Skip to content

Releases: pypiserver/pypiserver

v1.3.2 - New Year New Version!

11 Jan 23:37
@mplanchard mplanchard
v1.3.2
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4ABC11DF33394F00
Learn about vigilant mode.
db74737
This commit was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4ABC11DF33394F00
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.2 - New Year New Version!

1.3.2 (2020-01-11)

  • ENH: The Dockerfile used for the official Docker images now uses Python 3.6
    rather than Python 2.7 (#284, thanks @etene!)
  • ENH: The welcome.html page has been updated to provide more metadata
    and be more HTML-standards compliant (#283, thanks @maggyero!)
  • FIX: the pypi-server -U command no longer fails when run inside the
    Docker container (thanks to @mkolb-navican for reporting in #264)
  • FIX: The remove_pkg API action now removes any extant instances of a
    package name-version combination, not just the first one found. This means
    that now, for example, if a .whl and .tar.gz file exist for the
    requested package name and version, both will be removed (thanks to
    @esciara for reporting in #268)
  • FIX: include missing simple/ path on a URL in the example pip commands
    on the welcome.html page (@276, thanks @maggyero!)
  • DOC: more consistent and accurate documentation for pip commands provided
    on the welcome.html page (#278, thanks @maggyero!)
  • DOC: fixes to the README to make it easier for people to use pypiserver
    behind an apache webserver (#289, thanks @Helveg!)
Assets 6
Loading

v1.3.1 - Fall Fixes

11 Sep 01:02
@mplanchard mplanchard
v1.3.1
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4ABC11DF33394F00
Learn about vigilant mode.
9496be1
This commit was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4ABC11DF33394F00
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.1 - Fall Fixes

1.3.1 (2019-09-10)

  • FIX: previously, it was possible to upload packages with hashing algorithms
    other than md5, but downloading them again with pip was impossible due to
    incorrect truncation of the hash. This has been fixed! (Thanks
    @ArneBachmann for figuring out what was wrong and reporting the issue
    in #265).
  • FIX: argument parsing would previously fail for the short form of
    --help, due an incorrect operator used during comparison (thanks to
    @maggyero, #271)
  • DOC: significant improvements to formatting and consistency in the README
    (thanks to @maggyero, #270)
Assets 3
Loading

v1.3.0 - Proper X-Forwarded-Host Handling & Doc Updates

05 May 22:09
@mplanchard mplanchard
v1.3.0
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4ABC11DF33394F00
Learn about vigilant mode.
2ef26a8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.0 - Proper X-Forwarded-Host Handling & Doc Updates
  • ENH: pypiserver now consistently and correctly handles the X-Forwarded-Host
    header to allow for alternative base URLs (#248, resolves #155, thanks
    @kujyp for an excellent first-time contribution!)
  • DOC: significantly more information added to the docker-compose.yml
    example, including recipes for various configuration options (thanks
    @jetheurer for pointing out the errors in the existing docs, #243!)
  • DOC: removed outdated suggestion to serve the packages data directly via
    a webserver and replaced with information about setting up nginx
    caching (thanks @ricekab for bringing the issue to our attention, #232)
Assets 3
Loading

Mitigate Possible CRLF Injection Attacks

01 Feb 00:41
@mplanchard mplanchard
v1.2.6
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4ABC11DF33394F00
Learn about vigilant mode.
4e84d35
Compare
Choose a tag to compare
Mitigate Possible CRLF Injection Attacks

1.2.6 (2019-01-26)

  • SEC: mitigate potential CRLF injection attacks from malicious URLs
    (thanks @samwcyo, #237)
Assets 2
Loading

v1.2.5 - Docker Fixes

11 Nov 18:03
@mplanchard mplanchard
v1.2.5
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4D58FC15A471FC5B
Learn about vigilant mode.
4ab0c77
Compare
Choose a tag to compare
v1.2.5 - Docker Fixes

1.2.5 (2018-11-11)

  • FIX: bcrypt is now installed into the Docker image, which allows
    passlib to work like it should (thanks @Diftraku, #224)

  • MAINT: integration tests with twine have been updated to use the
    command-line interface rather than the internal API, which should
    make them more resilient over time (#226)

Assets 2
Loading

v1.2.4 - Downloading with Pip

06 Aug 22:40
@mplanchard mplanchard
v1.2.4
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4D58FC15A471FC5B
Learn about vigilant mode.
523c330
Compare
Choose a tag to compare
v1.2.4 - Downloading with Pip

1.2.4 (2018-08-06)

  • FIX: the command to download new versions of available packages now
    works with pip >= 10.0 (thanks @elboerto, #215)
Assets 2
Loading

v1.2.3 - Containers

04 Aug 19:44
@mplanchard mplanchard
v1.2.3
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4D58FC15A471FC5B
Learn about vigilant mode.
c86de25
Compare
Choose a tag to compare
v1.2.3 - Containers

1.2.3 (2018-08-04)

  • MAINT: Remove broken downloads badge (thanks @hugovk, #209)

  • ENH: Improved Dockerfile and docker-compose example, docs for using
    the docker image, automatic docker builds

Assets 2
Loading

v1.2.2 - Keeping up with PyPI

13 Jun 01:18
@mplanchard mplanchard
v1.2.2
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4D58FC15A471FC5B
Learn about vigilant mode.
17e7f9c
Compare
Choose a tag to compare
v1.2.2 - Keeping up with PyPI
  • FIX: update fallback URL to https://pypi.org/simple since pypi.python.org
    has shut down
  • FIX: updated tests to use Popen rather than pip.main() given its
    removal in pip version 10.0
  • DOC: scrubbed docs of links to pypi.python.org
Assets 2
Loading

v1.2.2.dev0

12 Jun 01:57
@mplanchard mplanchard
v1.2.2.dev0
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4D58FC15A471FC5B
Learn about vigilant mode.
24905ad
Compare
Choose a tag to compare
v1.2.2.dev0 Pre-release
Pre-release
  • FIX: update fallback URL to https://pypi.org/simple since pypi.python.org
    has shut down
  • FIX: updated tests to use Popen rather than pip.main() given its
    removal in pip version 10.0
  • DOC: scrubbed docs of links to pypi.python.org
Assets 2
Loading

2017-11-29: mplanchard's daughter

30 Nov 01:15
@mplanchard mplanchard
v1.2.1
This tag was signed with the committer’s verified signature.
mplanchard Matthew Planchard
GPG key ID: 4D58FC15A471FC5B
Learn about vigilant mode.
56b9636
Compare
Choose a tag to compare
2017-11-29: mplanchard's daughter

Changes

  • FIX propagation of certain pypiserver settings via a paste.ini config
    file (thanks @luismsgomes, #156)

  • FIX update default fallback URL to be https for compliance with PyPI
    (thanks @uSpike, #182)

  • FIX resolved a regression preventing spinning up multiple pypiservers
    via a paste config (thanks @bertjwregeer, #173)

  • FIX cmdline parsing of stray comparison consuming many flags (e.g. --help),
    and docs about auther

  • Travis CI testing for Python 3.6 and pypy3 (#183)

  • Several documentation improvements (thanks @tescalada, #166, #161, #172 and
    @axnsan12, #190)

Known Limitations

Assets 2
Loading