Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-31461

Unpredictable sort order for Maven versions

    Details

    • Type: Bug
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.38.0, 3.38.1
    • Fix Version/s: None
    • Component/s: Maven, REST, Search
    • Notability:
      4

      Description

      A follow-up to NEXUS-30694, the same issue is still occurring for maven versions where a random order is being returned.

      To reproduce:

      1. Uploaded two snapshots to 3.38:

      mvn deploy:deploy-file -DgroupId=com.foo.hsmservice.service -DartifactId=hsmservice-deployment -Dversion=1.31-us_481184_luigi__migration_2-SNAPSHOT -DgeneratePom=true -Dpackaging=jar -DrepositoryId=nexus -Durl=http://localhost:8081/repository/maven-snapshots -Dfile=./testjar.jar

      2. Call the search/assets/download REST API, to retrieve the latest version e.g. 

      curl -v -u admin:admin123 "http://localhost:8081/service/rest/v1/search/assets/download?sort=version&repository=maven-snapshots&maven.groupId=com.foo.hsmservice.service&maven.artifactId=hsmservice-deployment&maven.baseVersion=1.31-us_481184_luigi__migration_2-SNAPSHOT&maven.extension=jar" 

      And note the version returned.

      3. Then repeat steps 1-2 again and note that the latest timestamped snapshot is not returned. Instead the order is random.

      Potential Cause:

      For the given version strings e.g.

      • 1.31-us_481184_luigi__migration_2-20220312.160843-37
      • 1.31-us_481184_luigi__migration_2-20210419.153348-38

      It seems to be much the same as NEXUS-30694 where the "normalized_version" is returning the same values resulting in an unpredictable order e.g.

      jshell> versionNormalizer.getNormalizedValue("1.31-us_481184_luigi__migration_2-20210412.160843-37");
      $27 ==> "000000001.000000031.000000000.b.us_-000481184-_luigi__migration_000000002"
      
      jshell> versionNormalizer.getNormalizedValue("1.31-us_481184_luigi__migration_2-20210419.153348-38");
      $28 ==> "000000001.000000031.000000000.b.us_-000481184-_luigi__migration_000000002"
      

      However please be aware it is not just Snapshot versions affected, Release versions with a similar string also have the same issue e.g.

      jshell> versionNormalizer.getNormalizedValue("1.31-us_481184_luigi_migration-1");
      $8 ==> "000000001.000000031.000000000.e.us_-000481184-_luigi_migration"
      jshell> versionNormalizer.getNormalizedValue("1.31-us_481184_luigi_migration-2");
      $9 ==> "000000001.000000031.000000000.e.us_-000481184-_luigi_migration"
      

      Expected:

      Versions should be sorted in alpha-numeric order.

       

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              hardeepn Hardeep Nagra
              Last Updated By:
              Arnab Arnab
              Votes:
              8 Vote for this issue
              Watchers:
              14 Start watching this issue

                Dates

                Created:
                Updated:
                Date of First Response:

                  tigCommentSecurity.panel-title