Native OCI hosted, proxy, and group repositories in Nexus Repository 94 give release owners one controlled distribution point for container images, Helm charts, SBOMs, signatures, and attestations. That matters when release evidence and deployable artifacts are spread across separate registries with different access, retention, and audit controls.
Released July 9, 2026, Nexus Repository 3.94.0 expands repository format coverage while adding practical Repository Firewall governance controls. The release also carries several upgrade items that platform teams should assess before production rollout.
Consolidate OCI artifact management
OCI is now a native Nexus Repository format for hosted, proxy, and group repositories. Teams can proxy external OCI registries, publish internally produced artifacts, and present several repositories through a single endpoint.
This supports standard OCI-compatible tools, including:
- Docker and Podman
- Helm and ORAS
- Cosign and Syft
- Crane and Skopeo
For enterprise delivery organizations, the value is broader than image storage. OCI can become a common distribution model for artifacts that need to travel with a release: images, charts, software bills of materials, signatures, and attestations. Centralizing those artifacts improves traceability between build outputs, release approvals, and deployment inputs.
Architecture teams should define which artifact classes belong in OCI repositories, who may publish them, and how group repositories will be exposed to developers and pipelines. Especially for distributed platform teams.
