2020 Release Notes
Nexus Repository Manager 3.29.1
2020-12-24
These notes are a compilation significant bug fixes for Nexus Repository Manager 3.29.1.
A flaw ( NEXUS-26251 ) has been discovered in Cleanup Policies affecting version 3.29.1. Repositories with a cleanup policy can have components soft deleted that do not meet the criteria specified.
An upgrade to 3.29.2 or newer is strongly recommended especially for instances that use Cleanup Policies. If this is not possible, any 3.29.1 instance is advised to take the following action:
- As an Administrator user, navigate to Administration → System → Tasks.
- Select the task of type Admin - Cleanup repositories using their associated policies. The default task name is
Cleanup service. Click the task Settings tab. - Uncheck the Task enabled checkbox on the Settings tab and click Save.
Bug Fixes
Blobstore, Docker, Scheduled Tasks
- [NEXUS-25504] Unable to pull images from hosted docker repo after move to new blob store
helm
- [NEXUS-25611] Installing via helm proxy errors if not using official remote
npm-audit
- [NEXUS-25936] npm audit fails with 500 response using group and anonymous
NuGet V3
- [NEXUS-25801] Group repository registration API requests may fail
Staging
- [NEXUS-24391] 'Destination already contains component' error when using staging API
Nexus Repository Manager 3.29.0
Includes Security Fix for XML External Entity CVE. See the CVE-2020-29436 advisory for details.
Sonatype recommends that administrators running 3.28.1 and earlier upgrade immediately.
2020-12-04
These notes are a compilation of new features and significant bug fixes for Nexus Repository Manager 3.29.0.
New and Noteworthy
Filtering npm Package Root Metadata
A common pattern in npm projects is to use version ranges for dependencies for users of Nexus Firewall this could lead to build failures if quarantine is enabled for unknown components when builds occurred before a package was catalogued. Firewall is now smarter, and when configured it will filter new packages that haven’t yet been vetted for quality so developers can use latest and version ranges without friction.
Deprecating /service/metrics/healthcheck
NEXUS-19840
The /service/metrics/healthcheck endpoint has been deprecated and scheduled for eventual removal. It is recommended to use the alternative endpoint /service/rest/v1/status/check which has a near equivalent JSON response, except it does not return 500 status when one or more system status checks fail.
Support for Maven and Gradle SHA256/SHA512 Hashing
These hashes are now created automatically during UI Upload of jars and automatically removed when the accompanying components are removed by cleanup policies or maven-specific deletion tasks.
Remote URL of nuget.org-proxy Defaults to V3 for New Installs
NEXUS-25506
New installs will now contain the default NuGet proxy repository as https://api.nuget.org/v3/index.json. Upgrading will not modify any existing remote URLs, although users are encouraged to start migrating away from using NuGet V2 API URLs such as the previous default (https://www.nuget.org/api/v2/).
More Secure Direct Inbound HTTPS Connection Ciphers and TLS Protocols
NEXUS-20267, NEXUS-25786
For instances using Eclipse Jetty-based direct inbound HTTPS connections (no reverse proxy), the default connector configration inside jetty-https.xml now only allows TLS v1.2 connections. Excluded are weak ciphers, deprecated TLS v1 and TLS v1.1 protocols.
It is possible that very old insecure HTTP clients may fail establishing an HTTPS connection to repository manager using these new defaults. Should this occur and you need to revert changes in your instance, consult the JIRA issues or our knowledge base article.
General Improvements
- [NEXUS-25307] Protection against deletion of related blob stores while the Change repository blob store task is executing
- [NEXUS-14631] Added more attributes to REST resource for asset
- [NEXUS-19021] Logging at default levels when roles are added or removed
- [NEXUS-25774] Upgraded Eclipse Jetty to 9.4.33.v20201020
Bug Fixes
Blobstore
- [NEXUS-23733] Creating more than one file based blobstore using the same root path is not prevented
Crowd, REST
- [NEXUS-25529] Security management: Users API does not show "externalRoles" for Crowd
Proxy Repository
- [NEXUS-25510] Error Response Code 429 (Rate Limiting) does not autoblock
NuGet V3
- [NEXUS-25291] Proxy can be configured only using a specific remote in UI field
- [NEXUS-25605] Proxy repositories to github package registry can fail query requests when accessed in a group repository
- [NEXUS-25478] Group packages incorrectly sorted in page causing some installs to fail
- [NEXUS-25357] Proxy does not work with some third-party V3 repositories
npm-audit
- [NEXUS-24913] npm audit caching prevents policy updates
NuGet
- [NEXUS-25609] Exception processing payloads for a single NuGet group member repository can stop all group member processing
R
- [NEXUS-23827] PACKAGES.gz cannot be updated if repository doesn't allow redeploy
Security
- [NEXUS-25829] CVE-2020-29436: Fixes an XXE Vulnerability
Transport
- [NEXUS-25158] HeaderPatternFilter may reject implicit Host value due to certain combinations of X-Forwarded headers
Yum
- [NEXUS-25604] Some newly deployed rpm files not showing up in primary.xml.gz, despite logging saying they are being added
- [NEXUS-25502] yum metadata is rebuilt after downloading it which can cause build failures
- [NEXUS-25628] yum metadata missing provides entries when multiple versions are provided by a package
Nexus Repository Manager 3.28.1
2020-10-19
NEXUS-25507
Fixed an issue that caused the Change repository blob store task to spawn too many threads.
Nexus Repository Manager 3.28.0
2020-10-01
These notes are a compilation of new features and significant bug fixes for Nexus Repository Manager 3.28.0.
New and Noteworthy
Group Deployment for npm (PRO only)
NEXUS-25099
Group Deployment will provide Nexus Repository Pro users a single URL (Group Repository) to push and pull npm packages with development CI build tools. This new feature delivers frictionless ecosystem support for developers as Group Deployment for npm replaces the need to know the various URLs for individual repositories.
To start using Group Deployment for npm, check out the setup and configuration details and start enjoying reduced storage and easier client and reverse proxy configurations.
Change Repo Blob Store (PRO only)
A flaw ( NEXUS-25507 ) was discovered in the Admin - Change repository blob store task that may cause NXRM 3.28.0 to crash. Users of this task are strongly adviced to update to version 3.28.1 or newer.
NEXUS-12016
The Change Repo Blob Store feature allows an administrator to migrate the component binaries of a repository from the current blob store to a different blob store. Administrators can now manage the mapping of repositories to blob stores even after they were initially configured.
The benefits include:
- Move repositories to a more suitable blob store (faster, bigger, cheaper, etc.)
- Separate Hosted repositories and Proxy repositories into their own blob stores and apply the appropriate backup strategies based on the needs of the business and SLAs
- Because this is implemented as a task, an administrator can start the task to move components and let the system handle the actual relocation of the binaries. The task can survive system restarts and continue from where it stopped.
Underlying code changes
Consolidated implementations of WritePolicy
NEXUS-25162
org.sonatype.nexus.repository.storage.WritePolicy has been moved to org.sonatype.nexus.repository.config.WritePolicy. This will impact any groovy scripts using the org.sonatype.nexus.script.plugin.RepositoryApi to create repositories.
TempBlob usage change
NEXUS-25209
Any scripts or third party plugins using org.sonatype.nexus.repository.storage.TempBlob will need to change to use of org.sonatype.nexus.repository.view.payloads.TempBlob.
Replaced Google Supplier with Java Supplier
NEXUS-25336
We've replaced the Google Guava Java supplier on our APIs, so people consuming or implementing them will need to update those usages to java.util.function.Supplier.
General Improvements
- [NEXUS-18283] Added ability to add Custom AWS S3 Regions to Blobstore Configuration
- [NEXUS-19572] Go format search
- [NEXUS-19858] Added confirmation when promoting a blob store
- [NEXUS-24904] excessive ERROR level log messages from 'org.eclipse.jetty.util.log.StdErrLog' reduced to INFO level
Bug Fixes
Docker
- [NEXUS-25378] docker pushes can fail due to 'InvalidContentException: Content type could not be determined performance'
- [NEXUS-25294] Version 3.0.0 Milestone7 backwards compatibility code is non-performant under load
- [NEXUS-25039] Download of docker tags from hosted repository can fail with 400 response
Docker, Scheduled Tasks
- [NEXUS-24718] Running Docker - Delete unused manifests and images task when blob storage is not available deletes all layers
Helm
- [NEXUS-24682] Helm repositories require the packages to be relative to the index.yaml
Import, Maven
- [NEXUS-24227] archetype-catalog.xml is imported by import task to a maven repository
- [NEXUS-24833] Import does not preserve lastBlobUpdated (last_updated) value from export
Logging
- [NEXUS-25347] org.eclipse.jetty loggers do not log messages if levels are edited
Logging, SAML
- [NEXUS-24916] SAML configuration error root causes are swallowed and not logged at default levels
npm-audit
- [NEXUS-24918] npm audit should not fail if package.json contains a dependency that can't be found
- [NEXUS-25156] npm audit doesn't fail fast when no IQ server is configured
NuGet
- [NEXUS-24868] Group does not export semver2 endpoints 'RegistrationsBaseUrl/Versioned' when used as NuGet V3
- [NEXUS-25296] 502 error if a NuGet V3 group contains a proxy with different NuGet version
Raw, UI
- [NEXUS-21107] Raw repo folders with special characters created using UI cannot be deleted
REST, Search
- [NEXUS-24998] Continuation token fails intermittently with 406 response
Yum
- [NEXUS-25190] Newly deployed RPM files do not always appear in Yum metadata files
Nexus Repository Manager 3.27.0
2020-09-03
These notes are a compilation of new features and significant bug fixes for Nexus Repository Manager 3.27.0.
New and Noteworthy
Group Deployment for Docker (PRO only)
Group Deployment will provide Nexus Repository Pro users a single URL (Group Repository) to push and pull Docker images with development CI build tools. This new feature delivers frictionless ecosystem support for developers as Group Deployment for Docker replaces the need to know the various URLs for individual repositories.
To start using Group Deployment for Docker, check out the setup and configuration details and start enjoying reduced Docker ports, reduced storage, and easier client and reverse proxy configurations.
General Improvements
- [NEXUS-25098] REST API for Conda repositories
Bug Fixes
Maven, Tasks
- [NEXUS-24988] Maven - Delete SNAPSHOT task deletes GAV level maven-metadata.xml files, resulting in 404 responses
npm audit
- [NEXUS-24917] npm audit fails for packages that are not all lowercase
NuGet V3
- [NEXUS-24837] Metadata query cache age and Maximum metadata age timeouts are ignored for metadata requests
- [NEXUS-24464] NuGet Signature validation goes out to https://api.nuget.org
UI
- [ NEXUS-24925 ] Unneeded JSESSIONID cookies returned
Nexus Repository Manager 3.26.1
2020-08-12
NEXUS-24867
Fix an issue starting server when multiple SSL certificates are present in the configured keystore.
Nexus Repository Manager 3.26.0
2020-08-10
These notes are a compilation of new features and significant bug fixes for Nexus Repository Manager 3.26.0.
New and Noteworthy
Eclipse Jetty HTTPS Connectors May Require Configuration Change
If you are upgrading or configuring NXRM to use a direct HTTPS connector, you may need to adjust the default etc/jetty/jetty-https.xml configuration file in order to successfully start NXRM. The symptoms and the adjustments to make to start NXRM 3.26.0 are outlined in NEXUS-24867.
Import and Export for Docker, PyPI, Rubygems and Yum (PRO only)
NEXUS-24788
Following the previous releases, we have added support for 4 additional formats to both the Import and Export tasks. Together with Maven, Raw, npm and NuGet support you can now:
- Import directly from Nexus Repository Manager v2
- Move components of these formats between Nexus Repository Manager v3 instances
General Improvements
- [NEXUS-23928] Update /beta/repositories REST endpoints updated to /v1. Beta endpoints still work.
- [NEXUS-23930] Update v1 REST endpoints for Security API. Beta endpoints still work.
- [NEXUS-24416] Yum repodata metadata handles multiple level rebuild better
- [NEXUS-24858] Repair - Reconcile component database from blob store task now includes NuGet format
Bug Fixes
Analytics, Support Tools
- [NEXUS-24226] Caching added to Prometheus metrics endpoint
Audit
- [NEXUS-24671] Audit log is not recording events even if feature is enabled
Docker, Scheduled Tasks
- [NEXUS-23065] Docker - Delete incomplete uploads task can stop if it errors reading a single asset
PyPI, Upgrade
- [NEXUS-23417] Upgrade may cause browse not to function
REST
- [ NEXUS-24601 ] Fix an error in sorting using the Search API
Nexus Repository Manager 3.25.1
2020-07-29
Sonatype is pleased to announce the immediate availability of Nexus Repository 3.25.1. The issues fixed in this release can be found below.
General Improvements
Browse Storage, IQ Integration
- [NEXUS-24488] Avoid excessive database queries in OSSIndex integration
- [NEXUS-24489] Batch requests from browse UI for OSSIndex
Maven, REST
- [NEXUS-24128] REST API delete requests for Maven components can have slow performance
Security
- [NEXUS-24771] a custom context path prevents sign in
Staging
- [NEXUS-24112] Staging move of Maven components can be very slow due to metadata rebuilds
UI
- [NEXUS-24612] Unable to browse repository - OssIndexVulnerabilityClient Timeout
Nexus Repository Manager 3.25.0
2020-07-13
These notes are a compilation of new features and significant bug fixes for Nexus Repository Manager 3.25.0.
New and Noteworthy
NuGet V3 Group
NEXUS-10886
NuGet V3 Group support gives Nexus Repository users access to the up-to-date V3 API. This is the third and final part of a wider initiative to bring full V3 support (Proxy, Hosted, and Group).
Import/Export for npm and NuGet formats (PRO only)
NEXUS-24561
In 3.23.0, we released the Import task with Raw and Maven support. In this release, we added npm and NuGet support. You will now be able to import content into repositories (or export content from repositories) of these formats. This allows you to:
- Import npm and NuGet components from Nexus Repository Manager v2
- Move npm and NuGet components between Nexus Repository Manager v3 (with the Export task)
General Improvements
- [NEXUS-24256] Password Complexity now enforcable
- [NEXUS-23923] Email REST API out of beta
beta endpoints will continue to work - [ NEXUS-24288 ] OSS Index Link Integration (OSS Only)
- [NEXUS-24568] Cache npm audit results to improve performance
- [NEXUS-30905] Add setting to determine if raw repository content is displayed as web page or downloaded
Bug Fixes
Docker
- [NEXUS-24124] OCI - Docker repos should respect accept headers
- [NEXUS-20640] docker push may fail with blob upload unknown due to race condition
Export
- [ NEXUS-24283 ] Repository export errantly tries to validate delta files for every asset, even in other repositories
LDAP
- [NEXUS-23895] Save of LDAP user and group settings fails with error
- [ NEXUS-23887 ] LDAP connection UI looks broken, constantly prompts for password
Maven,Scheduled Tasks
- [NEXUS-24098] Snapshot GAV metadata rebuilt incorrectly if packaging has multiple segments
NuGet
- [NEXUS-24222] Reduce likelihood of OOM when accessing NuGet feed
- [NEXUS-24248] NuGet V3 proxy fails to work with HA-C
- [NEXUS-24355] NuGet V3 - Impossible to use internal hosted/group/proxy as remote for proxy
- [NEXUS-24194] NuGet V3 Hosted - Search prerelease flag does not work
p2
- [NEXUS-23550] proxy repository does not work with some sites
Nexus Repository Manager 3.24.0
2020-06-08
These notes are a compilation of new features and significant bug fixes for Nexus Repository Manager 3.24.0.
New and Noteworthy
Export for Raw and Maven formats (Pro Only)
NEXUS-23854
Export enables customers to export Raw and Maven contents from any repository to a target folder. The exports can then be imported into another repository in the same instance or a totally different instance. This is a great way to migrate content between two or more Nexus Repository Manager Pro 3 installations. Future releases will incude additional support for NuGet, npm, RubyGems, Yum, Docker and PyPI.
To use Export, configure the task from Settings → Tasks → Create Task → Repository - Export assets as shown here:
NuGet V3 Hosted Support
NEXUS-23970
NuGet V3 Hosted support gives Nexus Repository users access to the up-to-date V3 API. This is the second part of a wider initiative to bring full V3 support (Proxy, Hosted, and Group). Group repository support will be the final stage in an upcoming release.
New REST APIs
Several new and improved REST endpoints in this release. See below tickets for specifics including upgraded Blobstore, Atlassian Crowd, and Nexus IQ endpoints. New REST endpoints have also been released including CocoaPods, Maven Group, Raw, and RubyGems repositories.
R EST
- [NEXUS-24091 ] REST API for CocoaPods repositories
- [NEXUS-23080] Maven Group REST API
- [NEXUS-24092] REST API for Raw repositories
- [ NEXUS-24093 ] REST API for RubyGems repositories
- [NEXUS-23798] REST API to enable User Tokens
- [NEXUS-23650] Allow REST API to Enable/Disable Anonymous Access
- [ NEXUS-23588 ] Repository Management API missing Yum Proxy
- [NEXUS-22147] REST API for R repositories
REST v1 endpoints (beta endpoints still active and fully functional)
- [ NEXUS-23922 ] Blobstores REST API out of beta
- [ NEXUS-23932 ] Crowd REST API out of beta
- [ NEXUS-23924 ] IQ REST API out of beta
- [ NEXUS-23925 ] LDAP API out of beta
- [ NEXUS-23926 ] License API out of beta
- [ NEXUS-23929 ] Routing Rules API out of beta
General Improvements
- [ NEXUS-23897 ] Memory settings in docker image standardized to our recommended minimums
This changes default memory allocations from 1200m to 2703m as well as a larger heap. If your instance cannot handle these settings you may need to make manual adjustments but be aware your instance is likely under resourced in this case. - [ NEXUS-23870 ] "Node already has an asset" for browse tree rebuild no longer fails Transactions status check
Bug Fixes
Docker
- [NEXUS-23903] Long running database queries for Docker repositories can lead to thread and db connection pool exhaustion performance
Maven, Scheduled Tasks
- [NEXUS-23800] Race condition in lazy maven metadata rebuild causes build failures, slow builds
REST
- [NEXUS-23872] Unable to set repository HTTP client auth via REST
UI
- [NEXUS-19529] Viewing the UI repositories list will trigger s3 blobstore metrics retrieval even if that blobstore is not used
Nexus Repository Manager 3.23.0
2020-05-05
We are pleased to present Nexus Repository Manager 3.23.0.
Import for Raw and Maven formats (Pro Only)
NEXUS-23853
In Nexus Repository Manager 3.23.0, we focus on importing content from an external source and for a subset of formats. This can help customers migrate content from Nexus Repository Manager 2 to Nexus Repository Manager 3 at their own pace.
Import is implemented as a task. You can configure the Repository - Import external files task from Settings → Tasks → Create Task as show here:
Nexus Intelligence via npm audit
NEXUS-16954
We are excited to announce enhanced Javascript support with Nexus Intelligence via npm audit for Nexus Repository Manager. Nexus Intelligence via npm audit will allow developers to check for policy violations in their Javascript projects, using the npm audit command built into the npm CLI, coupled with the precise data of Nexus Intelligence . Running the npm audit command lists all known vulnerable dependencies from your package.json file while gaining the benefits of the most precise intelligence regarding security vulnerabilities, license risk, and architectural quality of open source components.
This feature will be available to both Nexus Repository OSS and Pro users and will require a license of Nexus Firewall or Nexus Lifecycle (Nexus IQ version 89 and above). Nexus Repository Manager admins can enable Nexus Intelligence via npm audit across all development teams without having to modify any setup on the developers’ machines.
General Improvements
- [NEXUS-21087] (Docker) Support OCI registry format
- [NEXUS-23436] Clearer anonymous panel for upgrade wizard
Bug Fixes
Docker
- [NEXUS-23360] Infinite loop for authorization to registry.connect.redhat.com
Helm
- [NEXUS-23548] Helm Chart Repository API version format incorrect
NuGet
- [NEXUS-20349] NuGet repository returns multiple versions as islatest=true
PyPI
- [NEXUS-23420] NonResolvablePackageException thrown when downloading a package through the PyPI group
- [NEXUS-23398] Retrieval of some packages from PyPI fails
- [NEXUS-23487] PyPI repository returns 500 error response if remote returns an invalid response.
Miscellaneous
- [NEXUS-23379] Invalid content returned through proxy prevents valid content from being retreived
- [NEXUS-23616] Blob Store API allows users to create a blobstore without path
Nexus Repository Manager 3.22.1
Includes Security Fix for Improper Access Control CVE. See the CVE-2020-11753 advisory for details.
Sonatype recommends that administrators running 3.22.0 and earlier upgrade immediately.
2020-04-16
General Improvements
Security
- NEXUS-23556 - CVE-2020-11415: LDAP system credentials can be exposed by admin user
- NEXUS-23504 - Privileged user can create, modify and execute scripting tasks
SAML
- NEXUS-23359 - NPE thrown if IdP metadata does not contain SingleLogoutService element
- NEXUS-23348 - UI Login SSO Button does not respect the nexus-context-path
Conan
- NEXUS-23352 - Conan integration in 3.22.0 does not handle Header Only packages
Nuget
- NEXUS-23399 - NuGet v3 proxy repository will not serve cached content if remote is blocked
Tasks
- NEXUS-23396 - Admin - Cleanup repositories using their associated policies task should lazily mark maven metadata for rebuild
Nexus Repository Manager 3.22.0
Includes Security Fix for Improper Access Control CVE. See the CVE-2020-11444 advisory for details.
Sonatype recommends that administrators running 3.21.2 and earlier upgrade immediately.
2020-03-27
New and Noteworthy
SAML Authentication support
NEXUS-20939
Nexus Repository Manager allows users to authenticate with SAML identity providers.
Note: The fix for NEXUS-22770 will cause some content previously cached in PyPi proxy repositories to be removed. This only affects proxy repositories, and the content will show up again as your builds request it. Please see the issue for details.
Conan Format support
NEXUS-14310
Nexus Repository Manager now provides native support for proxying Conan repositories. Conan is a C/C++ package manager.
General Improvements
REST
- [NEXUS-21910] Additional REST provisioning support for npm, NuGet and PyPI repositories
[NEXUS-22896] performance regression in search REST API
Security
- [NEXUS-23377] CVE-2020-11444: Improper Access Control
- [NEXUS-5716] All signed-in users can be assigned a default role
[NEXUS-23272] Inability to add * permission to user on 3.21.2
[NEXUS-16159] "Require user tokens for repository authentication" now enforced properly
Maven
- [NEXUS-23393] a GA level maven-metadata.xml GET request may trigger rebuilding unrelated GA maven-metadata.xml
- [NEXUS-23392] potentially long running transaction rebuilding metadata triggered by GET of GA level maven-metadata.xml while under concurrent access
- [NEXUS-22602] Repair - Rebuild Maven repository metadata (maven-metadata.xml) task with GA restrictions does not work
npm
[NEXUS-22245] Cannot delete npm scoped folder via UI
NuGet
[NEXUS-23048] Allow proxying NuGet packages hosted by GitHub Packages
PyPI
[NEXUS-22770] Change in stored PyPI proxy package paths creates duplicate assets and breaks browse node creation
Tasks
[NEXUS-22054] "Repair - reconcile component database from blob store" task does not remove invalid component db references.
[NEXUS-22729] Cleanup Policy task results in removal of maven-metadata from non-timestamped snapshots
Nexus Repository Manager 3.21.2
2020-03-23
Contains fixes for security vulnerabilities, it is recommended that administrators running earlier versions upgrade immediately.
Disabled Groovy Scripting By Default
In order to make NXRM more secure, we have disabled Groovy scripting engine by default. This affects Groovy scripts as used through the REST API and through scheduled tasks.
For more information (including how to re-enable Groovy scripting), see NEXUS-23205.
NEXUS-23146
Fixes a remote code execution vulnerability.
NEXUS-23147
Fixes a remote code execution vulnerability for users with administrator permissions.
NEXUS-23148
Fixes a stored cross-site scripting vulnerability
Nexus Repository Manager 3.21.1
2020-02-18
Removes a broken menu entry incorrectly appearing for some users.
Nexus Repository Manager 3.21.0
2020-02-18
Sonatype is pleased to announce the immediate availability of Nexus Repository 3.21.0. The issues fixed in this release can be found below. See the complete release notes for all resolved issues.
New and Noteworthy
p2 Format support
NEXUS-11730
Nexus Repository Manager now provides native support for proxying p2 repositories. p2 is a technology for provisioning and managing Eclipse- and Equinox-based applications.
Note
This implementation does not include any ability to migrate p2 repositories from NXRM2 to NXRM3. Interest for that feature is being tracked in NEXUS-22824.
Helm Format support
NEXUS-13325
Helm is the first application package manager running atop Kubernetes(k8s). It allows describing the application structure through convenient helm-charts and managing it with simple commands.
NuGet V3 Proxy support
NEXUS-10886
NuGet V3 Proxy support gives Nexus Repository Manager users access to the up-to-date V3 API. This is the first part of a wider initiative to bring full V3 support, group and hosted will follow in future releases.
Serve Yum GPG key URLs
NEXUS-16251
Nexus Repository Manager now provides a common facility to allow RPM clients to get GPG keys to verify package signatures in remote repositories.
npm ping support
NEXUS-13434
Nexus Repository Manager is providing npm cli ping support.
General Improvements
Docker
- [NEXUS-18186] Disabling redeploy for a private Docker repo breaks the "latest" tag
Audit
[NEXUS-21730] Audit log does not log all attributes for repository change events
Blobstore, Scheduled Tasks
- [NEXUS-21329] "Remove a member from a blob store group" task processes missing files in the source blob store
Cleanup
- [NEXUS-18905] Cleanup tasks fail with "No search context found for id" error
Crowd
- [NEXUS-13306] Usernames containing non URL safe characters cannot authenticate using the Crowd realm
NuGet
- [NEXUS-16009] Browse tree for NuGet proxy repositories shows packages that are not locally cached
PyPI
- [NEXUS-22051] PyPI group merge is not case sensitive
R
- [NEXUS-22351] R PACKAGES file lost on upgrade to 3.20.x
RubyGems
- [NEXUS-17477] Unable to install hosted gem which has multiple version requirements
Yum
- [NEXUS-22052] Yum Metadata not rebuilt after staging deletion of rpm