Changelog¶
If you are upgrading an existing installation, read the instructions
1.2.2 - 2021/6/8¶
- Upgrade to Pyramid 2.0
- Remove the SQL index from package summary field (will take effect when you rebuild your cache, but a rebuild is not required)
1.2.1 - 2021/5/18¶
1.2.0 - 2021/3/1¶
1.1.7 - 2020/11/16¶
1.1.6 - 2020/11/7¶
1.1.3 - 2020/8/17¶
1.1.2 - 2020/7/23¶
- Fix error when package in local storage but not in fallback repository (issue 251)
1.1.1 - 2020/6/14¶
1.0.14 - 2020/5/7¶
- Fix a bug with reloading Redis cache (pull 230)
- More graceful handling of non-package files in GCS (issue 232)
- Support for
requires_python
metadata (pull 234, issue 219) - Add
pypi.use_json_scraper
setting for configuring - Change default value of
storage.redirect_urls
toTrue
- Add auth.scheme setting to customize password hashing algorithm (issue 237)
- SIGNIFICANTLY LOWERED default password hashing rounds. Read about why in the docs
1.0.12 - 2019/12/11¶
1.0.11 - 2019/4/5¶
1.0.10 - 2018/11/26¶
1.0.9 - 2018/9/6¶
1.0.7 - 2018/8/14¶
- Feature:
/health
endpoint checks health of connection to DB backends (issue 181) - Feature: Options for LDAP access backend to ignore referrals and ignore multiple user results (pull 184)
- Fix: Exception when
storage.cloud_front_key_file
was set (pull 185) - Fix: Bad redirect to the fallback url when searching the
/json
endpoint (pull 188) - Deprecation:
pypi.fallback_url
has been deprecated in favor ofpypi.fallback_base_url
(pull 188)
1.0.6 - 2018/6/11¶
- Fix: Support
auth.profile_name
passing in a boto profile name (pull 172) - Fix: Uploading package with empty description using twine crashes DynamoDB backend (issue 174)
- Fix: Config file generation for use with docker container (using %(here)s was not working)
- Use cryptography package instead of horrifyingly old and deprecated pycrypto (issue 179)
- Add
storage.public_url
to S3 backend (issue 173)
1.0.5 - 2018/4/24¶
- Fix: Download ACL button throws error in Python 3 (issue 166)
- New access backend: AWS Secrets Manager (pull 164)
- Add
storage.storage_class
option for S3 storage (pull 170) - Add
db.tablenames
option for DynamoDB cache (issue 167) - Reduce startup race conditions on empty caches when running multiple servers (issue 167)
1.0.4 - 2018/4/1¶
- Fix: Fix SQL connection issues with uWSGI (issue 160)
- Miscellaneous python 3 fixes
1.0.3 - 2018/3/26¶
1.0.2 - 2018/1/26¶
- Fix: Hang when rebuilding Postgres cache (issue 147)
- Fix: Some user deletes fail with Foreign Key errors (issue 150)
- Fix: Incorrect parsing of version for wheels (issue 154)
- Configuration option for number of rounds to use in password hash (issue 115)
- Make request errors visible in the browser (issue 151)
- Add a Create User button to admin page (issue 149)
- SQL access backend defaults to disallowing anonymous users to register
1.0.0 - 2017/10/29¶
- Python3 support thanks to boto3
- Removing stable/unstable version from package summary
- Changing and removing many settings
- Performance tweaks
graceful_reload
option for caches, to refresh from the storage backend while remaining operational- Complete rewrite of LDAP access backend
- Utilities for hooking into S3 create & delete notifications to keep multiple caches in sync
NOTE Because of the boto3 rewrite, many settings have changed. You will need to review the settings for your storage, cache, and access backends to make sure they are correct, as well as rebuilding your cache as per usual.
0.5.4 - 2017/8/10¶
0.5.3 - 2017/4/30¶
- Bug fix: S3 uploads failing from web interface and when fallback=cache (issue 120)
0.5.2 - 2017/4/22¶
- Bug fix: The
/pypi
path was broken for viewing & uploading packages (issue 119) - Update docs to recommend
/simple
as the install/upload URL - Beaker session sets
invalidate_corrupt = true
by default
0.5.1 - 2017/4/17¶
- Bug fix: Deleting packages while using the Dynamo cache would sometimes remove the wrong package from Dynamo (issue 118)
0.5.0 - 2017/3/29¶
Upgrade breaks: SQL caching database. You will need to rebuild it.
- Feature: Pip search works now (pull 107)
0.4.6 - 2017/4/17¶
- Bug fix: Deleting packages while using the Dynamo cache would sometimes remove the wrong package from Dynamo (issue 118)
0.4.5 - 2017/3/25¶
- Bug fix: Access backend now works with MySQL family (pull 106)
- Bug fix: Return http 409 for duplicate upload to work better with twine (issue 112)
- Bug fix: Show upload button in interface if
default_write = everyone
- Confirm prompt before deleting a user or group in the admin interface
- Do some basica sanity checking of username/password inputs
0.4.3 - 2016/8/2¶
0.4.1 - 2016/6/8¶
- Bug fix: LDAP auth disallows empty passwords for anonymous binding (pull 92)
- Config generator sets
pypi.default_read = authenticated
for prod mode
0.4.0 - 2016/5/16¶
Backwards incompatibility: This version was released to handle a change in the way pip 8.1.2 handles package names. If you are upgrading from a previous version, there are detailed instructions for how to upgrade safely.
0.3.11 - 2016/4/28¶
0.3.10 - 2016/3/21¶
- Feature: S3 backend setting
storage.redirect_urls
0.3.9 - 2016/3/13¶
0.3.8 - 2016/3/10¶
0.3.4 - 2015/8/30¶
- Add docker-specific option for config creation
- Move docker config files to a separate repository
0.3.3 - 2015/7/17¶
0.3.0 - 2015/6/16¶
- Fully defines the behavior of every possible type of pip request. See Fallbacks for more detail.
- Don’t bother caching generated S3 urls.
0.2.13 - 2015/5/27¶
- Bug fix: Crash when mirror mode serves private packages
0.2.12 - 2015/5/14¶
- Bug fix: Mirror mode works properly with S3 storage backend
0.2.11 - 2015/5/11¶
- Bug fix: Cache mode will correctly download packages with legacy versioning (pull 45)
- Bug fix: Fix the fetch_requirements endpoint (commit 6b2e2db)
- Bug fix: Incorrect expire time comparison with IAM roles (pull 47)
- Feature: ‘mirror’ mode. Caches packages, but lists all available upstream versions.
0.2.10 - 2015/2/27¶
0.2.9 - 2014/12/14¶
0.2.8 - 2014/11/11¶
- Bug fix: Crash when migrating packages from file storage to S3 storage (pull 35)
0.2.7 - 2014/10/2¶
- Bug fix: First download of package using S3 backend and
pypi.fallback = cache
returns 404 (issue 31)
0.2.3 - 2014/3/13¶
- Bug fix: Caching works with S3 backend (commit 4dc593a)
0.2.2 - 2014/3/13¶
- Bug fix: Security bug in user auth (commit 001e8a5)
- Bug fix: Package caching from pypi was slightly broken (commit 065f6c5)
- Bug fix:
ppc-migrate
works when migrating to the same storage type (commit 45abcde)
0.2.1 - 2014/3/12¶
- Bug fix: Pre-existing S3 download links were broken by 0.2.0 (commit 52e3e6a)
0.2.0 - 2014/3/12¶
Upgrade breaks: caching database
- Bug fix: Timestamp display on web interface (pull 18)
- Bug fix: User registration stores password as plaintext (commit 21ebe44)
- Feature:
ppc-migrate
, command to move packages between storage backends (commit 399a990) - Feature: Adding support for more than one package with the same version. Now you can upload wheels! (commit 2f24877)
- Feature: Allow transparently downloading and caching packages from pypi (commit e4dabc7)
- Feature: Export/Import access-control data via
ppc-export
andppc-import
(commit dbd2a16) - Feature: Can set default read/write permissions for packages (commit c9aa57b)
- Feature: New cache backend: DynamoDB (commit d9d3092)
- Hosting all js & css ourselves (no more CDN links) (commit 20e345c)
- Obligatory miscellaneous refactoring
0.1.0 - 2014/1/20¶
- First public release