2019 Release Notes

Repository Manager 3.15.2


Sonatype is pleased to announce the immediate availability of Nexus Repository 3.15.2. A summary of the highlights in this release is shown below.

Search Hotfix


Fix search filtering using repository query parameter, when group repository is entered (REST and UI).

Docker image


Our official Docker image switches to OpenJDK as our recomended Java Runtime Environment. It's worth checking whether the difference has impact on your deployment (e.g., contains a different system trust store that may affect your SSL connections).

Repository Manager 3.15.1


Sonatype is pleased to announce the immediate availability of Nexus Repository 3.15.1. A summary of the highlights in this release is shown below.

NPM Hotfix


Fix anti-cross-site request forgery token mismatch blocking valid npm client publish and login.

Repository Manager 3.15.0

We have found an issue in this release that affects NPM users, as well as using the REST search filtering by repository group names. We recommend NPM and/or REST search users upgrade immediately to 3.15.2-01 (see Download Archives for access) or newer.


Sonatype is pleased to announce the immediate availability of Nexus Repository 3.15.0. A summary of the highlights in this release is shown below.

See the complete release notes for all resolved issues.

New and Noteworthy

Dynamic Storage

For our Professional licensed customers, we added a new level of flexibility for administrators when planning and updating their blob stores. Multiple blob stores can be combined into a Blob Store Group. These groups allow an individual repository to use storage across multiple locations and devices. Member blob stores can be added or removed from a group to ease the burden of migrations. Also added Fill Policies which give administrators more control and insight into how components are being stored.

For all our users (OSS and PRO) we have added Soft Quota which allow you to receive a warning when your blobstore has reached a configured metric.

For more detail, see our documentation Storage Guide.

UI Upload left files in temporary directory after upload was complete


This bug would cause temp files to be left behind when the UI Upload feature was used. This could cause eventual disk space issues that would not be cleaned up by the standard NXRM cleanup tasks. This ticket fixes the issue going forward but does not assume to delete anything from the file system. If you utilize Upload UI frequently, we recommend checking the temp directory to see if you can get some disk space back.

Use HTTPS for outreach Base URL


In order to promote security, we changed our Welcome Outreach capability to use HTTPS instead of HTTP.

Analytics plugin deprecated

Due to complications, the Analytics plugin and respective pages within the application have been removed from the system. If it is restored, we will have a new feature release note.

General Improvements


  • [NEXUS-18252] Repository manager will not start on blobstore problems or errors


  • [NEXUS-15095MissingBlobException can occur when publishing Maven index
  • [NEXUS-18196] ArrayIndexOutOfBoundsException when uploading large POM


  • [NEXUS-12684HEAD request to /v2/<name>/manifests/<reference> results in 404 error
  • [NEXUS-18263] Docker proxy repositories configured with a remote URL including extra path info will not proxy correctly
  • [NEXUS-18353] Can't proxy older gcr.io Docker images


  • [NEXUS-18100] LDAP UI does not reflect configuration
  • [NEXUS-13626] Made Privileges box wider so Privileges fit
  • [NEXUS-7996] Changing dropdown does not show users list until refresh


  • [NEXUS-18564 Delete orphaned API keys task run before any other HTTP activity can stop some LDAP operations


  • [NEXUS-16964] Upgrade from 2.14.8 to 3.10.0 may prevent download of rubygems hosted repository gems


  • [NEXUS-17501] Caching of NuGet metadata causes thread serialization, query slowdowns under load performance


  • [NEXUS-14465] PyPI hosted repository does not send etag header
  • [NEXUS-17903] PyCharm does not work with PyPI repository
  • [NEXUS-18187] PyPI proxy of https://bloomberg.bintray.com/pip does not work
  • [NEXUS-16401] PyPi hosted repository packages can only be searched by pep-0503 normalized name


  • [NEXUS-18345] Running a "/search/assets" REST API call with just a "repository" query parameter does not give full results

Scheduled Tasks

  • [NEXUS-12828] Submitting more than 20 tasks at once causes ERROR for some tasks

Content Selectors, Tree View

  • [NEXUS-15085] Tree View is slow when there are large numbers of content selector privileges

Tree View

  • [NEXUS-16384] Maven SNAPSHOT timestamp versioned files are not direct children to the base snapshot version in tree or html view
  • [NEXUS-14682] Support deleting all assets under entire selected tree nodes
  • [NEXUS-15179] Deleting last pom leaves folder shell


  • [NEXUS-18119] New role not available for use until role page revisited
  • [NEXUS-12100] Delete button on component and asset is active even without permission to do so

Upload UI

  • [NEXUS-18276] UI upload leaves files in temporary directory after upload is complete
  • [NEXUS-18494] UI upload fails if it takes more than 60 seconds


  • [NEXUS-18299] JsonSyntaxException attempting to create Webhook capability


  • [NEXUS-18261] Hosted yum metadata not rebuilding due to parsing issues in the path being queried

Search, Tree View

  • [NEXUS-18617] Disable asset download count feature in all new/upgraded installations

Maven, Search

S3, Blobstore

  • [NEXUS-18631] Allow multipart copy for AWS S3 blob storage