Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-31893

remove non-cataloged versions feature can encounter InternalException while contacting IQ Server which does not include original cause

    Details

    • Type: Bug
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.38.1
    • Fix Version/s: None
    • Component/s: IQ Integration, NPM
    • Labels:
    • Notability:
      n/a

      Description

      A customer had NPM proxy repo to official npm registry, with the "Remove Non-Cataloged Versions" feature enabled running IQ Server 135 and NExus Repo 3.38.1.

      During an event where it was determined there were performance issues with this feature ( NEXUS-31891 ) , some requests for NPM Package metadata were taking 5-10 minutes to respond. WARN and ERROR Level messages were logged into the nexus.log as "InternalException" at code line com.sonatype.nexus.clm.vulnerability.api.ComponentVersionsApi.getComponentVersions(ComponentVersionsApi.java:56), however the original exception which triggered these messages was not captured.

      Example stack trace:

      2022-04-20 12:44:37,546-0500 ERROR [qtp1691128597-141559]  m33833 com.sonatype.nexus.clm.firewall.FirewallComponentDetailsListener - Error getting component details for 'pkg:npm/lodash.without'
      org.sonatype.nexus.repository.vulnerability.exceptions.InternalException: Error getting component versions
      	at com.sonatype.nexus.clm.vulnerability.api.ComponentVersionsApi.getComponentVersions(ComponentVersionsApi.java:56)
      	at com.sonatype.nexus.clm.vulnerability.service.ComponentVersionsService.getVersions(ComponentVersionsService.java:45)
      	at com.sonatype.nexus.clm.firewall.FirewallComponentDetailsListener.on(FirewallComponentDetailsListener.java:86)
      	at sun.reflect.GeneratedMethodAccessor283.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at com.google.common.eventbus.Subscriber.invokeSubscriberMethod(Subscriber.java:87)
      	at com.google.common.eventbus.Subscriber$SynchronizedSubscriber.invokeSubscriberMethod(Subscriber.java:144)
      	at com.google.common.eventbus.Subscriber$1.run(Subscriber.java:72)
      	at com.google.common.util.concurrent.DirectExecutor.execute(DirectExecutor.java:30)
      	at com.google.common.eventbus.Subscriber.dispatchEvent(Subscriber.java:67)
      	at com.google.common.eventbus.Dispatcher$ImmediateDispatcher.dispatch(Dispatcher.java:186)
      	at com.google.common.eventbus.EventBus.post(EventBus.java:212)
      	at org.sonatype.nexus.internal.event.EventManagerImpl.post(EventManagerImpl.java:127)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNonCatalogedVersionHelperFacet.nonCatalogedVersions(OrientNonCatalogedVersionHelperFacet.java:206)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNonCatalogedVersionHelperFacet.maybeAddExcludedVersionsFieldMatchers(OrientNonCatalogedVersionHelperFacet.java:155)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNonCatalogedVersionHelperFacet$$EnhancerByGuice$$1396269089.GUICE$TRAMPOLINE(<generated>)
      	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:74)
      	at org.sonatype.nexus.common.stateguard.MethodInvocationAction.run(MethodInvocationAction.java:39)
      	at org.sonatype.nexus.common.stateguard.StateGuard$GuardImpl.run(StateGuard.java:272)
      	at org.sonatype.nexus.common.stateguard.GuardedInterceptor.invoke(GuardedInterceptor.java:54)
      	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:75)
      	at com.google.inject.internal.InterceptorStackCallback.invoke(InterceptorStackCallback.java:55)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNonCatalogedVersionHelperFacet$$EnhancerByGuice$$1396269089.maybeAddExcludedVersionsFieldMatchers(<generated>)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNpmProxyFacet.getFieldMatchers(OrientNpmProxyFacet.java:276)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNpmProxyFacet.getPackageRoot(OrientNpmProxyFacet.java:264)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNpmProxyFacet$$EnhancerByGuice$$1405466461.GUICE$TRAMPOLINE(<generated>)
      	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:74)
      	at org.sonatype.nexus.transaction.TransactionalWrapper.proceedWithTransaction(TransactionalWrapper.java:58)
      	at org.sonatype.nexus.transaction.TransactionInterceptor.proceedWithTransaction(TransactionInterceptor.java:66)
      	at org.sonatype.nexus.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:55)
      	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:75)
      	at com.google.inject.internal.InterceptorStackCallback.invoke(InterceptorStackCallback.java:55)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNpmProxyFacet$$EnhancerByGuice$$1405466461.getPackageRoot(<generated>)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNpmProxyFacet.getCachedContent(OrientNpmProxyFacet.java:127)
      	at org.sonatype.nexus.repository.proxy.ProxyFacetSupport.maybeGetCachedContent(ProxyFacetSupport.java:384)
      	at org.sonatype.nexus.repository.proxy.ProxyFacetSupport.get(ProxyFacetSupport.java:236)
      	at org.sonatype.nexus.repository.proxy.ProxyHandler.handle(ProxyHandler.java:53)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:88)
      	at org.sonatype.nexus.repository.storage.LastDownloadedHandler.handle(LastDownloadedHandler.java:59)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:88)
      	at org.sonatype.nexus.repository.storage.UnitOfWorkHandler.handle(UnitOfWorkHandler.java:39)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:88)
      	at org.sonatype.nexus.repository.view.Context$proceed$0.call(Unknown Source)
      	at com.sonatype.nexus.repository.npm.internal.orient.OrientNpmProxyRecipe$_closure1.doCall(OrientNpmProxyRecipe.groovy:295)
      

      Expected

      Always log an unexpected exception at default log levels - never lose the original cause of a problem.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              plynch Peter Lynch
              Last Updated By:
              Michael Oliverio Michael Oliverio
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Date of First Response:

                  tigCommentSecurity.panel-title