Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-19730

NXRM 3 can send null values for IsLatestVersion and IsLatestAbsoluteVersion

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.14.0, 3.15.2, 3.16.0, 3.16.1
    • Fix Version/s: 3.17.0
    • Component/s: NuGet

      Description

      There have been two reports of this situation, with a specific NuGet package coming from a proxied NuGet site https://www.powershellgallery.com/api/v2/ .

      A user is using the following PowerShellGet module commands against NXRM 3.10.0 group repository containing a proxy repository member to https://www.powershellgallery.com/api/v2/, which work without error.

      Find-Module -Verbose -Name PSScriptAnalyzer
      Save-Module -Verbose -Name PSScriptAnalyzer
      

      Then the user upgrades NXRM to version 3.14.0 or greater. The save commands immediately fail with no change on the client.

      VERBOSE: Searching repository 'https://ht1-nexus-beta.example.corp/repository/powershell-eis-group/FindPackagesById()?id='PSScriptAnalyzer'' for ''.
      WARNING: One or more errors occurred.
      PackageManagement\Save-Package : Unable to save the module 'example.AutoSdk'.
      At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:1659 char:25
      + ...             $null = PackageManagement\Save-Package @PSBoundParameters
      +                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : InvalidOperation: (Microsoft.Power...ets.SavePackage:SavePackage) [Save-Package], Exception
          + FullyQualifiedErrorId : ProviderFailToDownloadFile,Microsoft.PowerShell.PackageManagement.Cmdlets.SavePackage
      

      Adding the -Debug option, we see the stack trace from these commands and the URL used:

      DEBUG: 00:00:12.5989612 Completed downloading
      'https://ht1-nexus-beta.Example.corp/repository/powershell-eis-group/FindPackagesById()?id='PSScriptAnalyzer'&$skip=0&$top=40'.
      DEBUG: 00:00:12.6030464 '28' packages received in the last request.
      DEBUG: 00:00:12.6073236 System.AggregateException: One or more errors occurred. ---> System.FormatException: String was not recognized as a valid Boolean.
         at System.Boolean.Parse(String value)
         at Microsoft.PackageManagement.NuGetProvider.PackageUtility.ReadEntryChildNode(PackageBase& package, XElement element)
         at Microsoft.PackageManagement.NuGetProvider.PackageUtility.ReadEntryChildNode(PackageBase& package, XElement element)
         at Microsoft.PackageManagement.NuGetProvider.PackageUtility.ReadEntryElement(PackageBase& package, XElement xElement)
         at Microsoft.PackageManagement.NuGetProvider.HttpClientPackageRepository.<SendRequest>d__10.MoveNext()
         at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
         at System.Linq.Parallel.SelectManyQueryOperator`3.SelectManyQueryOperatorEnumerator`1.MoveNext(TOutput& currentElement, Pair`2& currentKey)
         at System.Linq.Parallel.PipelineSpoolingTask`2.SpoolingWork()
         at System.Linq.Parallel.SpoolingTaskBase.Work()
         at System.Linq.Parallel.QueryTask.BaseWork(Object unused)
         at System.Threading.Tasks.Task.Execute()
         --- End of inner exception stack trace ---
         at System.Linq.Parallel.QueryTaskGroupState.QueryEnd(Boolean userInitiatedDispose)
         at System.Linq.Parallel.AsynchronousChannelMergeEnumerator`1.MoveNextSlowPath()
         at System.Linq.Parallel.QueryOpeningEnumerator`1.MoveNext()
         at System.Linq.Buffer`1..ctor(IEnumerable`1 source)
         at System.Linq.Enumerable.ToArray[TSource](IEnumerable`1 source)
         at Microsoft.PackageManagement.NuGetProvider.NuGetClient.<GetPackageDependenciesHelper>d__8.MoveNext()
         at Microsoft.PackageManagement.NuGetProvider.NuGetClient.DepthFirstVisit(Tuple`2 packageItem, HashSet`1 temporarilyMarked, HashSet`1 permanentlyMarked, List`1
      dependencyToBeInstalled, HashSet`1 dependenciesProcessed, NuGetRequest request, Dictionary`2 reducedConstraintDuplicatedPackages)
         at Microsoft.PackageManagement.NuGetProvider.NuGetClient.DepthFirstVisit(Tuple`2 packageItem, HashSet`1 temporarilyMarked, HashSet`1 permanentlyMarked, List`1
      dependencyToBeInstalled, HashSet`1 dependenciesProcessed, NuGetRequest request, Dictionary`2 reducedConstraintDuplicatedPackages)
         at Microsoft.PackageManagement.NuGetProvider.NuGetClient.GetPackageDependenciesToInstall(NuGetRequest request, PackageItem packageItem, Boolean& hasDependencyLoop)
         at Microsoft.PackageManagement.NuGetProvider.NuGetClient.InstallOrDownloadPackageHelper(PackageItem pkgItem, NuGetRequest request, String operation, Func`3
      installOrDownloadFunction)
         at Microsoft.PackageManagement.NuGetProvider.NuGetProvider.InstallPackage(String fastPackageReference, NuGetRequest request)
      ---> (Inner Exception #0) System.FormatException: String was not recognized as a valid Boolean.
         at System.Boolean.Parse(String value)
         at Microsoft.PackageManagement.NuGetProvider.PackageUtility.ReadEntryChildNode(PackageBase& package, XElement element)
         at Microsoft.PackageManagement.NuGetProvider.PackageUtility.ReadEntryChildNode(PackageBase& package, XElement element)
         at Microsoft.PackageManagement.NuGetProvider.PackageUtility.ReadEntryElement(PackageBase& package, XElement xElement)
         at Microsoft.PackageManagement.NuGetProvider.HttpClientPackageRepository.<SendRequest>d__10.MoveNext()
         at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()
         at System.Linq.Parallel.SelectManyQueryOperator`3.SelectManyQueryOperatorEnumerator`1.MoveNext(TOutput& currentElement, Pair`2& currentKey)
         at System.Linq.Parallel.PipelineSpoolingTask`2.SpoolingWork()
         at System.Linq.Parallel.SpoolingTaskBase.Work()
         at System.Linq.Parallel.QueryTask.BaseWork(Object unused)
         at System.Threading.Tasks.Task.Execute()<---
      WARNING: One or more errors occurred.
      
      Confirm
      Continue with this operation?
      [Y] Yes  [A] Yes to All  [H] Halt Command  [S] Suspend  [?] Help (default is "Y"): A
      DEBUG: 00:00:15.6409799 PowerShell Script 'PSModule' Function 'Download-Package' returns null.
      DEBUG: 00:00:15.6444371 Done calling powershell �Download-Package� �PSModule�
      
      Confirm
      Unable to save the module 'Example.AutoSdk'.
      [Y] Yes  [A] Yes to All  [H] Halt Command  [S] Suspend  [?] Help (default is "Y"): A
      PackageManagement\Save-Package : Unable to save the module 'Example.AutoSdk'.
      At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:1659 char:25
      + ...             $null = PackageManagement\Save-Package @PSBoundParameters
      +                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : InvalidOperation: (Microsoft.Power...ets.SavePackage:SavePackage) [Save-Package], Exception
          + FullyQualifiedErrorId : ProviderFailToDownloadFile,Microsoft.PowerShell.PackageManagement.Cmdlets.SavePackage
      

      Comparing the differences between the XML returned by /FindPackagesById()?id='PSScriptAnalyzer'&$skip=0&$top=40' reveals two null boolean field values AND an extra entry for the 1.0.0 version of the package, which appear to be the cause of the error. These null boolean values do not appear in the 3.10.0 version of the response.

      <entry>
      <id>
      https://ht1-nexus-beta.example.corp/repository/powershell-eis-group/Packages(Id='PSScriptAnalyzer',Version='1.0.0')
      </id>
      <title type="text">PSScriptAnalyzer</title>
      <summary type="text" m:null="true"/>
      <updated>2019-02-27T16:39:27.707Z</updated>
      <author>
      <name>Microsoft Corporation</name>
      </author>
      <link rel="edit-media" title="V2FeedPackage" href="Packages(Id='PSScriptAnalyzer',Version='1.0.0')/$value"/>
      <link rel="edit" title="V2FeedPackage" href="Packages(Id='PSScriptAnalyzer',Version='1.0.0')"/>
      <category term="NuGetGallery.V2FeedPackage" scheme="http://schemas.microsoft.com/ado/2007/08/dataservices/scheme"/>
      <content type="application/zip" src="https://ht1-nexus-beta.example.corp/repository/powershell-eis-group/PSScriptAnalyzer/1.0.0"/>
      <m:properties>
      <d:Version>1.0.0</d:Version>
      <d:Copyright>
      (c) 2015. Microsoft Corporation All rights reserved.
      </d:Copyright>
      <d:Created m:type="Edm.DateTime">2015-04-24T22:07:50.517Z</d:Created>
      <d:Dependencies/>
      <d:Description>
      PSScriptAnalyzer provides script analysis and checks for potential code defects in the scripts by applying a group of builtin or customized rules on the scripts being analyzed.
      </d:Description>
      <d:DownloadCount m:type="Edm.Int32">397626</d:DownloadCount>
      <d:GalleryDetailsUrl>
      https://www.powershellgallery.com/packages/PSScriptAnalyzer/1.0.0
      </d:GalleryDetailsUrl>
      <d:IconUrl m:null="true"/>
      <d:IsLatestVersion m:type="Edm.Boolean" m:null="true"/>
      <d:IsAbsoluteLatestVersion m:type="Edm.Boolean" m:null="true"/>
      <d:IsPrerelease m:type="Edm.Boolean">false</d:IsPrerelease>
      <d:Published m:type="Edm.DateTime">2015-04-24T22:07:50.517Z</d:Published>
      <d:Language m:null="true"/>
      <d:LicenseUrl m:null="true"/>
      <d:PackageHash>
      R5ECY/CgGZ8j50EfsiTaIOyafsWnRdzDCLoLQQWib24oWGnxzbYQU8bvemW2IIauWBslA5/obygd3H5tT1ZkDA==
      </d:PackageHash>
      <d:PackageHashAlgorithm>SHA512</d:PackageHashAlgorithm>
      <d:PackageSize m:type="Edm.Int64">104876</d:PackageSize>
      <d:ProjectUrl>https://github.com/PowerShell/PSScriptAnalyzer</d:ProjectUrl>
      <d:ReportAbuseUrl>
      https://www.powershellgallery.com/packages/PSScriptAnalyzer/1.0.0/ReportAbuse
      </d:ReportAbuseUrl>
      <d:ReleaseNotes m:null="true"/>
      <d:RequireLicenseAcceptance m:type="Edm.Boolean">false</d:RequireLicenseAcceptance>
      <d:Tags>PSModule ScriptAnalyzer CodeAnalysis</d:Tags>
      <d:Title>PowerShell ScriptAnalyzer</d:Title>
      <d:VersionDownloadCount m:type="Edm.Int32">116</d:VersionDownloadCount>
      </m:properties>
      </entry>
      

      The error cannot be reproduced starting from a brand new 3.16.0 instance directly.

      These fields appear to be part of the problem:

      <d:IsLatestVersion m:type="Edm.Boolean" m:null="true"/>
      <d:IsAbsoluteLatestVersion m:type="Edm.Boolean" m:null="true"/>
      

      Workaround

      To workaround this problem noticed after upgrading, one customer solved the issue by deleting the proxy repository and re-adding it - after which the extra entry and null boolean fields did not appear.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jtom Joe Tom
              Reporter:
              plynch Peter Lynch
              Last Updated By:
              Joe Tom Joe Tom
              Team:
              NXRM - Cypher
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title