2017 Release Notes
Repository Manager 2.14.5
See the complete release notes for all resolved issues.
Repository Manager 3.x Upgrade Compatibility
Upgrade to the latest 2.x release before upgrading to the latest 3.x version.
Repository Manager 2.14.5 is directly upgrade compatible with following newer 3.x releases, although upgrading to at least 3.7.1 release is recommended:
- Repository Manager 3.7.1 recommended
- Repository Manager 3.7.0
- Repository Manager 3.6.2
- Repository Manager 3.6.1
- Repository Manager 3.6.0
- Repository Manager 3.5.0
Upgrading from an older Nexus 2.x version directly to Nexus 3.5.0 or higher is explicitly blocked - upgrade your current Nexus 2.x version to 2.14.5 first.
Nexus Firewall Quarantine Enabled Repositories Upgrade Compatibility
Those installations with Nexus Firewall Quarantine Enabled repositories can now upgrade to Repository Manager 3.5.0 and your existing audit and quarantine history will be maintained. Using IQ Server version 1.33 or greater is required for this feature.
General Improvements
Logging
- [ NEXUS-13228] Bug race condition writing to request.log under high load may cause dead lock, thread pool exhaustion and CPU spike performance
Security
- [ NEXUS-13865] Bug protect against potential for logback exploit CVE-2017-5929 security
Repository Manager 2.14.4
These notes are a compilation of new features and significant bug fixes for Repository Manager 2.14.4.
See the complete release notes for all resolved issues.
New and Noteworthy
Nexus 3.x Upgrade Compatibility
Nexus 2.14.4 is upgrade compatible with the Nexus 3.3.0 release. Upgrading from a different Nexus 2.x version into Nexus 3.3.0 is explicitly blocked.
Edge-cases for corrupted or invalid npm and NuGet components that may exist in your Nexus 2.x instance will no longer block your upgrade to Nexus 3.x .
npm scoped packages support
By popular demand we have implemented package scope support for deploying and depending on scoped npm packages. Nexus Repository Manager 3.x already has this feature and now 2.x installations can start using scoped packages and be assured their packages will migrate correctly to Nexus Repository Manager 3 when they are ready.
Associating a scope with a registry is possible only by manually editing your ~/.npmrc file. Nexus Repository Manager 2.x does not support the special handling required to automatically add or remove scoped registries using adduser/login or logout commands. If you want this feature, using Nexus Repository Manager 3.x is still required.
Disabling Security Prompts for RUT Authentication
We have added a feature to disable user interface security prompts when using RUT authentication and LDAP realms together.
General Improvements
Upgrade
- [ NEXUS-12483] Bug invalid nexus 2.x NuGet repository files will cause nexus 3.x upgrade to fail with NullPointerException
- [ NEXUS-12513] Bug invalid nexus 2.x npm packages will fail the upgrade to nexus 3.x with 500 internal server error
NPM
- [ NEXUS-6857] Improvement Support for npm scoped packages
Security
- [ NEXUS-11888] Bug http request header values should be checked for validity before allowing a request to proceed security
Repository Manager 2.14.3
These notes are a compilation of new features and significant bug fixes for Repository Manager 2.14.3.
See the complete release notes for all resolved issues.
New and Noteworthy
Upgrade Compatibility
Nexus 2.14.3 is upgrade compatible with the Nexus Repository Manager 3.2.1 release. Upgrading from a different Nexus Repository Manager 2.x version into Nexus Repository Manager 3.2.1 is explicitly blocked.
nexus-staging-maven-plugin 1.6.8 released
We fixed a problem where the Staging Apache Maven plugin did not authenticate properly with HTTP proxy servers. [NEXUS-10502]
Support Upgrading Proxy Repositories of maven.oracle.com
We have implemented changes that will allow you to upgrade your existing Maven proxy repository of maven.oracle.com into the Nexus Repository Manager 3.2.1 release. Another barrier to upgrading to Nexus Repository Manager 3.x has been eliminated. [NEXUS-10164]
Performance
Analysis of heap dumps from some complex customer setups has helped us identify a way to significantly reduce memory consumption in circumstances where there are large sets of group repository members.[NEXUS-12276]
General Improvements
- [NEXUS-10502] Bug nexus-staging-maven-plugin does not use proxy authentication credentials
- [NEXUS-12276] Improvement reduce JVM heap memory consumed by group repository 404 not found responses performance
- [NEXUS-11909] Improvement content requests to Nexus 2 by migration agent should avoid HTTP 404 Not Found caused by URL encoding