Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-16393

NullPointerException when merging group GAV maven-metadata.xml for non-timestamped snapshot

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.8.0
    • Fix Version/s: 3.11.0
    • Component/s: Maven
    • Labels:
    • Story Points:
      2

      Description

      Nexus 3.8.0 gets an NPE when merging GAV level maven-metadata.xml files from non-timestamped snapshot deploys.

       Example maven-metadata.xml file:

      <?xml version="1.0" encoding="UTF-8"?>
<metadata>
  <groupId>org.sonatype</groupId>
  <artifactId>project</artifactId>
  <version>1.1.5-SNAPSHOT</version>
  <versioning>
    <snapshot>
      <buildNumber>1</buildNumber>
    </snapshot>
    <lastUpdated>20180227155805</lastUpdated>
  </versioning>
</metadata>

      When this file is merged with another repository's maven-metadata.xml file at the group level you get an NPE, and a 500 response:

      2018-02-27 10:04:10,600-0600 WARN  [qtp335821775-167] admin org.sonatype.nexus.repository.httpbridge.internal.ViewServlet - Failure servicing: GET /repository/maven-public/org/sonatype/project/1.1.5-SNAPSHOT/maven-metadata.xml
java.lang.NullPointerException: null
	at org.sonatype.nexus.repository.maven.internal.group.RepositoryMetadataMerger.ts(RepositoryMetadataMerger.java:379)
	at org.sonatype.nexus.repository.maven.internal.group.RepositoryMetadataMerger.mergeVersioning(RepositoryMetadataMerger.java:337)
	at org.sonatype.nexus.repository.maven.internal.group.RepositoryMetadataMerger.merge(RepositoryMetadataMerger.java:264)
	at org.sonatype.nexus.repository.maven.internal.group.RepositoryMetadataMerger.merge(RepositoryMetadataMerger.java:191)
	at org.sonatype.nexus.repository.maven.internal.group.RepositoryMetadataMerger.merge(RepositoryMetadataMerger.java:87)
	at org.sonatype.nexus.repository.maven.internal.group.MavenGroupFacet.mergeAndCache(MavenGroupFacet.java:125)
	at org.sonatype.nexus.repository.maven.internal.group.MergingGroupHandler.doGet(MergingGroupHandler.java:98)
	at org.sonatype.nexus.repository.group.GroupHandler.handle(GroupHandler.java:81)
	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80)
	at org.sonatype.nexus.repository.storage.UnitOfWorkHandler.handle(UnitOfWorkHandler.java:39)
	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80)
	at org.sonatype.nexus.repository.view.handlers.ContentHeadersHandler.handle(ContentHeadersHandler.java:44)
	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80)
	at org.sonatype.nexus.repository.view.handlers.ConditionalRequestHandler.handle(ConditionalRequestHandler.java:72)
	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80)
	at org.sonatype.nexus.repository.view.handlers.ExceptionHandler.handle(ExceptionHandler.java:44)
	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80)
	at org.sonatype.nexus.repository.security.SecurityHandler.handle(SecurityHandler.java:52)
	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80)
	at org.sonatype.nexus.repository.view.handlers.TimingHandler.handle(TimingHandler.java:46)
	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:80)
	at org.sonatype.nexus.repository.view.Context.start(Context.java:114)
	at org.sonatype.nexus.repository.view.Router.dispatch(Router.java:63)
	at org.sonatype.nexus.repository.view.ConfigurableViewFacet.dispatch(ConfigurableViewFacet.java:52)
	at org.sonatype.nexus.repository.view.ConfigurableViewFacet.dispatch(ConfigurableViewFacet.java:43)
	at org.sonatype.nexus.repository.httpbridge.internal.ViewServlet.dispatchAndSend(ViewServlet.java:211)
	at org.sonatype.nexus.repository.httpbridge.internal.ViewServlet.doService(ViewServlet.java:173)
	at org.sonatype.nexus.repository.httpbridge.internal.ViewServlet.service(ViewServlet.java:126)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)

       

      Reproduce Case:  Create two snapshot repositories, put them in a group repository.  Deploy a normal timestamped snapshot into the first one.  For the second one, put "<uniqueVersion>false</uniqueVersion>" in the distributionManagement section in the pom file, and deploy using 2.2.1.  

      Then attempt to retreive the GAV level maven-metadata.xml file through the group repository.

       

      Expected #1: Nexus should be able to handle files like these, there are still commonly used tools  (Ivy) that can't deploy timestamped snapshots.

      Expected #2: In the more general case, if Nexus encounters a maven-metadata.xml file it can't parse during merge it should log a warning, and ignore the bad file.

       

        Attachments

          Activity

            People

            Assignee:
            bradbeck Brad Beck
            Reporter:
            rseddon Rich Seddon
            Last Updated By:
            Peter Lynch
            Team:
            Nexus - Core
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Date of First Response:

                tigCommentSecurity.panel-title