Mailman 3 July 2019 - devpi-dev

ACL setup when using restrict-modify
by Louis Opter 22 Jul '19

22 Jul '19

Hello, Thank you for the project, quick question: I see that restrict-modify actually only allows changes made by the principals listed there. Which kinda means that you are either root or you aren't, should restrict-modify also allow index_create/user_modify for authenticated users? Thank you, -- Louis Opter

2 4

Internal PyPi repo use case
by Jessie Lin 17 Jul '19

17 Jul '19

Hello Devpi deverlopers, We're looking for a solution for internal PyPi server. We like developers/data Scientists to use the packages only from the internal repo, which is approved by legal and scanned for security purposes. Can we let admins to download from external PyPi, and other users only download from internal repo only? If the package is not in the local repo, the developers need to discuss with Admin first. From reading the doc it seems Devpi can be a through cache. Is this something Devpi can do? Thank you very much! Best, Jessie

3 3

Re: serving devpi-web over https
by Michel Albert 12 Jul '19

12 Jul '19

I am having the exact same issue. I've set up devpi to be served inside a kubernetes cluster and use "edge-termination" for SSL traffic. This means that the traffic goes from the browser to K8S as HTTPS which forwards the traffic *unencrypted* to devpi. All links to resources like CSS and JS files are rendered as "http" on the returned document which causes the browser to block them. On a wild guess I assume that devpi auto-detects the protocol? If that is the case then is makes sense that the links are generated as HTTP instead of HTTPS. Because the edge-termination of SSL traffic makes devpi blissfully unaware that there is SSL in place. So there would need to be a way to force devpi to generate links as HTTPS instead of HTTP. Is there a way to do this?

4 5

Releases
by Florian Schulze 01 Jul '19

01 Jul '19

Hi! Last Friday I released devpi-client 5.0.0, devpi-server 5.0.0 and devpi-web 3.5.2. Check out the PYPI pages for change logs: https://pypi.org/project/devpi-client/ https://pypi.org/project/devpi-server/ https://pypi.org/project/devpi-web/ Regards, Florian Schulze

1 0