Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-17626

rubygems /versions endpoint not implemented resulting in performance issues installing gems

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.10.0, 3.12.1, 3.18.1, 3.19.1, 3.37.3
    • Fix Version/s: None
    • Component/s: RubyGems
    • Story Points:
      0

      Description

      I just updated from 3.10.0 to 3.12.1 and gem resolution is problematic.  It wasn't perfect in 3.10.0 either (if you want a seperate ticket, let me know).

      I have a rubygems group repository called 'gems' that contains hosted and proxied repositories.  The following behavior was determined by running "bundle update --verbose" with bundler version 1.16.1, ruby 2.5.1.

      In 3.10.0, the first request to https://nexus.example.com/nexus/repository/gems/versions yields a 400 with no error in the nexus.log.  This causes a second request to https://nexus.example.com/nexus/repository/gems/api/v1/dependencies, which works correctly.

       

      In 3.12.1, https://nexus.example.com/nexus/repository/gems/versions leads to a 400 and https://nexus.example.com/nexus/repository/gems/api/v1/dependencies gives a 404 (again, nothing concerning in nexus.log).  This causes bundler to download the specs and check each gemspec, which is a slow process.

       

      The ideal behavior is that bundler can use https://nexus.example.com/nexus/repository/gems/versions.

      Expected

      Nexus Repository should implement handling for https://guides.rubygems.org/rubygems-org-api/#gem-version-methods and https://guides.rubygems.org/rubygems-org-api-v2/#gem-version-methods ( and related endpoints that bundler may use to install gems that are better performing than /api/v1/dependencies )

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              jessebs Jesse Bowes
              Last Updated By:
              Joe Tom Joe Tom
              Votes:
              8 Vote for this issue
              Watchers:
              12 Start watching this issue

                Dates

                Created:
                Updated:
                Date of First Response:

                  tigCommentSecurity.panel-title