We have updated out Nexus Community Edition to version 3.79.1-04 and to me it looks as if the behavior of the Asset API download/search has changed compared to the version we used before the update (3.70.4).
Before the update we used the following call to search and download an asset from Nexus:
curl --silent -L -u ${NRM_USER}:${NRM_PASSWORD} --remote-time -X GET “https://${NEXUS_HOST}/service/rest/v1/search/assets/download?sort=version&repository=maven-public&group=${GROUPID}&name=${ARTIFACTID}&maven.baseVersion=${VERSION}” -o “${DEST_DIR}/${ARTIFACTID}-${VERSION}.jar” -w ‘%{http_code}’
That downloaded the JAR of the asset into the directory specified.
After the update to version 3.79.1-04 the content of the file written by the call to curl was not longer the JAR of the asset but the SHA256 checksum of the asset. Used the same call as mentioned on another asset returned the content of the .pom file.
I could fix this by adding an additional query parameter maven.extension to the curl call specifying the “jar” as value.
curl --silent -L -u ${NRM_USER}:${NRM_PASSWORD} --remote-time -X GET “https://${NEXUS_HOST}/service/rest/v1/search/assets/download?sort=version&repository=maven-public&group=${GROUPID}&name=${ARTIFACTID}&maven.baseVersion=${VERSION}&maven.extension=jar” -o “${DEST_DIR}/${ARTIFACTID}-${VERSION}.jar” -w ‘%{http_code}’
I asked myself whether the behavior of the Asset API before the update was correct or whether the behavior after the update is correct?