Details
-
Bug
-
Resolution: Fixed
-
Critical
-
3.35.0, 3.39.0, 3.41.0, 3.40.1
-
2
-
non-concept
-
2
Description
SYMPTOM:
After publishing a newer version into NPM hosted repository, a NPM group repository, which has this NPM hosted repository as a member, does not show this newly published version in the "latest" tag.
REPRODUCE STEPS:
- Install NXRM 3.40.1 with H2 (starting Nexus with "nexus.datastore.enabled=true")
- Create npm-hosted, npm-proxy, npm-group repositories
- Publish some dummy package:
export _NEXUS_URL='http://localhost:8081/' cat << EOF > ./package.json { "name": "lodash-vulnerable", "version": "1.0.0", "description": "", "main": "index.js", "scripts": { "test": "echo \"Error: no test specified\" && exit 1" }, "keywords": [], "author": "", "dependencies" : { "lodash": "4.17.4" }, "license": "ISC", "publishConfig":{"registry":"${_NEXUS_URL%/}/repository/npm-hosted/"} } EOF npm publish --registry "${_NEXUS_URL%/}/repository/npm-hosted/" -ddd
- Confirm npm-hosted and npm-group both show "1.0.0"
curl -s "${_NEXUS_URL%/}/repository/npm-hosted/lodash-vulnerable" | python -m json.tool | grep '"latest"' curl -s "${_NEXUS_URL%/}/repository/npm-group/lodash-vulnerable" | python -m json.tool | grep '"latest"'
- Publish newer version
sed -i.bak 's/"version": "1.0.0"/"version": "1.1.0"/' ./package.json npm publish --registry "${_NEXUS_URL%/}/repository/npm-hosted/" -ddd
- Again, check the latest versions for
npm-hosted andnpm-group with curl
EXPECTED BEHAVIOUR
By using above repro steps, the "npm-group" should show 1.1.0.
ACTUAL BEHAVIOUR:
The npm-group repo shows 1.0.0.
NOTE: 3.38.0 returns expected 1.1.0.
WORKAROUND:
Click [ Invalidate cache ] from the npm-group repository config page.
Attachments
Issue Links
- is related to
-
-
- Closed
-
- relates
-
-
- New
-
-
-
- Closed
-