devpi-{server-2.1,web-2.2}: upload history, deploy status, groups ================================================================== With devpi-server-2.1 and devpi-web-2.2 you'll get a host of fixes and improvements as well as some major new features for the private pypi system: - upload history: release/tests/doc files now carry metadata for by whom, when and to which index something was uploaded - deployment status: the new json /+status gives detailed information about a replica or master's internal state - a new authentication hook supports arbitrary external authentication systems which can also return "group" membership information. An initial separately released "devpi-ldap" plugin implements verification accordingly. You can specify groups in ACLs with the ":GROUPNAME" syntax. - a new "--restrict-modify=ACL" option to start devpi-server such that only select accounts can create new or modify users or indexes For many more changes and fixes, please see the CHANGELOG information below. UPGRADE note: devpi-server-2.1 requires to ``--export`` your 2.0 server state and then using ``--import`` with the new version before you can serve your private packages through devpi-server-2.1. Please checkout the web plugin if you want to have a web interface:: http://doc.devpi.net/2.1/web.html Here is a Quickstart tutorial for efficient pypi-mirroring on your laptop:: http://doc.devpi.net/2.1/quickstart-pypimirror.html And if you want to manage your releases or implement staging as an individual or within an organisation:: http://doc.devpi.net/2.1/quickstart-releaseprocess.html If you want to host a devpi-server installation with nginx/supervisor and access it from clients from different hosts:: http://doc.devpi.net/2.1/quickstart-server.html More documentation here:: http://doc.devpi.net/2.1/ many thanks to Florian Schulze who co-implemented many of the new features. And special thanks go to the two companies who funded major parts of the above work. have fun, Holger Krekel, merlinux GmbH devpi-server-2.1.0 (compared to 2.0.6) ---------------------------------------- - make replication more precise: if a file cannot be replicated, fail with an error log and try again in a few seconds. This helps to maintain a consistent replica and discover the potential remaining bugs in the replication code. - add who/when metadata to release files, doczips and test results and preserve it during push operations so that any such file provides some history which can be visualized via the web-plugin. The metadata is also exposed via the json API (/USER/INDEX/PROJECTNAME[/VERSION]) - fix issue113: provide json status information at /+status including roles and replica polling status, UUIDs of the repository. See new server status docs for more info. - support for external authentication plugins: new devpiserver_auth_user hook which plugins can implement for user/password validation and for providing group membership. - support groups for acl_upload via the ":GROUPNAME" syntax. This requires an external authentication plugin that provides group information. - on replicas return auth status for "+api" requests by relaying to the master instead of using own key. - add "--restrict-modify" option to specify users/groups which can create, delete and modify users and indices. - make master/replica configuration more permanent and a bit safer against accidental errors: introduce "--role=auto" option, defaulting to determine the role from a previous invocation or the presence of the "--master-url" option if there was no previous invocation. Also verify that a replica talks to the same master UUID as with previous requests. - replaced hack from nginx template which abused "try_files" in "location /" with the recommended "error_page"/"return" combo. Thanks Jürgen Hermann - change command line option "--master" to "--master-url" - fix issue97: remove already deprecated --upgrade option in favor of just using --export/--import - actually store UTC in last_modified attribute of release files instead of the local time disguising as UTC. preserve last_modified when pushing a release. - fix exception when a static resource can't be found. - address issue152: return a proper 400 "not registered" message instead of 500 when a doczip is uploaded without prior registration. - add OSX/launchd example configuration when "--gen-config" is issued. thanks Sean Fisk. - fix replica proxying: don't pass original host header when relaying a modifying request from replica to master. - fix export error when a private project doesnt exist on pypi - fix pushing of a release when it contains multiple tox results. - fix "refresh" button on simple pages on replica sites - fix an internal link code issue possibly affecting strangeness or exceptions with test result links - be more tolerant when different indexes have different project names all mapping to the same canonical project name. - fix issue161: allow "{pkgversion}" to be part of a jenkins url devpi-web-2.2.0 (compared to 2.1.6) ---------------------------------------- - require devpi-server >= 2.1.0 - static resources now have a plus in front to avoid clashes with usernames and be consistent with how other urls work: "+static/..." and "+theme-static/..." - adjusted font-sizes and cut-off width of content. - only show underline on links when hovering. - make the "description hasn't been rendered" warning stand out. - version.pt: moved md5 sum from it's own column to the file column below the download link - version.pt: added "history" column showing last modified time and infos about uploads and pushes. - fix issue153: friendly error messages on upstream errors. - index.pt: show permissions on index page devpi-client-2.0.3 (compared to 2.0.2) ---------------------------------------- - use default "https://www.python.org/pypi" when no repository is set in .pypirc see https://docs.python.org/2/distutils/packageindex.html#the-pypirc-file - fix issue152: when --upload-docs is given, make sure to first register and upload the release file before attempting to upload docs (the latter requires prior registration) - fix issue75: add info about basic auth to "url" option help of "devpi use". - fix issue154: fix handling of vcs-exporting when unicode filenames are present. This is done by striking our own code in favor of Marius Gedminas' vcs exporting functions from his check-manifest project which devpi-client now depends on. This also adds in support for svn and bazaar in addition to the already supported git/hg. - devpi list: if a tox result does not contain basic information (probably a bug in tox) show a red error instead of crashing out with a traceback. - fix issue157: filtering of tox results started with the oldest ones and didn't show newer results if the host, platform and environment were the same.