Skip to main content

Sonatype Nexus Repository 3.69.0 Release Notes

Released June 4, 2024

Highlights in This Release

Java 17 Support for Deployments Using H2 or PostgreSQL Databases

Sonatype Nexus Repository Pro operators can now choose to run their H2 or PostgreSQL-based Nexus Repository Pro deployments on Java 8, Java 11, or Java 17. Note that OrientDB cannot support Java 17.

Configure User Token Expiration

Sonatype Nexus Repository Pro deployments using user tokens for user authentication can now improve security by configuring user tokens to expire after a defined period of time.

What’s New in Sonatype Nexus Repository 3.69.0?

Check out what’s new in Sonatype Nexus Repository 3.69.0.

Java 17 Support for Deployments Using H2 or PostgreSQL Databases (Pro Only)

Sonatype Nexus Repository Pro operators with H2- or PostgreSQL-based deployments can now choose to use Java 8, Java 11, or Java 17. This new choice helps organizations that are seeking to move to more modern Java versions.

Note that OrientDB cannot support Java 17. Should you attempt to use Java 17 in a Sonatype Nexus Repository deployment that uses an OrientDB database, Nexus Repository will not start.

We have provided multiple Nexus Repository 3.69.0 binaries split by required Java version. When using the Docker image, the following pulls will provide a Docker image with a Java 8, 11, or 17 runtime:

  • Java 8

    • sonatype/nexus3:latest

    • sonatype/nexus3:3.69.0

    • sonatype/nexus3:3.69.0-java8

  • Java 11

    • sonatype/nexus3:3.69.0-java11

  • Java 17

    • sonatype/nexus3:3.69.0-java17

Need help changing your Java version? See our help documentation on upgrading your Nexus Repository Java version.

This improvement was made possible through your feedback in the Sonatype Ideas portal.

Configure User Token Expiration (Pro Only)

Sonatype Nexus Repository Pro deployments using user tokens for user authentication can now improve security by configuring user tokens to expire after a defined period of time. See our help documentation on configuring user tokens for details on how to take advantage of this new feature.

Sonatype Nexus Repository users are also able see the remaining time until their tokens expire in the User Token section of their accounts. See our help documentation about accessing and generating your user token for full details.

This improvement was made possible through your feedback in the Sonatype Ideas portal.

SAML Integration Improvements

This release introduces multiple SAML integration improvements:

You can now optionally specify a user realm source when deleting a user via the Users API. This makes it easier to identify a unique user even in cases where multiple LDAP servers are involved (e.g., by specifying LDAP realm and LDAP server ID in the delete request).

Administrators can also now delete cached authenticated SAML user records via user administration section in the Sonatype Nexus Repository user interface.

Lastly, if a user’s IdP field mappings change, Nexus Repository now automatically updates the user’s profile to show the new values.

Dependency Updates

Release 3.69.0 includes the following dependency updates:

  • org.bouncycastle : bcprov-jdk15to18 upgraded from 1.75 to 1.78.1

Bug Fixes

Issue ID

Description

NEXUS-42786

Exporting npm assets with application/x-gzip content type now works as expected.

NEXUS-42560

The YumAbsouteUrlRemover no longer recalculates or updates checksums for XML files containing the xml:base attribute; this change greatly improves performance.

NEXUS-42434

Adjusted all places in AuditDTO where ObjectMapper was instantiated to use the injected global mapper. Users should no longer see errors in the logs when uploading assets.

NEXUS-42411

Database Migrator: Reduced log noise by adjusting the ProcessChunkListener to log migration progress in time intervals (e.g., showing how many records were migrated each 10 seconds).

NEXUS-42409

Firewall works with Conda format as expected.

NEXUS-42276

The System Information page appears as expected with no NullPointerException.

NEXUS-41974

Running the Cleanup unused asset blobs task and Staging move in parallel now works as expected.

NEXUS-41862

Nexus Repository logs for deployments using PyPI Policy-Compliant Component Selection now only include filtered versions.

NEXUS-41692

User tokens for Crowd-backed users now use auth caching as expected.

NEXUS-41385

Downloading files through a proxy PyPI repository no longer leaves files in the blob store’s temporary directory.

NEXUS-41374

Nexus Repository no longer logs an ERROR message when a remote PyPI repository does not have a requested package.

NEXUS-41250

The nx-tasks-run privilege details in the Nexus Repository user interface no longer display an error under the Actions section.

NEXUS-41218

Added a property to nexus.properties that users may configure in order to reduce overly verbose audit logging for NuGet v2 on deployments using PostgreSQL. To turn off attributes logging, add the following to nexus.properties: nexus.audit.attribute.changes.enabled=true.

NEXUS-41403

Reduced excessive Database Migrator logging.

NEXUS-39085

To ensure consistency across the REST API, we updated all asset ID formats to use only the long ID.

NEXUS-37307

The Crowd realm user cache is now used for npm client bearer token-authenticated requests.

NEXUS-36248

As mentioned in the improvements above, we have extended the users API to allow you to include a realm parameter when deleting a user.

NEXUS-31205

Adjusted support zip algorithms to not truncate any support zip files other than log files.

NEXUS-26828

When a remote Docker repository indicates that something is “not found,” the proxy repository no longer logs a WARN message.

NEXUS-23052

As mentioned in the improvements above, Administrators can now delete cached authenticated SAML user records via user administration section in the Sonatype Nexus Repository user interface.

NEXUS-17740

Created a Repair - Recalculate blob store storage task that can be run if blob store blob count and total size display incorrect information. This is a slow-running task and should be used with careful consideration of available system resources. See our published performance testing for details.