Releases: pypiserver/pypiserver
Releases · pypiserver/pypiserver
v1.2.1rc0
2016-06-25: "Brexit": Normalize and stop legacy support.
- Less rigorous support for
python-2 < 2.7
andpython-3 < 3.3
. - Package normalizations and :pep:
503
updates:- Package names are normalized: convert all characters to lower-case
and replace any of[-_.]
with a dash('-'
). - The simple index only lists normalized package names.
- Any request for a non-normalized package name is redirected to
the normalized name. - URLs are redirected unless they end in
'/'
(expect packages themselves). - (thanks to @dpkp, #38, #139, #140)
- Package names are normalized: convert all characters to lower-case
- Added
pip search
support.- (thanks to @blade2005, #80, #114)
- FIX startup regressions for other WSGI-servers, introduced by previous
v1.1.10
.- (thanks to @virtuald, @Oneplus, @michaelkuty, @harcher81, @8u1a,
#117, #122, #124/#127/#128)
- (thanks to @virtuald, @Oneplus, @michaelkuty, @harcher81, @8u1a,
- FIX over-writing of packages even when without
--overwrite
flag.- (thanks to @blade2005, #113)
- Fixes for paste, gunicorn and other WSGI servers.
- Updates and fixes needed due to changes in dependent libraries.
- Add cache for speeding up GPG signatures.
- Other minor fixes and improvements.
- TravisCI-test against python-3.5.
- docs:
- Provide samples for Automated Startup (
systemd
&hypervisor
).
(thanks to @ssbarnea, #137, #146) - Add usage instructions for related project
pypi-uploader
.
(thanks to @ssbarnea & @bibby, #147) - doc: Provide sample-code to authenticate using
/etc/passwds
file
via pam modules in Unix.- (thanks to @blade2005, #149, #151-#153)
- Improved API usage instructions.
- Detailed changes recorded in
Github's milestone 1.2.0 <https://github.com/pypiserver/pypiserver/milestones/M1.2.0>
_.
- Provide samples for Automated Startup (
- TODO:
- Move validations from
main() --> core.configure()
. - Use docopt.
- Privatize
pypiserver.core --> pypiserver._core
. - Finish rework of app+bottle config & startup that began on
1.1.9
. - Add logging-conf yaml-file and read it if found
- Move validations from
2016-01-19: Serve 1000s of packages, PGP-Sigs, skip versions starting with 'v'.
- #101: Speed-up server by (optionally) using the
watchdog
package
to cache results, serve packages directly from proxying-server (Apache ,
nginx), and pre-compile regexes (thanks @virtuald). - #106: Support uploading PGP-signatures (thanks @mplanchard).
- Package-versions parsing modifications:
- #104: Stopped parsing invalid package-versions prefixed with
v
; they are
invalid according to :pep-reference:0440
(thanks @virtuald &
@stevejefferiesIDBS). - Support versions with epochs separated by
!
likepackage-1!1.1.0
. - #102: FIX regression on uploading packages with
+
char in their version
caused by recent bottle-upgrade.
- #104: Stopped parsing invalid package-versions prefixed with
- #103: Minor doc fixes (thanks @MichaelSchneeberger).
2015-12-21: "Ssss-elections" bug-fix & maintenance release.
- Upgrade bottle 1.11.6-->1.13-dev.
- Fixes
MAX_PARAM
limiting dependencies(#82)
- Fixes
- Rework main startup and standalone:
- New standalone generation based on ZIPed wheel archive.
- Replace all sys.module mechanics with relative imports.
- Fix gevent monkeypatching (#49).
- Simplify definition of config-options on startup.
- TODO: Move startup-options validations out of
main()
and
intopypiserver.core
package, to validate also start-up from API-clients.
- #53: Like PyPI, HREF-links now contain package's md5-hashes in their fragment.
Add--hash_algo
cmd-line option to turn-off or specify other hashlib
message-digest algorithms (e.g.sha256
is a safer choice, set it tooff
to avoid any performance penalty if hosting a lot of packages). - #97: Add
--auther
non cmd-line startup-option to allow for alternative
authentication methods (non HtPasswdFile-based one) to be defined by
API-clients (thanks @Tythos). - #91: Attempt to fix register http failures (thanks to @Tythos and @petri).
- Test actual clients (ie
pip
,Twine
,setuptools
). - Test spurious
setuptools
failures. - NOT FIXED! Still getting spurious failures.
- Test actual clients (ie
- Various other fixes:
"Finikounda" release
(apologies for the long delay...)
Notice that this will be the last to strive for supporting development on py2.5 and 3.2.
According to this surveys(2014, 2015), their days are over.
- Allow un-authenticated uploads (no
htpasswd
file) (#55). - Fixes on package-name handling (#85 and #88, #89).
- Respect logging cmd-line options (#81).
- Add TCs for standalone script and other build-issues (#92)
See milestone:M1.1.8 for all fixes included.
"pypi-donna" release
- Authentication enhancements,
- logging,
- anti-XSS templates,
- better instructions.
See Milestone M1.1.7