Nexus Repository Manager 3.3 Release Notes
These notes are a compilation of new features and significant bug fixes for Nexus Repository Manager 3.3.
See the complete release notes for all resolved issues.
New and Noteworthy
Git LFS Support
Nexus Repository is first to market with free support for Git LFS.
Downloading or sharing large binary files, such as videos, images, audio recordings, and database files, can slow down the development process and negatively impact the performance of a DevOps tool chain. By managing these components in Nexus Repository, organizations can save time and benefit from increased availability, ease of file sharing, and the ability to better control access to Git LFS components.
Nexus Repository lets you store all of your software binaries, including Git LFS in a single location. With the introduction of Git LFS support, Nexus Repository now offers free support for eight components formats, including: Java, npm, NuGet, RubyGems, PyPI, Bower, and Docker.
Once you give our Git LFS support a try, we would love to hear how this feature works for you. Let us know at email@example.com.
Repository Health Check Revamped!
We’ve made a significant overhaul to how Repository Health Check (RHC) works. Our goal was to make it easier for repository administrators to not just understand, but to improve the health of their repositories over time.
RHC now shows the top five components in need of remediation, prioritized by the severity and impact of the vulnerability. It also provides download trends to help you understand how the health of your repositories is changing over time.
If you are using Nexus Repository and have not yet turned on the RHC feature, start today. What’s the urgency? Perhaps you have not read the 2016 State of the Software Supply Chain Report that indicated 1 in 16 open source components downloads has a known security vulnerability. It’s time to know what’s in your repo.
Browsing and Proxy Repository Performance Issues Squashed
We continue to squash performance issues as they surface. This release includes some significant fixes that were affecting proxy repository cache throughput and Browse UI rendering. Try this new release - you should notice immediate gains in performance especially in these areas.
We are working some known issues with Search performance and we hope to have these rectified soon.
Upgrade Improvements and Requirements
If you’re upgrading to 3.3 from Nexus Repository 2.x, you must first upgrade your installation to 2.14.4.
We've corrected an issue where the upgrade process could fail if it encountered invalid or corrupt NuGet components in the 2.x repository.
We’ve also tightened the validation of proxy repository configuration to prevent blank or invalid remote repository URLs. Before upgrading to 3.3.0 from 3.2.1 or earlier, please ensure that your proxy repository remote URLs are valid.
- [ NEXUS-12496] Bug FileBlobStore error handling makes it impossible to see what blob causes a runtime exception
- [ NEXUS-12676] Bug BlobStoreException should implement toString() to facilitate better exception messages
- [ NEXUS-10540] Bug BlobStoreManagerImpl is not thread-safe
- [ NEXUS-12678] Bug Browse assets or components user interface slow to respond performance
- [ NEXUS-12360] Improvement expose blob created and updated dates to avoid confusion with last updated date
- [ NEXUS-10621] Bug DefaultCapabilityRegistry is not thread-safe
- [ NEXUS-12285] Bug Remote Storage URL should be a required for proxy repository configuration
- [ NEXUS-12404] Bug Crowd cache entries do not expire properly
- [ NEXUS-12040] Bug Faulty handling of query timeouts in OrientAsyncHelper.QueueConsumingIterable
- [ NEXUS-11972] Bug JobStoreImpl should skip over malformed records to allow nexus to start
- [ NEXUS-12255] Bug book mentions upgrade options that are not available
- [ NEXUS-12644] Improvement add support for git-lfs
- [ NEXUS-12020] Bug LDAP cache entries do not expire properly
- [ NEXUS-10533] Bug EnterpriseLdapManager is not thread-safe
- [ NEXUS-12250] Bug "Generic LDAP Server" UI configuration template should not have password attribute set by default
- [ NEXUS-12242] Bug repository requests to paths containing certain characters may fail with status 500 "Illegal character in path at index"
- [ NEXUS-12334] Bug Log spam when a user's session expires while viewing the repositories UI
- [ NEXUS-12355] Bug MavenModels throws an IOException when attempting to parse an empty InputStream
- [ NEXUS-12081] Bug Upgrade never completes if source repository has zero length files in it
- [ NEXUS-11965] Bug npm install fails with 500 error when user has Group level privileges
- [ NEXUS-12483] Bug invalid nexus 2.x NuGet repository files will cause nexus 3.x upgrade to fail with NullPointerException
- [ NEXUS-12337] Bug NuGet queries against asset attributes can be slow due to non-optimized indexes performance
- [ NEXUS-12338] Bug query parameter names for NuGet search requests are not case-insensitive
- [ NEXUS-12484] Bug targetFramework attribute in NuGet nuspec file is rendered as Unsupported
- [ NEXUS-12677] Bug proxy repository default negative cache size is too low to be effective performance
- [ NEXUS-10059] Bug 404 response from Nexus 2 proxying Nexus 3 due to auto-routing
- [ NEXUS-12077] Bug Auto-blocked proxy repository logs gigantic stack trace, doesn't say what was blocked, or why
- [ NEXUS-12527] Bug Nexus will not deliver files from the on-disk cache of a proxy repository if their metadata/artifact max age has expired and the remote is not reachable performance
- [ NEXUS-10503] Bug RepositoryManagerImpl is not thread-safe
Repository Health Check
- [ NEXUS-12645] Improvement make the Repository Health Check summary useful for discovering vulnerable components
- [ NEXUS-12367] Bug UI Danger error message when enabling RHC on a Maven Snapshot Repo.
- [ NEXUS-12481] Bug NullPointerException while rebuilding maven metadata if database operations timeout
- [ NEXUS-11238] Bug Repository View - Browse permission grants too much access security
- [ NEXUS-12852] Bug certain responses may print absolute file system paths in the response
- [ NEXUS-10477] Bug SSL key/trust store is not thread-safe
- [ NEXUS-11190] Bug java.nio.file.NoSuchFileException for inaccessible mounts prevents support zip generation
- [ NEXUS-12091] Bug HTTP Proxy host name setting accepts invalid characters such as space which can prevent server start
- [ NEXUS-12673] Improvement display given roles in alphabetical order by name instead of arbitrary order compatibility
- [ NEXUS-12535] Bug Manage Privileges search dialog loses cursor focus
- [ NEXUS-10774] Bug the icon to collapse user interface feature menu can be easily confused for a back navigation button
- [ NEXUS-12693] Bug Create wildcard privilege form does not redirect to list view on success
- [ NEXUS-11231] Bug Require User Token setting not enforced security