Sonatype Nexus Repository 3.58.0 - 3.58.1 Release Notes
Highlights in This Release
Critical Fix for 3.57.0 and 3.58.0 Deployments Using Sonatype Repository Firewall (3.58.1)
This release fixes a critical bug that could allow users to unintentionally download quarantined components. The bug impacts 3.57.0 and 3.58.0 Sonatype Nexus Repository deployments using Sonatype Repository Firewall. Read more below
Restored Admin - Change repository blob store Task for Deployments Using PostgreSQL or H2 PRO (3.58.0)
We have re-enabled the Admin - Change repository blob store task for Sonatype Nexus Repository deployments using PostgreSQL or H2 databases. We are also providing performance testing information to help you plan before using this task, which often takes substantial time to complete. Read more below
This release includes multiple bug fixes. Read more below
What's New in 3.58.1?
Released July 21, 2023
Critical Fix for 3.57.0 and 3.58.0 Deployments Using Sonatype Repository Firewall
This release fixes a critical bug impacting Sonatype Nexus Repository 3.57.0 and 3.58.0 deployments that use Sonatype Repository Firewall.
This bug could allow for users to unintentionally download quarantined components. We have retracted versions 3.57.0 and 3.58.0; please use 3.57.1 or 3.58.1 instead.
What's New in 3.58.0?
Released July 17, 2023
Restored Admin - Change repository blob store Task for Deployments Using PostgreSQL or H2 PRO
The Admin - Change repository blob store task is a popular Pro feature that allows you to change the blob store source for a hosted repository. This can be helpful when moving from a local volume blob store to S3, from one S3 bucket to another, etc.
In 3.45.0, we disabled the Admin - Change repository blob store task after discovering multiple issues that could result in data loss. In this release, we have made changes to this task and are re-enabling it for deployments using H2 or PostgreSQL databases. We are also providing performance testing information to help you appropriately plan for the significant time it can take for this task to complete.
Due to known issues related to OrientDB, the Admin - Change repository blob store task remains deactivated for deployments using OrientDB while we continue to investigate these issues.
As noted above, we are also providing Admin - Change repository blob store performance testing data, which is now available in our help documentation. You will see from this data that the task usually takes significant time to complete; the amount of time depends on scenario (file to S3; S3 to S3; etc.) and the amount of data you are attempting to move. While our performance data is based on strictly controlled and limited scenarios, we hope you can use it to help plan for how you will use this task going forward.
Support for Firewall Customizable Quarantine Message
As detailed in the Sonatype IQ Server version 165 release notes, Sonatype Repository Firewall recently added a new property to the Configuration REST API to allow Application Security teams to set meaningful remediation messages that will be visible in the command line should developers request components quarantined by Sonatype Repository Firewall. This new Firewall feature requires Sonatype Nexus Repository 3.58.0+ and IQ Server 165+. See the Firewall Custom Quarantine Message help documentation for full details.
|Docker Subdomain connectors work with nGrok again as expected.|
Added logging for and made Rubygems - Generate SHA256 Checksums and Repair - Update attributes for RubyGems tasks configurable via the user interface. See the Tasks documentation for details on these tasks.