The following two snapshot paths are invalid and should really be rejected with 400 response.
I am seeing inconsistent behaviour in both Nexus 2 and Nexus 3 when using a direct deploy method like below.
- Nexus 2 uploads with 201 response
- Nexus 3 fails with 400 response
- Nexus 2 fails with 400 response
- Nexus 3 works with 201 response
Nexus 2.x: We will not be making a change to Nexus 2.x codebase due to the potential regression risks related to users deploying or retrieving non-timestamped SNAPSHOT versions, which Apache Maven 2.x and Maven 1.x did allow.
Nexus 3.x: Nexus 3.x has dropped Maven 1.x support.
Nexus 3.x must allow deployments and retrieval of two types of SNAPSHOT versioning schemes:
- example-1.0-SNAPSHOT.jar ( deprecated and not recommended in industry )
- example-1.0-20171208.202054-1.jar ( preferred and modern )
All other invalid paths should be rejected for STRICT policy. Keep in mind there is a very strict layout for Maven 2 format repos.
The literal example-1.0-SNAPSHOT.jar form of file name is possible in Maven 2.x or versions of Apache IVY. Sonatype does not recommend using non-timestamped snapshot versioning schemes, and we do not optimize for that use case, however if you do it should work.