Commit Graph

621 Commits

Author SHA1 Message Date
swe-jaeyoungpark
ad8db21b18 fix request.fullpath -> request.custom_fullpath on core.py 2019-05-02 23:39:00 +09:00
swe-jaeyoungpark
a060e99a25 implement "supporting changing the prefix of the path of url" again, using before_request hook. 2019-05-02 23:18:31 +09:00
swe-jaeyoungpark
c3965e31a0 fix typos on test_app.py 2019-05-02 23:14:31 +09:00
swe-jaeyoungpark
ae4dab30cc rollback bottle.py codes 2019-05-02 22:00:22 +09:00
swe-jaeyoungpark
8a196ddc90 add test cases with X_FORWARDED_HOST header 2019-04-29 18:22:35 +09:00
swe-jaeyoungpark
d154fc09ca Fix BaseRequest.urlparts.host and path correctly when the server is behind the reverse proxy 2019-04-29 18:21:41 +09:00
swe-jaeyoungpark
569929c95b support changing the prefix of the path of the url 2019-04-16 15:46:59 +09:00
Matthew Planchard
537034eb43
Merge pull request #242 from pypiserver/remove-pypiuploader-reference
Remove pypiuploader instructions
2019-03-11 16:31:54 -05:00
Matthew Planchard
0c5c6d5ac0
Remove pypiuploader instructions
Resolves #241

@willrogers points out that `pypiuploader` appears to be a dead project,
so we'll remove specific instructions for it in the docs, unless it
is confirmed to be otherwise.
2019-02-06 17:00:06 -06:00
Matthew Planchard
33b4e21017
chore(ver): bump 1.2.6-->1.2.7 2019-01-31 18:44:09 -06:00
Matthew Planchard
b21cdb1e90
Merge pull request #239 from ronneke1996/revamp-docker-file
Made the image smaller
2019-01-31 18:34:45 -06:00
Matthew Planchard
d162d660c4
Updated test & requirements filename
Thanks for your PR! I was wondering why everyone kept complaining about
`bcrypt`, when my local tests were succeeding just fine, so I spent
some time making the docker test script replicate the error.

Turns out the `.htpasswd` files I was generating were using md5, so they
were not triggering the error. The htpasswd file in this update does
use bcrypt encryption, so it triggers a 500 error on the previous
version of the Dockerfile.

I also updated the test to be a bit more thorough, validating an
authenticated upload in addition to just making sure the server is
running.

The only other change I made was to move `requirements.txt` into a more
specific `docker-requirements.txt` file, just to make it clear that its
intention is to be a part of the docker build and not the normal install
process.
2019-01-31 09:16:54 +01:00
Ron Nabuurs
7b9d0ef285
Made the image smaller
Fixed bcrypt
Added requirements.txt
2019-01-30 13:38:26 +01:00
Matthew Planchard
d6c25a7f7a
Trigger build to fix badge display 2019-01-28 21:08:46 -06:00
Matthew Planchard
e6a8bc556c
chore(ver): bump 1.2.5-->1.2.6 2019-01-26 16:15:55 -06:00
Matthew Planchard
0284cb7f50
Merge pull request #238 from pypiserver/237-CRLF-Injection
CRLF Injection Mitigation
2019-01-26 15:02:29 -06:00
Matthew Planchard
1375a67c55 CRLF Injection Mitigation
Resolves #237

Previously, we were not running any sort of URL escaping on values
passed in from the client that were used for redirects. This allowed
injection attacks via URL encoded newlines in the original request.

This update ensures that all user-supplied paths that are used as
components of redirects are passed through `urllib.parse.quote()`
(or the python 2 equivalent) prior to being used in a redirect
response.

Also specified 127.0.0.1 rather than 0.0.0.0 (the default) in server
tests to avoid triggering firewall dialogs when testing on MacOS
2019-01-24 17:53:03 -06:00
Matthew Planchard
4ab0c77e30 Updated release dates v1.2.5 2018-11-11 11:43:32 -06:00
Matthew Planchard
9956dedd6e Update README 2018-11-11 11:43:32 -06:00
Matthew Planchard
31e98f27d6 1.2.5 changes 2018-11-11 11:43:32 -06:00
Matthew Planchard
cf60c22d45 chore(ver): bump 1.2.5.dev0-->1.2.5 2018-11-11 11:43:32 -06:00
Matthew Planchard
b420c61b02
Merge pull request #229 from pypiserver/226-twine-test-fixes
test_server.py cleanup
2018-11-09 19:05:57 -06:00
Matthew Planchard
def22f49a7 another pep8 fn name 2018-11-09 18:46:06 -06:00
Matthew Planchard
410498a059 test_server.py cleanup
Resolves #226

Cleaned up `test_server.py` a bit:

* Call `twine` via `Popen` instead of using their internal API, which
  should help us from having to fix twine tests as often
* Cleaned up fixtures
* Some PEP8 updates and general formatting
* Grouped test fixtures and functions all before the tests themselves
2018-11-09 18:44:41 -06:00
Matthew Planchard
7601050612
Merge pull request #228 from pypiserver/docker-ownership
Ensured pypiserver user is assoc. w/group
2018-11-09 18:36:04 -06:00
Matthew Planchard
a10e85e946 Ensured pypiserver user is assoc. w/group 2018-11-09 18:21:32 -06:00
Matthew Planchard
ab1ec6ae16
Merge pull request #225 from pypiserver/224-add-bcrypt-to-docker
Add py-bcrypt to Dockerfile
2018-11-09 17:32:23 -06:00
Matthew Planchard
5bced5ca0b Travis does not yet support 3.7 automatically 2018-11-09 17:15:06 -06:00
Matthew Planchard
262c002b3d Added python 3.7 to travisfile 2018-11-09 17:04:33 -06:00
Matthew Planchard
4c92fafb4f Pin twine for tests to 1.11, add py37 to test suite 2018-11-09 16:58:45 -06:00
Matthew Planchard
ce9f4f75be Add py-bcrypt to Dockerfile
Resolves #224

Adds `py-bcrypt` via `apk` to the Docker image so that `htpasswd`
works as intended.
2018-11-09 16:27:37 -06:00
Matthew Planchard
e23cd0333e
Merge pull request #220 from JacobHayes/fix-htaccess-refs
Replace .htaccess references with .htpasswd
2018-09-06 17:02:24 -05:00
Jacob Hayes
57428d010f Replace .htaccess references with .htpasswd 2018-09-06 10:27:25 -05:00
Matthew Planchard
bc34b7ee4b
Merge pull request #219 from pypiserver/compose-update
Update compose to version 3.3
2018-08-09 21:04:04 -05:00
Matthew Planchard
6c3290b32f Update compose to version 3.3
Thanks @renich!
2018-08-09 20:39:49 -05:00
Matthew Planchard
5a1fd5a6ca
Merge pull request #217 from pypiserver/buildout-update
Remove version pins from buildout.cfg
2018-08-06 18:11:43 -05:00
Matthew Planchard
34f2b1e109 chore(ver): bump 1.2.4-->1.2.5.dev0 2018-08-06 17:51:23 -05:00
Matthew Planchard
4ed7b59925 Add docker to deployment README 2018-08-06 17:51:08 -05:00
Matthew Planchard
44865af687 Remove version pins from buildout.cfg 2018-08-06 17:50:46 -05:00
Matthew Planchard
e3c44bf7c8 Updated date in README 2018-08-06 17:26:49 -05:00
Matthew Planchard
523c33007a chore(ver): bump 1.2.3-->1.2.4 v1.2.4 2018-08-06 17:25:46 -05:00
Matthew Planchard
17703fd817 Updated CHANGELOG 2018-08-06 17:20:36 -05:00
Matthew Planchard
6635cb312e
Merge pull request #215 from elboerto/master
Use “pip download” instead of “pip install -d” for pip >= 10
2018-08-06 17:13:40 -05:00
Robert Rode
c79cb37893
Merge pull request #1 from pypiserver/elboerto-tests
Tests and Refactoring
2018-08-06 18:14:24 +02:00
Matthew Planchard
4109c10524 Tests and refactoring
* Refactored `updae()` into several single-responsibility functions
* Added tests for said functions
* Some PEP 008 cleanup
* Imported standard `__future__` imports in `manage.py` and its test
module
2018-08-04 16:17:56 -05:00
Matthew Planchard
92eb1bacd5 Merge branch 'master' of git://github.com/elboerto/pypiserver into elboerto-master 2018-08-04 15:04:56 -05:00
Matthew Planchard
c86de256fb chore(ver): bump 1.2.3-->1.2.3 v1.2.3 2018-08-04 12:31:44 -05:00
Matthew Planchard
ff4b049f97 Prep for 1.2.3 2018-08-04 12:31:31 -05:00
Robert
c9b0d59f3e Debugging of pypi-server -Ux execution of pip install -d which has been replaced by pip download since version 10.0.0 2018-08-01 15:10:19 +02:00
Matthew Planchard
e85ed3f5e6 Quick doc update 2018-07-17 20:45:17 -05:00