Skip to main content

Sonatype Nexus Repository 3.63.0 Release Notes

Released December 5, 2023

Highlights in This Release

Quality Improvements

This release primarily focuses on improving Sonatype Nexus Repository quality through bug fixes. See the Bug Fix table for full details.

Enhancements to High Availability Helm Chart

We have recently enhanced our High Availability (HA) Helm Chart (GitHub , ArtifactHub) to make it more flexible and configurable.

What’s New and Noteworthy in This Release?

Enhancements to High Availability Helm Chart

We have recently enhanced our High Availability (HA) Helm Chart (GitHub , ArtifactHub) to make it more flexible and configurable.

We’ve removed version numbers from Kubernetes objects that the Helm chart creates. We’ve also made it possible to add custom labels and selectors. If you have existing volumes and volume mounts, you can also use those rather than having the Helm chart create new ones.

Here is a complete list of items you can now specify:

  • Additional volumes

  • Additional volume mounts

  • Additional containers

  • Statefulset annotations

  • Pod annotations

  • Node selectors

  • Host aliases

  • Pre-start and post-start commands

  • Init containers

  • TLS Secrets for ingress

  • Additional labels

  • Additional selectors

  • Ingress and service for Docker registries (for Docker connectors)

  • Security context for running the Nexus Repository pod

  • Service annotations

  • Existing persistent volume claim for nexus work directory

Learn more about our HA deployment options in the Resiliency and High Availability help documentation.

This feature was made possible because of your feedback in the Ideas Portal.

Additional Audit Logging

Based on your requests, we’ve enhanced our audit logging in this release:

  • For SAML, we now log user login, logout, and config-changed events.

  • For local authentication, LDAP, and Crowd, we now log user login and logout events.

Check out our Support Features documentation for more information about logging.

This feature was made possible because of your feedback in the Ideas Portal.

Filter by Blob Store Name

To make it easier for you to locate and sort the list of repositories in your deployment, we’ve enhanced our Repositories table filter to ensure you can search by blob store name. Simply type the blob store name into the table’s filter box to filter by blob store name.

See the Repository Management help topic for more information on using this table to manage your repositories.

Dependency Upgrades

This release upgrades the following dependencies:

  • org.apache.santuario updated from version 2.3.0 to 2.3.4.

  • org.json : json : updated to 20231013

Bug Fixes

Ticket Number

Description

NEXUS-40742

Addressed an edge case for the Database Migrator where component tags were not preserved post migration.

NEXUS-40623

Adjusted regex to handle requests for NuGet v3 versions with double hyphens.

NEXUS-40621

Sonatype Nexus Repository deployments using PostgreSQL will appropriately return a 204 response when a user re-deploys a component with the same tag to hosted repository when re-deploy is allowed.

NEXUS-40491

Resolved an issue where running the Repair - Reconcile component database from blob store task with the integrity check option enabled did not remove some assets even though their .properties files did not exist.

NEXUS-40421

Resolved an issue with the nexus.azure.server property not being set properly.

NEXUS-40244

The Reconcile component database from blob store task restores only the expected blobs with the created/updated times matching the originals.

NEXUS-40007

Conditional Get (If-Modified-Since) on Yum group repo metadata now appropriately returns a 200 response when expected.

NEXUS-39826

You are now able to proxy RubyGems.org escape gem.

NEXUS-39675

PyPI package versions published using twine before upgrading to 3.41.0 or later are now discoverable as expected. The “Generate Missing SHA256 Checksums” and “Delete Index Asset MD5 Metadata” tasks now run automatically after upgrade.

NEXUS-39567

You are now able to proxy the RubyGems.org abstract gem.

NEXUS-39464

Proxying scoped npm packages with an underscore in the name now works without issue.

NEXUS-39227

Proxying PyPI repositories with policy-compliant component selection enabled is now appropriately incorporated into etag updates.

NEXUS-38587

Searching for Docker images with names containing a “/” character now works as expected.

NEXUS-36415

Resolved an issue that was causing cached proxied NuGet package metadata that cannot be parsed to prevent content from being updated from remote.