Closed eric-anderton-at-sony closed 5 years ago
mpoindexter
commented
5 years ago @darthhater has a pull request open for this, but I probably won't have time to look at it until mid next week. You could pull from his branch and test it out: https://github.com/sonatype-nexus-community/nexus-repository-apt/pull/80
eric-anderton-at-sony
commented
5 years ago @mpoindexter - awesome thanks!
stohrendorf
commented
5 years ago Any progress in this? It's been open for quite some time now, so I doubt there are serious problems with #80, except for #84.
premsair
commented
5 years ago i have tested #80 and it seems to work fine. I see that there is a cleanup policy feature released in nexus 3.14 which allows a user to select a defined cleanup policy per package type while creating a repo. Is there any plan to integrate that into apt repo creation ?
p.s: please ignore my lack of knowledge if it could be achieved in a different way and let me know
DarthHater
commented
5 years ago @premsair I can merge #80 if you'd like (let me know). As for a cleanup policy, if I have some free time come up I'll see if I can contribute one in!
premsair
commented
5 years ago @DarthHater Yes, I believe it can be merged.
DarthHater
commented
5 years ago Merged! Closing this, feel free to reopen if there is a need!
Thanks for creating an issue! Please fill out this form so we can be sure to have all the information we need, and to minimize back and forth.
Install the plugin .jar on Nexus 3.14.
Sonatype just announced multiple CVEs for Nexus 3.13. Upgrading may not be feasible as i haven't been able to get the compiled .jar to function with Nexus 3.14.
All I can ask is that the software is endorsed for Nexus 3.14. Thank you.
I may be in error. I ran a single experiment yesterday where I modified the provided Dockerfile to use Nexus 3.14, and Nexus simply refused to run with the .jar file installed. If I'm wrong about all this - awesome! All we need is an updated Dockerfile so people can move on from 3.13, which is now insecure.