Sonatype Nexus Repository 3.77.0 Release Notes
Released February 4, 2025
What’s New and Noteworthy in This Release ?
Sonatype Nexus Repository OSS is now Community Edition
As of version 3.77.0, the free edition of Nexus Repository is now called Sonatype Nexus Repository Community Edition. To learn more about why Sonatype is making this change, read this message from our founder.
Community Edition is designed to deliver robust repository management for individual users and small teams. Upgrading to 3.77.0 unlocks powerful new features, including access to previously Pro-only formats, seamless integration with containerized environments like Kubernetes, and more. Community Edition does also include some usage limitations. To learn more, see the Community Edition onboarding documentation.
You can upgrade directly to 3.77.0 from versions 3.71.0 and later. If you’re on an earlier version, see our upgrading documentation for getting to 3.71.0 and beyond. Accept the updated Community Edition End User License Agreement (EULA) either through the onboarding wizard or our new EULA REST API to complete the upgrade.
Support for Hugging Face Proxy Repositories (Pro and Community Edition)
As AI/ML adoption continues to surge, managing and distributing these powerful models efficiently becomes crucial. Now you can harness the power of pre-trained models while maintaining control and efficiency by proxying Hugging Face models directly within Nexus Repository.
This new feature brings the following benefits:
Improved performance and reduced bandwidth consumption: Cache models locally for faster access and reduced latency, especially for large models. Locally caching models also minimizes external requests and optimizes network usage.
Enhanced security: Leverage Nexus Repository's robust security features to control access and protect your valuable machine learning assets.
Increased efficiency: Streamline your workflows by centralizing model management within your existing repository infrastructure.
To optimize performance, we recommend using an NFS/EFS/Azure file storage for your Hugging Face repositories. While this release focuses on proxying Hugging Face models, support for datasets and spaces is planned for future releases. See our Hugging Face help documentation for full details.
Automatically Remove Malicious Components with Repository Firewall (Pro Only)
You can now configure the Automatic Malware Management task (introduced in release 3.76.0) to automatically remove the malware identified within your configured proxy repositories. This enhancement improves repository security by streamlining the removal of components containing malware, reducing the risk of exposure. The task works alongside Repository Firewall, which proactively blocks users from downloading malware. For full details, see the malware risk help documentation.
Content Replication for Conan V2 (Pro Only)
Sonatype Nexus Repository now supports Content Replication for Conan v2. Content Replication allows developers to publish artifacts to one Nexus Repository instance and have other instances pre-fetch them through a standard proxy repository. This translates to faster artifact delivery and increased developer productivity. Learn more in the Content Replication help documentation.
Helm Staging Support (Pro Only)
Sonatype Nexus Repository Pro customers using an H2 or PostgreSQL database can now use Nexus Repository’s staging functionality for Helm format. This enhancement allows helps minimize the risk of deploying untested artifacts by enabling development teams to rigorously test and validate Helm charts in isolated staging environments before pushing them to production. For more information, see the staging help documentation.
Status Check for Embedded Database Use (H2 Only)
While embedded databases are appropriate for disposable edge caches, test deployments, and low-concurrency team usage, an external PostgreSQL is recommended for more demanding use. To this end, we have added a status check for deployments using an H2 database that will alert you should your usage be above what we recommend for an embedded database. For more information on status checks, see the status check help documentation.
Bug Fixes
Issue ID | Description |
|---|---|
NEXUS-45778 | Sonatype Nexus Repository respects headers provided by a reverse proxy to describe external URLs as expected. |
NEXUS-45690 | Resolved an issue that was sometimes causing a NullPointerException at FluxByteBufferInputStream.loadNext when using an Azure blob store. |
NEXUS-45587 | Fixed an issue where switching to the |
NEXUS-45564 | Fixed an issue where |
NEXUS-45516 | The Assets REST API returns maven2 details as expected. |
NEXUS-45480 | Resolved an issue where an incorrect Docker Bearer Token URL was returned in 3.76.0 anonymous pull requests. |
NEXUS-45474 | Fixed an issue that caused failures when installing Composer packages via a proxy Composer repository. |
NEXUS-45471 | Resolved the known issues from 3.76.0 that impacted Azure blob store users where attempting to download binary files exceeding 2GB could cause Nexus Repository to become unresponsive. |
NEXUS-45368 | Resolved an issue that was preventing Staging moves with tag from working in some HA environments. |
NEXUS-45300 | Fixed an issue where Yum group metadata was unnecessarily rebuilt on every request when a member repo lacked an ETag. |
NEXUS-45183 | Fixed an issue where browsing large Maven2 repositories failed with a server connection error. |
NEXUS-45088 | Requests for version-specific npm package metadata returns the correct download URL. |
NEXUS-45002 | Deleting the last direct asset does not delete its parent directory if it has other subdirectories with assets. |