags.

Maven

  • [NEXUS-27015] - IllegalArgumentException on Publish Maven Index task.

npm

  • [NEXUS-26177] - Deleting an npm repository or invalidating the cache breaks npm audit.

  • [NEXUS-26971] - Incorrect results can be returned when using npm show with group repositories.

  • [NEXUS-27436] - npm metadata rebuild failing due to NPE.

NuGet

  • [NEXUS-26312] - "Last downloaded" not updating consistently in NuGet.

  • [NEXUS-27427] - Blank values for NuGet attributes.

PyPI

  • [NEXUS-27614] - PyPI can swallow errors when the simple index is being re-written.

Yum, S3

  • [NEXUS-27564] - Yum Group repomd.xml merge connection pool exhaustion causes problems.

  • [NEXUS-27563] - S3 connection pool exhaustion when merging repomd.xml in group repositories.