Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-devpi-server for
openSUSE:Factory checked in at 2026-02-04 21:10:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-devpi-server (Old)
and /work/SRC/openSUSE:Factory/.python-devpi-server.new.1670 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-devpi-server"
Wed Feb 4 21:10:16 2026 rev:17 rq:1330977 version:6.18.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-devpi-server/python-devpi-server.changes
2025-09-25 18:47:00.450470905 +0200
+++
/work/SRC/openSUSE:Factory/.python-devpi-server.new.1670/python-devpi-server.changes
2026-02-04 21:10:43.900245013 +0100
@@ -1,0 +2,136 @@
+Wed Feb 4 13:24:48 UTC 2026 - Daniel Garcia <[email protected]>
+
+- migrate to libalternatives
+- Update to version 6.18.0
+ - Store all available hashes of files.
+ - Validate hashes of all files during devpi-import, not only
+ releases.
+ ## Bug Fixes
+ - Apply argparse transformations on values read from config file or
+ environment.
+ - Restore Python and platform info in user agent string after switch
+ to httpx.
+ - Remove all database entries on project deletion instead of only
+ emptying them.
+ - Fix error at end of replica streaming caused by changed behavior
+ from switch to httpx.
+ - Fix #1102: The data stream was cut off after 64k when proxying
+ from replica to primary after switching to httpx.
+ - Fix #1107: retry file downloads if there has been an error during
+ download.
+ # Other Changes
+ - The filenames of some exported doczip files change due to
+ normalization of the project name caused by changing the internals
+ during export to allow ``--hard-links`` to work.
+
+- 6.17.0 (2025-08-27)
+ ## Deprecations and Removals
+ - Dropped support for migrating old password hashes that were
+ replaced in devpi-server 4.2.0.
+ - Removed support for basic authorization in primary URL. The
+ connection is already secured by a bearer token header.
+ - Removed the experimental ``--replica-cert`` option. The replica is
+ already using a token via a shared secret, so this is redundant.
+ - Removed ``--replica-max-retries`` option. It wasn't implemented
+ for async_httpget and didn't work correctly when streaming data.
+ ## Features
+ - Use httpx for all data fetching for mirrors and fetch projects
+ list asynchronously to allow update in background even after a
+ timeout.
+ - Use httpx instead of requests when proxying from replicas to
+ primary.
+ - Use httpx for all requests from replicas to primary.
+ - Use httpx when pushing releases to external index.
+ - Added ``mirror_ignore_serial_header`` mirror index option, which
+ allows switching from PyPI to a mirror without serials header when
+ set to ``True``, otherwise only stale links will be served and no
+ updates be stored.
+ - The HTTP cache information for mirrored projects is persisted and
+ re-used on server restarts.
+ - Added ``--file-replication-skip-indexes`` option to skip file
+ replication for ``all``, by index type (i.e. ``mirror``) or index
+ name (i.e. ``root/pypi``).
+ ## Bug Fixes
+ - Correctly handle lists for ``Provides-Extra`` and ``License-File``
+ metadata in database.
+ - Fix traceback by returning 401 error code when using wrong
+ password with a user that was created using an authentication
+ plugin like devpi-ldap which passes authentication through in that
+ case.
+ - Fix #1053: allow users to update their passwords when
+ ``--restrict-modify`` is used.
+ - Fix #1097: return 404 when trying to POST to +simple.
+ ## Other Changes
+ - Changed User-Agent when fetching data for mirrors from just
+ "server" to "devpi-server".
+
+- 6.16.0 (2025-06-25)
+ ## Deprecations and Removals
+ - Dropped support for Python 3.7 and 3.8.
+ ## Features
+ - Update stored package metadata fields to version 2.4 for license
+ expressions (PEP 639).
+ ## Bug Fixes
+ - Preserve hash when importing mirror data to prevent unnecessary
+ updates later on.
+ - Keep original metadata_version in database.
+
+- 6.15.0 (2025-05-18)
+ ## Features
+ - Add ``--connection-limit`` option to devpi-server passed on to
+ waitress.
+
+- 6.14.0 (2024-10-16)
+ ## Features
+ - Allow pushing of versions which only have documentation and no
+ releases.
+ - Allow pushing of release files only with no documentation.
+ Requires devpi-client 7.2.0.
+ - Allow pushing of documentation only with no release files.
+ Requires devpi-client 7.2.0.
+ ## Bug Fixes
+ - No longer automatically "register" a project when pushing releases
+ to PyPI. The reply changed from HTTP status 410 to 400 breaking
+ the upload. With devpi-client 7.2.0 there is a
+ ``--register-project`` option if it is still required for some
+ other package registry.
+
+- 6.13.0 (2024-09-19)
+ ## Deprecations and Removals
+ - Remove/Deprecate "master" related terminology in favor of "primary".
+ Usage related changes are the switch to ``--primary-url`` instead
+ of ``--master-url`` and ``--role=primary`` instead of
+ ``--role=master``. Using the old terms will now output warnings.
+ The ``+status`` API has additional fields and the ``role`` field
+ content will change with 7.0.0.
+ ## Features
+ - Enable logging command line options for all commands.
+ - Added support uv pip as an installer.
+ ## Bug Fixes
+ - Don't report on lagging event processing while replicating.
+ - Report primary serial correctly with streaming replication.
+ - Don't store file data in memory when fetching a release while
+ pushing from a mirror.
+ - Only warn about replica not being in sync instead of fatal status
+ while still replicating.
+
+- 6.12.1 (2024-07-24)
+ ## Bug Fixes
+ - Support Python 3.13 by depending on legacy-cgi.
+ - Preserve query string when proxying requests from replica to
+ primary. This fixes force removal on non-volatile indexes and
+ probably other bugs.
+ - Fix #1044: Correctly update cache expiry time when mirrored server
+ returns 304 Not Modified.
+
+- 6.12.0 (2024-06-25)
+ ## Features
+ - Added ``devpiserver_on_toxresult_store`` hook to allow blocking or
+ skipping a toxresult upload on more specific conditions as
+ ``acl_toxresult_upload`` would allow.
+ - Added ``devpiserver_on_toxresult_upload_forbidden`` hook to allow
+ returning a custom message and result (403 or 200).
+ ## Bug Fixes
+ - Return json data if toxresult upload is forbidden.
+
+-------------------------------------------------------------------
Old:
----
devpi_server-6.11.0.tar.gz
New:
----
devpi_server-6.18.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-devpi-server.spec ++++++
--- /var/tmp/diff_new_pack.LnH1XS/_old 2026-02-04 21:10:44.568272989 +0100
+++ /var/tmp/diff_new_pack.LnH1XS/_new 2026-02-04 21:10:44.568272989 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-devpi-server
#
-# Copyright (c) 2025 SUSE LLC and contributors
+# Copyright (c) 2026 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,11 +16,17 @@
#
+%if 0%{?suse_version} > 1500
+%bcond_without libalternatives
+%else
+%bcond_with libalternatives
+%endif
+
%define commands export fsck gen-config import init passwd server gen-secret
%{?sle15_python_module_pythons}
Name: python-devpi-server
-Version: 6.11.0
+Version: 6.18.0
Release: 0
Summary: Private PyPI caching server
License: MIT
@@ -32,7 +38,6 @@
BuildRequires: %{python_module wheel}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
-Requires: python-aiohttp
Requires: python-argon2-cffi >= 16.2
Requires: python-attrs
Requires: python-defusedxml
@@ -50,8 +55,13 @@
Requires: python-ruamel.yaml >= 0.15.94
Requires: python-strictyaml
Requires: python-waitress >= 1.0.1
+%if %{with libalternatives}
+Requires: alts
+BuildRequires: alts
+%else
Requires(post): update-alternatives
Requires(postun): update-alternatives
+%endif
# nginx tests failing when not skipped, likely due to rpmbuild environment
Suggests: nginx
Suggests: python-WebTest
@@ -60,7 +70,6 @@
BuildArch: noarch
# SECTION test requirements
BuildRequires: %{python_module WebTest}
-BuildRequires: %{python_module aiohttp}
BuildRequires: %{python_module argon2-cffi >= 16.2}
BuildRequires: %{python_module attrs}
BuildRequires: %{python_module beautifulsoup4}
@@ -89,7 +98,6 @@
%prep
%setup -q -n devpi_server-%{version}
-sed -i "s/ruamel.yaml<=[^']*,/ruamel.yaml/g" setup.py
sed -i "s/--flake8//" tox.ini
%build
@@ -117,6 +125,12 @@
$python -m pytest --ignore test_devpi_server -k "not ($donttest)"
%{buildroot}%{$python_sitelib}/test_devpi_server
}
+%pre
+# removing old update-alternatives entries
+for c in %{commands}; do
+%python_libalternatives_reset_alternative devpi-$c
+done
+
%post
for c in %{commands}; do
%python_install_alternative devpi-$c
++++++ devpi_server-6.11.0.tar.gz -> devpi_server-6.18.0.tar.gz ++++++
++++ 24271 lines of diff (skipped)
