Changelog ========= 1.2.0 (2016-XX-XX) ------------------ "New Day", with less rigorous support for `python-2 < 2.7` and `python-3 < 3.3`. - #38, #139, #140: Package normalizations and :pep:`503` updates (thanks to @dpkp): - URLs are redirected unless they end in `'/'` (expect packages themselves). - Package names are normalized: lower-case with all runs of the characters, and `[-_]` replaced with a single `'-'` character. - The simple index only lists normalized package names. - Any request for a non-normalized package name is redirected to the normalized name. - #117, #122, #124/#127/#128: FIX startup regressions introduced by previous `v1.1.10` (thanks to @virtuald, @Oneplus, @michaelkuty, @harcher81, @8u1a). - #113: FIX over-writing of packages even when without `--overwrite` flag (thanks to @blade2005). - #107, #108, #110: Test against *python-3.5*. - #112, #118, #119: Fixes for *paste*, *gunicorn* and other *WSGI* servers (thanks to @corywright, @virtuald, @montefra). - #120/#121, #129, #141/#142: Updates and fixes needed due to changes in dependent libraries (thanks @dpkp). - #116: Add cache for speeding up GPG signatures (thanks to @virtuald). - Provide sample ``systemd`` *unit-file* (thanks to @ssbarnea). - Add usage instructions for related project ``pypi-uploader`` and mention also project (thanks @ssbarnea & @bibby). - #129, #131: Other minor fixes and improvements (thanks to @bibby, @Oneplus, @8u1a). - Detailed changes recorded in `Github's milestone 1.2.0 `_. 1.1.10 (2016-01-19) ------------------- Serve 1000s of packages, PGP-Sigs, skip versions starting with 'v'. + #101: Speed-up server by (optionally) using the `watchdog` package to cache results, serve packages directly from proxying-server (*Apache* , *nginx*), and pre-compile regexes (thanks @virtuald). - #106: Support uploading PGP-signatures (thanks @mplanchard). - Package-versions parsing modifications: - #104: Stopped parsing invalid package-versions prefixed with `v`; they are invalid according to :pep-reference:`0440` (thanks @virtuald & @stevejefferiesIDBS). - Support versions with epochs separated by `!` like `package-1!1.1.0`. - #102: FIX regression on uploading packages with `+` char in their version caused by recent bottle-upgrade. - #103: Minor doc fixes (thanks @MichaelSchneeberger). 1.1.9 (2015-12-21) ------------------ "Ssss-elections" bug-fix & maintenance release. - Upgrade bottle 1.11.6-->1.13-dev. - Fixes `MAX_PARAM` limiting dependencies(#82) - Rework main startup and standalone: - New standalone generation based on ZIPed wheel archive. - Replace all sys.module mechanics with relative imports. - Fix gevent monkeypatching (#49). - Simplify definition of config-options on startup. - TODO: Move startup-options validations out of `main()` and into `pypiserver.core` package, to validate also start-up from API-clients. - #53: Like PyPI, HREF-links now contain package's md5-hashes in their fragment. Add `--hash_algo` cmd-line option to turn-off or specify other *hashlib* message-digest algorithms (e.g. `sha256` is a safer choice, set it to `off` to avoid any performance penalty if hosting a lot of packages). - #97: Add `--auther` non cmd-line startup-option to allow for alternative authentication methods (non HtPasswdFile-based one) to be defined by API-clients (thanks @Tythos). - #91: Attempt to fix register http failures (thanks to @Tythos and @petri). - Test actual clients (ie `pip`, `Twine`, `setuptools`). - Test spurious `setuptools` failures. - NOT FIXED! Still getting spurious failures. - Various other fixes: - #96: Fix program's requirement (i.e. add passlib as extra-requirement). provide requirements files also for developers. - logging: Send also bottle `_stderr` to logger; fix logger names. - #95: Add missing loop-terminators in bottle-templates (thanks to @bmflynn). 1.1.8 (2015-09-15) ------------------ "Finikounda" release. - Allow un-authenticated uploads (no htpasswd file) (#55). - Fixes on package-name handling (#85 and #88, #89). - Respect logging cmd-line options (#81). - Add TCs for standalone script and other build-issues (#92) - See milestone:M1.1.8 on github for all fixes included. 1.1.7 (2015-03-8) ------------------ 1st release under cooperative ownership: - #65, #66: Improve Auth for private repos by supporting i password protected package listings and downloads, in addition to uploads (use the -a, --authenticate option to specify which to protect). - #67: Add cache-control http-header, reqed by pip. - #56, #70: Ignore non-packages when serving. - #58, #62: Log all http-requests. - #61: Possible to change welcome-msg. - #77, #78: Avoid XSS by generating web-content with SimpleTemplate instead of python's string-substs. - #38, #79: Instruct to use --extra-index-url for misspelled dependencies to work, reorganize README instructions. 1.1.6 (2014-03-05) ------------------ - remove --index-url cli parameter introduced in 1.1.5 1.1.5 (2014-01-20) ------------------ - only list devpi-server and proxypypi as alternatives - fix wheel file handling for certain wheels - serve wheel files as application/octet-stream - make pypiserver executable from wheel file - build universal wheel - remove scripts subdirectory - add --index-url cli parameter 1.1.4 (2014-01-03) ------------------ - make pypiserver compatible with pip 1.5 (https://github.com/pypiserver/pypiserver/pull/42) 1.1.3 (2013-07-22) ------------------ - make guessing of package name and version more robust 1.1.2 (2013-06-22) ------------------ - fix "pypi-server -U" stable/unstable detection, i.e. do not accidentally update to unstable packages 1.1.1 (2013-05-29) ------------------ - add 'overwrite' option to allow overwriting existing package files (default: false) - show names with hyphens instead of underscores on the "/simple" listing - make the standalone version work with jython 2.5.3 - upgrade waitress to 0.8.5 in the standalone version - workaround broken xmlrpc api on pypi.python.org by using HTTPS 1.1.0 (2013-02-14) ------------------ - implement multi-root support (one can now specify multiple package roots) - normalize pkgnames, handle underscore like minus - sort files by their version, not alphabetically - upgrade embedded bottle to 0.11.6 - upgrade waitress to 0.8.2 in the standalone script - merge vsajip's support for verify, doc_upload and remove_pkg 1.0.1 (2013-01-03) ------------------ - make 'pypi-server -Ux' work on windows ('module' object has no attribute 'spawnlp', https://github.com/pypiserver/pypiserver/issues/26) - use absolute paths in hrefs for root view (https://github.com/pypiserver/pypiserver/issues/25) - add description of uploads to the documentation - make the test suite work on python 3 - make pypi-server-standalone work with python 2.5 1.0.0 (2012-10-26) ------------------ - add passlib and waitress to pypi-server-standalone - upgrade bottle to 0.11.3 - Update scripts/opensuse/pypiserver.init - Refuse to re upload existing file - Add 'console_scripts' section to 'entry_points', so 'pypi-server.exe' will be created on Windows. - paste_app_factory now use the the password_file option to create the app. Without this the package upload was not working. - Add --fallback-url argument to pypi-server script to make it configurable. 0.6.1 (2012-08-07) ------------------ - make 'python setup.py register' work - added init scripts to start pypiserver on ubuntu/opensuse 0.6.0 (2012-06-14) ------------------ - make pypiserver work with pip on windows - add support for password protected uploads - make pypiserver work with non-root paths - make pypiserver 'paste compatible' - allow to serve multiple package directories using paste 0.5.2 (2012-03-27) ------------------ - provide a way to get the WSGI app - improved package name and version guessing - use case insensitive matching when removing archive suffixes - fix pytz issue #6 0.5.1 (2012-02-23) ------------------ - make 'pypi-server -U' compatible with pip 1.1 0.5.0 (2011-12-05) ------------------ - make setup.py install without calling 2to3 by changing source code to be compatible with both python 2 and python 3. We now ship a slightly patched version of bottle. The upcoming bottle 0.11 also contains these changes. - make the single-file pypi-server-standalone.py work with python 3 0.4.1 (2011-11-23) ------------------ - upgrade bottle to 0.9.7, fixes possible installation issues with python 3 - remove dependency on pkg_resources module when running 'pypi-server -U' 0.4.0 (2011-11-19) ------------------ - add functionality to manage package updates - updated documentation - python 3 support has been added 0.3.0 (2011-10-07) ------------------ - pypiserver now scans the given root directory and it's subdirectories recursively for packages. Files and directories starting with a dot are now being ignored. - /favicon.ico now returns a "404 Not Found" error - pypiserver now contains some unit tests to be run with tox 0.2.0 (2011-08-09) ------------------ - better matching of package names (i.e. don't install package if only a prefix matches) - redirect to the real pypi.python.org server if a package is not found. - add some documentation about configuring easy_install/pip 0.1.3 (2011-08-01) ------------------ - provide single file script pypi-server-standalone.py - better documentation 0.1.2 (2011-08-01) ------------------ - prefix comparison is now case insensitive - added usage message - show minimal information for root url 0.1.1 (2011-07-29) ------------------ - don't require external dependencies 0.1.0 (2011-07-29) ------------------ - initial release