Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-7808

non-snapshot versions containing SNAPSHOT can bypass a release repository Deployment Policy

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.6, 2.11.1
    • Fix Version/s: 3.0.0-m3, 2.11.2
    • Component/s: Maven
    • Labels:
      None
    • Story Points:
      2
    • Sprint:
      Sprint 34

      Description

      We have a nexus server:

      Sonatype Nexus™ Open Source Edition, Version: 2.0.6

      (sure - kinda old)

      But we are able to redeploy a version of an artifact with a version string of:

      1.0.0-SNAPSHOT-FOO-999

      We have our "release" repo set up to deny redeploy, but we were able to redeploy this to this release repo over and over.

        Attachments

          Activity

            People

            Assignee:
            cstamas Tamás Cservenák
            Reporter:
            eciramella EJ Ciramella
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Date of First Response:

                tigCommentSecurity.panel-title