Sonatype Nexus Repository 3.63.0 Release Notes
Released December 5, 2023
Quality Improvements This release primarily focuses on improving Sonatype Nexus Repository quality through bug fixes. See the Bug Fix table for full details. Enhancements to High Availability Helm Chart We have recently enhanced our High Availability (HA) Helm Chart (GitHub , ArtifactHub) to make it more flexible and configurable. |
Enhancements to High Availability Helm Chart
We have recently enhanced our High Availability (HA) Helm Chart (GitHub , ArtifactHub) to make it more flexible and configurable.
We’ve removed version numbers from Kubernetes objects that the Helm chart creates. We’ve also made it possible to add custom labels and selectors. If you have existing volumes and volume mounts, you can also use those rather than having the Helm chart create new ones.
Here is a complete list of items you can now specify:
Additional volumes
Additional volume mounts
Additional containers
Statefulset annotations
Pod annotations
Node selectors
Host aliases
Pre-start and post-start commands
Init containers
TLS Secrets for ingress
Additional labels
Additional selectors
Ingress and service for Docker registries (for Docker connectors)
Security context for running the Nexus Repository pod
Service annotations
Existing persistent volume claim for nexus work directory
Learn more about our HA deployment options in the Resiliency and High Availability help documentation.
This feature was made possible because of your feedback in the Ideas Portal.
Additional Audit Logging
Based on your requests, we’ve enhanced our audit logging in this release:
For SAML, we now log user login, logout, and config-changed events.
For local authentication, LDAP, and Crowd, we now log user login and logout events.
Check out our Support Features documentation for more information about logging.
This feature was made possible because of your feedback in the Ideas Portal.
Filter by Blob Store Name
To make it easier for you to locate and sort the list of repositories in your deployment, we’ve enhanced our Repositories table filter to ensure you can search by blob store name. Simply type the blob store name into the table’s filter box to filter by blob store name.
See the Repository Management help topic for more information on using this table to manage your repositories.
Dependency Upgrades
This release upgrades the following dependencies:
org.apache.santuario updated from version 2.3.0 to 2.3.4.
org.json : json : updated to 20231013
Bug Fixes | Description |
|---|---|
NEXUS-40742 | Addressed an edge case for the Database Migrator where component tags were not preserved post-migration. |
NEXUS-40623 | Adjusted regex to handle requests for NuGet v3 versions with double hyphens. |
NEXUS-40621 | Sonatype Nexus Repository deployments using PostgreSQL will appropriately return a 204 response when a user re-deploys a component with the same tag to the hosted repository when re-deploy is allowed. |
NEXUS-40491 | Resolved an issue where running the Repair - Reconcile component database from the blob store task with the integrity check option enabled did not remove some assets even though their .properties files did not exist. |
NEXUS-40421 | Resolved an issue with the nexus.azure.server property not being set properly. |
NEXUS-40244 | The Reconcile component database from the blob store task restores only the expected blobs with the created/updated times matching the originals. |
NEXUS-40007 | Conditional Get (If-Modified-Since) on Yum group repo metadata now appropriately returns a 200 response when expected. |
NEXUS-39826 | You are now able to proxy RubyGems.org escape gem. |
NEXUS-39675 | PyPI package versions published using Twine before upgrading to 3.41.0 or later are now discoverable as expected. The “Generate Missing SHA256 Checksums” and “Delete Index Asset MD5 Metadata” tasks now run automatically after the upgrade. |
NEXUS-39567 | You are now able to proxy the RubyGems.org abstract gem. |
NEXUS-39464 | Proxying scoped npm packages with an underscore in the name now works without issue. |
NEXUS-39227 | Proxying PyPI repositories with policy-compliant component selection enabled is now appropriately incorporated into etag updates. |
NEXUS-38587 | Searching for Docker images with names containing a “/” character now works as expected. |
NEXUS-36415 | Resolved an issue that was causing cached proxied NuGet package metadata that cannot be parsed to prevent content from being updated from remote. |