Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-devpi-server for 
openSUSE:Factory checked in at 2026-02-04 21:10:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-devpi-server (Old)
 and      /work/SRC/openSUSE:Factory/.python-devpi-server.new.1670 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "python-devpi-server"

Wed Feb  4 21:10:16 2026 rev:17 rq:1330977 version:6.18.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-devpi-server/python-devpi-server.changes  
2025-09-25 18:47:00.450470905 +0200
+++ 
/work/SRC/openSUSE:Factory/.python-devpi-server.new.1670/python-devpi-server.changes
        2026-02-04 21:10:43.900245013 +0100
@@ -1,0 +2,136 @@
+Wed Feb  4 13:24:48 UTC 2026 - Daniel Garcia <[email protected]>
+
+- migrate to libalternatives
+- Update to version 6.18.0
+  - Store all available hashes of files.
+  - Validate hashes of all files during devpi-import, not only
+    releases.
+  ## Bug Fixes
+  - Apply argparse transformations on values read from config file or
+    environment.
+  - Restore Python and platform info in user agent string after switch
+    to httpx.
+  - Remove all database entries on project deletion instead of only
+    emptying them.
+  - Fix error at end of replica streaming caused by changed behavior
+    from switch to httpx.
+  - Fix #1102: The data stream was cut off after 64k when proxying
+    from replica to primary after switching to httpx.
+  - Fix #1107: retry file downloads if there has been an error during
+    download.
+  # Other Changes
+  - The filenames of some exported doczip files change due to
+    normalization of the project name caused by changing the internals
+    during export to allow ``--hard-links`` to work.
+
+- 6.17.0 (2025-08-27)
+  ## Deprecations and Removals
+  - Dropped support for migrating old password hashes that were
+    replaced in devpi-server 4.2.0.
+  - Removed support for basic authorization in primary URL. The
+    connection is already secured by a bearer token header.
+  - Removed the experimental ``--replica-cert`` option. The replica is
+    already using a token via a shared secret, so this is redundant.
+  - Removed ``--replica-max-retries`` option. It wasn't implemented
+    for async_httpget and didn't work correctly when streaming data.
+  ## Features
+  - Use httpx for all data fetching for mirrors and fetch projects
+    list asynchronously to allow update in background even after a
+    timeout.
+  - Use httpx instead of requests when proxying from replicas to
+    primary.
+  - Use httpx for all requests from replicas to primary.
+  - Use httpx when pushing releases to external index.
+  - Added ``mirror_ignore_serial_header`` mirror index option, which
+    allows switching from PyPI to a mirror without serials header when
+    set to ``True``, otherwise only stale links will be served and no
+    updates be stored.
+  - The HTTP cache information for mirrored projects is persisted and
+    re-used on server restarts.
+  - Added ``--file-replication-skip-indexes`` option to skip file
+    replication for ``all``, by index type (i.e. ``mirror``) or index
+    name (i.e. ``root/pypi``).
+  ## Bug Fixes
+  - Correctly handle lists for ``Provides-Extra`` and ``License-File``
+    metadata in database.
+  - Fix traceback by returning 401 error code when using wrong
+    password with a user that was created using an authentication
+    plugin like devpi-ldap which passes authentication through in that
+    case.
+  - Fix #1053: allow users to update their passwords when
+    ``--restrict-modify`` is used.
+  - Fix #1097: return 404 when trying to POST to +simple.
+  ## Other Changes
+  - Changed User-Agent when fetching data for mirrors from just
+    "server" to "devpi-server".
+
+- 6.16.0 (2025-06-25)
+  ## Deprecations and Removals
+  - Dropped support for Python 3.7 and 3.8.
+  ## Features
+  - Update stored package metadata fields to version 2.4 for license
+    expressions (PEP 639).
+  ## Bug Fixes
+  - Preserve hash when importing mirror data to prevent unnecessary
+    updates later on.
+  - Keep original metadata_version in database.
+
+- 6.15.0 (2025-05-18)
+  ## Features
+  - Add ``--connection-limit`` option to devpi-server passed on to
+    waitress.
+
+- 6.14.0 (2024-10-16)
+  ## Features
+  - Allow pushing of versions which only have documentation and no
+    releases.
+  - Allow pushing of release files only with no documentation.
+    Requires devpi-client 7.2.0.
+  - Allow pushing of documentation only with no release files.
+    Requires devpi-client 7.2.0.
+  ## Bug Fixes
+  - No longer automatically "register" a project when pushing releases
+    to PyPI. The reply changed from HTTP status 410 to 400 breaking
+    the upload. With devpi-client 7.2.0 there is a
+    ``--register-project`` option if it is still required for some
+    other package registry.
+
+- 6.13.0 (2024-09-19)
+  ## Deprecations and Removals
+  - Remove/Deprecate "master" related terminology in favor of "primary".
+    Usage related changes are the switch to ``--primary-url`` instead
+    of ``--master-url`` and ``--role=primary`` instead of
+    ``--role=master``. Using the old terms will now output warnings.
+    The ``+status`` API has additional fields and the ``role`` field
+    content will change with 7.0.0.
+  ## Features
+  - Enable logging command line options for all commands.
+  - Added support uv pip as an installer.
+  ## Bug Fixes
+  - Don't report on lagging event processing while replicating.
+  - Report primary serial correctly with streaming replication.
+  - Don't store file data in memory when fetching a release while
+    pushing from a mirror.
+  - Only warn about replica not being in sync instead of fatal status
+    while still replicating.
+
+- 6.12.1 (2024-07-24)
+  ## Bug Fixes
+  - Support Python 3.13 by depending on legacy-cgi.
+  - Preserve query string when proxying requests from replica to
+    primary. This fixes force removal on non-volatile indexes and
+    probably other bugs.
+  - Fix #1044: Correctly update cache expiry time when mirrored server
+    returns 304 Not Modified.
+
+- 6.12.0 (2024-06-25)
+  ## Features
+  - Added ``devpiserver_on_toxresult_store`` hook to allow blocking or
+    skipping a toxresult upload on more specific conditions as
+    ``acl_toxresult_upload`` would allow.
+  - Added ``devpiserver_on_toxresult_upload_forbidden`` hook to allow
+    returning a custom message and result (403 or 200).
+  ## Bug Fixes
+  - Return json data if toxresult upload is forbidden.
+
+-------------------------------------------------------------------

Old:
----
  devpi_server-6.11.0.tar.gz

New:
----
  devpi_server-6.18.0.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-devpi-server.spec ++++++
--- /var/tmp/diff_new_pack.LnH1XS/_old  2026-02-04 21:10:44.568272989 +0100
+++ /var/tmp/diff_new_pack.LnH1XS/_new  2026-02-04 21:10:44.568272989 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package python-devpi-server
 #
-# Copyright (c) 2025 SUSE LLC and contributors
+# Copyright (c) 2026 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,11 +16,17 @@
 #
 
 
+%if 0%{?suse_version} > 1500
+%bcond_without libalternatives
+%else
+%bcond_with libalternatives
+%endif
+
 %define commands export fsck gen-config import init passwd server gen-secret
 
 %{?sle15_python_module_pythons}
 Name:           python-devpi-server
-Version:        6.11.0
+Version:        6.18.0
 Release:        0
 Summary:        Private PyPI caching server
 License:        MIT
@@ -32,7 +38,6 @@
 BuildRequires:  %{python_module wheel}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
-Requires:       python-aiohttp
 Requires:       python-argon2-cffi >= 16.2
 Requires:       python-attrs
 Requires:       python-defusedxml
@@ -50,8 +55,13 @@
 Requires:       python-ruamel.yaml >= 0.15.94
 Requires:       python-strictyaml
 Requires:       python-waitress >= 1.0.1
+%if %{with libalternatives}
+Requires:       alts
+BuildRequires:  alts
+%else
 Requires(post): update-alternatives
 Requires(postun): update-alternatives
+%endif
 # nginx tests failing when not skipped, likely due to rpmbuild environment
 Suggests:       nginx
 Suggests:       python-WebTest
@@ -60,7 +70,6 @@
 BuildArch:      noarch
 # SECTION test requirements
 BuildRequires:  %{python_module WebTest}
-BuildRequires:  %{python_module aiohttp}
 BuildRequires:  %{python_module argon2-cffi >= 16.2}
 BuildRequires:  %{python_module attrs}
 BuildRequires:  %{python_module beautifulsoup4}
@@ -89,7 +98,6 @@
 
 %prep
 %setup -q -n devpi_server-%{version}
-sed -i "s/ruamel.yaml<=[^']*,/ruamel.yaml/g" setup.py
 sed -i "s/--flake8//" tox.ini
 
 %build
@@ -117,6 +125,12 @@
 $python -m pytest --ignore test_devpi_server -k "not ($donttest)" 
%{buildroot}%{$python_sitelib}/test_devpi_server
 }
 
+%pre
+# removing old update-alternatives entries
+for c in %{commands}; do
+%python_libalternatives_reset_alternative devpi-$c
+done
+
 %post
 for c in %{commands}; do
   %python_install_alternative devpi-$c

++++++ devpi_server-6.11.0.tar.gz -> devpi_server-6.18.0.tar.gz ++++++
++++ 24271 lines of diff (skipped)

Reply via email to