- Add arbitrary configuration option for S3 Storage Backend Boto3 calls (PR #1697)
- Add pytest marker to allow skipping of S3 tests (PR #1766)
- Added HTTPS support in Docker Compose + Enabled bind-mount volume for Nginx config + add documentation in README.md (PR #1653)
- Initial support for python 3.12 (PR #1728)
- Move Docker images to 3.12 (PR #1733)
- Removing swift builds due to lack or assistance - Happy to bring back if you're willing to help maintian
- Move black, mypy + pyupgrade to >= 3.11 codebase (PR #1734)
- Allow non-HTTPS-enabled mirrors (PR #1765)
- Correct example config (PR #1807)
- Updated documentation for
[mirror]
configuration optionsPR #1669
- Updated documentation
PR #1760
- Fix config file value interpolation for the
diff-file
optionPR #1715
- Fix diff-file being created when the option wasn't set
PR #1716
- Provide default values for most config options in the
[mirror]
sectionPR #1740
- Fix command execution by
runner.py
-PR #1753
- Move from pkg_resources to importlib_metadata for filter entry point usage (PR #1739)
- Add option to filter releases based on upload time
PR #1594
project_requirements_pinned
with a pinned version (range) disables additional release filter for this packagePR #1601
- Add command configuration for bandersnatch in Docker Compose, including 'mirror' default, 'verify' and 'once' options, improve documentation for docker compose, and added "Removing the Repository" section in Docker Compose README with a link in the main README.
PR #1645
- Move JSON Simple API to version 1.1 (as per PEP700)
PR #1557
- Move to >= 3.10 project
PR #1457
- Support
py2
+py3
bdist file name filteringPR #1495
- Fix digest used for file hashes in PEP 691 simple JSON file output
PR #1442
- The
digest_name
setting from configuration (default value:sha256
) will now be used for both HTML and JSON files. - This mirrors pypi.org ("Warehouse") behavior
- Please use
bandersnatch mirror --force-check
to regenerate all your mirror's simple APIbandersnatch sync
could also be a way to update important packages faster too
- The
- Add scandir() as Storage plugin API to speedup large directory read when generating global index
PR #1340
- Declare support for Python 3.11
PR #1338
- Move Docker to build in 3.11
PR #1341
- Add "--force-check" parameter to runner.py
PR #1347
- Fixed read of requirement files with non UTF-8 encoding - compatible with pip
PR #1387
- Type checking fixed to pass mypy > 1.0.0
- Don't attempt docker on forks
PR #1336
- This will be the last python 3.8 and 3.9 tested version. Going to plan to be >= 3.10
- Add a
packages
config under[filter_prerelease]
for prerelease filter to filter only specified packages.PR #1328
- Dropped LegacyVersion support for latest_name plugin
PR #1315
- No longer issue PURGE requests on StalePage exceptions as PyPI now requires authentication
PR #1335
- Format with black
--preview
stylePR #1313
- I contribute to black and want to help find bugs ...
- Fixed JSON only mirroring adding correct path to diff_file_list
PR #1248
- Fixed requirements file parsing when it contains pip options
PR #1231
- Added the possibility to limit the time range in which the docker image runner can execute the bandersnatch mirroring activity.
This can be done by providing an optional command line argument with like
--hours-range 23-7
where the interval is expressed as<start_hour>-<end_hour>
.PR #1232
- Add support for globbing in the allowed requirements list.
User can specify
requirements*.txt
or*.txt
to merge multiple requirements filesPR #1230
- Add PEP691 simple index support
PR #1154
- Add example nginx serving for PEP 691
PR #1161
- Add delete and verify support in s3 (and maybe swift) storage backend
PR #1142
- Add
--skip-simple-root
option forbandersnatch sync
commandPR #1145
- Replace pyup with dependabot
- Resulted in lots of depdendencies updating
- Docs typo fixes
- Add PEP 629 header to Simple API HTML
PR #1122
- Added support to exclude specific Python minor versions
PR #1110
- Thanks davidkim83 - Add S3 Docker Image building
PR #1092
- Got Swift usage documentation
- Move Docker containers to Python 3.10
PR #1092
- Python 3.10 is now supported
PR #1073
- Thanks isidentical - Move minio docker image running to official image
- Fix debug output for package changes at end of mirror operation
PR #1066
- Thanks forky2
- Update lots of dependency version pins
- Fix documentation build CI
- Add support of downloading packages from alternative mirror
PR #928
-- Thanks happyaron - Add support of s3 storage
PR #886
-- Thanks LeoQuote
- Add bandersnatch command line help to the documentation main page
PR #920
- Thanks ichard26 - Generate data-yanked tag in simple page
PR #931
- Thanks happyaron - Protect repository metadata from being trashed when disk is full
PR #962
- Thanks happyaron - Fix tox to used pinned requirements*.txt files for deps -
PR #1011
- Thanks cooperlees
- Add Storage Options documentation
PR #1006
- Thanks cooperlees - Update all dependencies to latest except pyparsing + docutils
- Change pyup to run monthly + auto add skip_news
PR #1043
- Thanks cooperlees
- bandersnatch is now a >= 3.8 Python project
- New size_project_metadata filter plugin, which can deny download of projects larger than defined threshold -
PR #806
- Add option to compare file size and upload time instead of sha256sum for downloading -
PR #822
- Add optional uvloop support -
PR #891
- Thanks cooperlees - Move to official docker upload action w/arm64 images uploaded -
PR #896
- Thanks cooperlees
- blacklist/whitelist will no longer work in bandersnatch configuration -
PR #897
- Thanks cooperlees- Please use allowlist/denylist respectively
- Unused storage plugins are loaded and cause non-fatal errors if dependencies are missing -
PR #799
- Thanks electricworry - Replaced usages of
asynctest
withunittest.mock
in tests -PR #807
andPR #856
- Thanks ichard26 - Remove debugging line that loads entire files into memory. -
PR #858
- Thanks asrp - Removed terrible isinstance check of unittest.Mock in mirror.py -
PR #859
- Thanks ichard26 - Put potential time consuming IO operations into executor -
PR #877
- Migrated Markdown documentation from recommonmark to MyST-Parser + docs config clean up -
PR #879
- Thanks ichard26 - Use
shutil.move()
for temp file management -PR #883
- Thanks happyaron - Fixed logging bug in
SizeProjectMetadataFilter
to show it activated -PR #889
- Thanks cooperlees - Attempt to wrap all potentially block calls in a ThreadPoolExecutor -
PR #894
- Thanks cooperlees
- Build a swift and non swift docker image -
PR #754
- Split Docker Build to accept build args to optionally include swift support -
PR #741
- Thanks nlaurance-pyie - Slimmer docker image -
PR #738
- Thanks nlaurance-pyie - Renamed black/white to block/allow lists -
PR #737
- Thanks nlaurance-pyie - packages allowlist can be defined from requirements like files -
PR #739
- Thanks nlaurance-pyie - Simplify logging around filters -
PR #678
- Thanks @dalley
- Handling of timeouts that can occur in verify. -
PR #785
- Thanks electricworry - Added retry logic on timeouts when fetching metadata -
PR #773
- Thanks gerrod3 - Fix links, improve docs CI, and improve external object linking -
PR #776
- Thanks ichard26 - Handle 404 status for json verify -
PR #763
- Thanks electricworry - Clean up isort config after upgrade to 5+ -
PR #767
- Thanks ichard26 - Remove duplicate max() target serial finding code + update typing -
PR #745
- swift.py: use BaseFileLock's lock_file property -
PR #699
- Thanks hauntsaninja - Move to latest isort + mypy fixes -
PR #706
- Update change log url in project metadata -
PR #673
- Thanks @abn
- Add SOCKS proxy support to aiohttp via aiohttp-socks -
PR #668
- Add support for skipping mirroring release files (metadata only) -
PR #670
- Thanks @abn
- Move GitHub actions to v2 tags -
PR #666
- Thanks @ryuichi1208
Thanks to RedHat engineers @dalley + @gerrod3 for all this refactor work in PR #591
- New generic Mirror class to perform Python metadata syncing
- (previous Mirror class has been renamed to BandersnatchMirror)
- Package's filter methods are now part of its public API
- New
errors.py
file to house Bandersnatch specific errors
- Old Mirror class has been renamed to BandersnatchMirror. Performs same functionality with use of new Mirror API.
- BandersnatchMirror now performs all filesystem operations throughout the sync process including the ones previously in Package.
- Package no longer performs filesystem operations. Properties
json_file
,json_pypi_symlink
,simple_directory
and methodssave_json_metadata
,sync_release_files
,gen_data_requires_python
,generate_simple_page
,sync_simple_page
,_save_simple_page_version
,_prepare_versions_path
,_file_url_to_local_url
,_file_url_to_local_path
,download_file
have all been moved into BandersnatchMirror. Package'ssync
has been refactored into Bandersnatch'sprocess_package
. - Package class is no longer created with an instance of Mirror
- StaleMetadata exception has been moved to new errors.py file
- PackageNotFound exception has been moved to new errors.py file
- Fixed Fix latest_release plugin to ensure latest version is included -
PR #660
- Thanks @serverwentdown
- Fixed name parsing issue for allow/blocklist project filters -
PR #651
- Thanks @gerrod3
Storage abstraction refactor + Type Annotating!
- bandersnatch is now 100% type annotated -
PRs #546 #561 #592 #593
- Thanks @ichard26 + @rkm - Move to storage abstraction -
PR #445
- Thanks @techalchemy- Can now support more than just filesystem e.g. swift
- Add
sync
subcommand to force a sync on a particular PyPI package -PR #572
- Thanks @z4yx - Added new allowlist filter -
PR #626
- Thanks @gerrod3 - Make webdir/pypi/json/PKG symlinks relative -
PR #637
- Thanks @indrat- Makes mirror files more portable
- Add main and program name override to ArgumentParser -
PR #643
- Thanks @rkm- Allow non pkg_resources install to work
- Refactored the removal of releases for release_plugins to happen inside of Package
PR #608
- Thanks @gerrod3 - Minor refactor of Package class
PR #606
- Thanks @dralley - Refactored filter loading into separate class
PR #599
- Thanks @gerrod3 - Move legacy directory cleanup to mirror.py
PR #586
- Move verify to use Master for HTTP calls -
PR #555
- Move http request code for package metadata to master.py -
PRs #550
- Thanks @dralley
- Fixed allow/blocklist release filtering pre-releases -
PR #641
- Thanks @gerrod3 - Casefold (normalize per PEP503) package names in blacklist/whitelist plugins config -
PR #629
- Thanks @lepaperwan - Fix passing package info to filters in verify action.
PR #638
- Thanks @indrat - Fix todo file removal -
PR #571
- Introduce a new
global-timeout
config option for aiohttp coroutines - Default 5 hours -PR #540
- Thanks @techalchemy - Many doc fixes -
PRs #542 #551 #557 #605 #628 #630
- Thanks @pgrimaud + @ichard26 + @hugovk - Move to setting timeout only on session + 10 * total_timeout (over sock timeouts) -
PR #535
- Stop using
include_package_data
option in setup.cfg to get config files included in more installs -PR #519
- Change aiohttp-xmlrpc to use Master.session to ensure config shared -
PR #506
- Thanks @alebourdoulous for reporting- e.g. Maintin trust of proxy server environment variables
- Raise for error HTML response on all aiohttp session requests -
PR #494 / #496
- Thanks @windtail - Pass str to shutil.move due to Python bug -
PR #497
- Thanks @SanketDG - Some more type hints added to
verify.py
-PR #488
- Thanks @SanketDG - Ignore
atime
on stat in testtest_package_sync_does_not_touch_existing_local_file
comparison as it causes stat compare fail on a slower run -PR #487
- Thanks @SanketDG
- Pass correct aiohttp timeout objects -
PR #478
- Replace pkg_resources with importlib.resources -
PR #479
- Thanks @SanketDG
asyncio aiohttp refactor
- Replace requests with aiohttp -
PR #440
- Replace xmlrpc2 with aiohttp-xmlrpc -
PR #404
- Replace xmlrpc2 with aiohttp-xmlrpc -
- Only store PEP503 Normalized Simple API directories -
PR #465 + #455
- Flag errors when KeyboardInterrupt raised during sync -
PR #421
- Finish Windows Support + Add CI -
PRs #469 + #471
- Thanks @FaustinCarter - Autobuild Docker images with master -
PR #88
- Thanks @abitrolly - Only print conf deprecations if found in config -
PR #327
- Add PyPI metadata and Python version plugin filters -
PR #391
- Thanks @TemptorSent - Add in GitHub Actions CI for Linux (Ubuntu), MacOSX + Windows
- Add
delete
subcommand to delete specific PyPI Packages from mirror -PR #324
- Add support for differential file generation - Thanks @artagel -
PR #313
- Match prerelease versions with multiple digit suffixes - Thanks @indrat
- Fix keep_index_versions by removing symlinks for non normalized_legacy_simple_directory
index.htmnl -
Fixes #262
- Thanks @ipbeegle - Version plugin api + allow external plugins + move to setup.cfg -
Fixes
- Thanks @dwighthubbard - Add in support for
[plugins]
config section with deprecation warning till 4.0 - Add a Maintainers guide + Mission Statement to README.md
- Lots of doc fixes -
Fixes #217-#222
- Thanks @vinayak-mehta - Add last_serial in index.html -
Fixes #141
- Thanks @rene-d - Rewrite of FilterReleasePlugin filter function -
Fixes #196
- Thanks @rene-d
- Make plugins logs less noisy and more stateful (don't initialize multiple times) -
Fixes #134 #147 #193 #195
- Latest releases plugin always keeps current version -
Fixes #196
- Thanks @rene-d
- Add latest version and specific platform plugins -
Fixes #49
- Thanks @rene-d - Generate data-requires-python attributes in index.html -
Fixes #68
- Thanks @z4yx - Make package filtering logging less noisy when disabled -
Fixes #146
- Many pyup.io dependency upgrades
- Change plugins to be off unless explicitly enabled via configuration -
Fixes #142
- Change all path interactions to use Pathlib for more Windows support -
Addresses #23
- Add a MacOS CI Run with azure pipelines
- Move test_runner from shell to Python for Windows -
Addresses #23
- More testing improvements and refactor for verify.py
- We now have a reference Docker file + runner.py -
Fixes #113
- Many pyup.io dependency upgrades
- From 3.0.0 we've been implicitly turning on ALL plugins - This version reverses that
- Print help message when no arguments given to bandersnatch - Thanks @GreatBahram
- aiohttp >= 3.5.0 test and we no longer have
.netrc
error message
- Load default config or passed in config file only (not both) -
Fixes #95
- Thanks @GreatBahram - Add
--force-check
to mirror to enable full PyPI Syncs -Fixes #97
- Thanks @GreatBahram
- Add missing
filelock
dependency tosetup.py
Fixes #93
- Store N versions of index.html -
Fixes #9
- Thanks @yeraydiazdiaz - Add CI Integration test -
Fixes #78
- Thanks @cooperlees - Test / pin to latest dependencies via PyUP -
Fixes #70
- Thanks @cooperlees - Revert pinning versions in
setup.py
-Fixes #81
- Add Pre-release + regex filter plguins
Fixes #83
- Thanks @yeraydiazdiaz
- Fix setup.py url to point at GitHub (https://github.com/pypa/bandersnatch)
- Move to asyncio executors around request calls
Fixes #81
(on BitBucket) - Use platform.uname() to support Windows
Fixes #19
- Add bandersnatch verify subcommand to re-download + delete unneeded packages
Fixes #8
+ many follow on Issues during testing - Thanks electricworry & tau3 for testing + fixes! - Introduce much more Lint checks (black, isort, mypy) other than flake8 - Thanks @asottile
- Make tox run lint checks + print out test coverage - Thanks @cooperlees
- Add whitelist + blacklist plugins - Thanks @dwighthubbard
- Add generated documentation - Thanks @dwighthubbard
- Move to requiring Python >= 3.6.1
Fixes #66
Moved to GitHub @ PyCon US 2018 - All Fixes
now refer to GitHub issues
- Fix missed MANIFEST.in change for this file :P
Fixes #108
- Thanks @cooperlees
- Allow digest_name to be specified.
Fixes #105
- Thanks @ewdurbin ! - synchronize generated index pages with warehouse - Thanks @ewdurbin !
- Allow root_uri to be configured - Thanks @ewdurbin !
- This is how warehouse (pypi.org) will function
- Change version from using pkg_resources and set it in package init.py.
Fixes #98
. - Add ability to blacklist packages to sync via conf file.
Fixes #100
.
- Add saving of JSON metadata grabbed from pypi.facebook.com for syncing
Fixes #91
- Thanks @cooperlees- Can be disabled via config and disabled by default
- bandersnatch symlinks WEB_ROOT/pypi/PKG_NAME/json to WEB_ROOT/json/PKG_NAME
- Fix proxy usage. A bug in the usage of requests on our XMLRPC client
caused this to break. You can now set
*_proxy
environment variables and get them picked up properly.Fixes #59
. - Add a dict returned from mirror.synchronize() to show deleted and added files from the last run
- Fix sorting of releases to use filename and not url
- Tweak atomic file writes in utils.rewrite() to prefix the temporary file with the 'hidden' filename of the destination adding more support for hashed POSIX filesystems like GlusterFS. - Thanks @cooperlees
-
Move to Python 3. - Thanks @cooperlees !
Official support starts with Python 3.5 but might get away with using an earlier version of Python 3 (maybe 3.3 or so). However, we plan to start using Python 3.5 features (like asyncio) in the near future, so please be advised that running with an older version of Python 3 is not a supported option for the long term.
-
General update of our dependencies to pave the road for Python 3 support.
-
Remove residual references to the old "statistics" script that isn't in use any longer.
-
Fix return code -- we accidentally returned 1 on successful runs as debugging code was mixed in the main call.
Fixes #67
. -
Make the package-specific simple pages human-readable again.
Fixes #71
.
-
Add option to dir-hash index files. See https://bitbucket.org/pypa/bandersnatch/pull-requests/22/add-option-to-dir-hash-index-files for a lot more information. Thanks @iwienand!
-
Fix an edge case: IO errors while marking off packages as "done" could result in crashing workers that would result in bandersnatch getting stuck. Thanks @wjjt!
- Brownbag release for re-upload. My train's Wifi broke while uploading ending up with a partial file on PyPI. Can your train service do better than mine?
This is release is massively supported by @dstufft getting bandersnatch back in sync with current packaging ecosystem changes. All clap your hands now, please.
-
Refactor the generation update code to avoid weird update paths due to, well, my personal kink: 'over complication'.
-
Generate the simple index ourselves instead of copying it from PyPI.
-
Support files hosted on a separate domain.
-
Implement PEP 503 normalization rules while also providing support for legacy and very legacy clients.
- Fix a long standing, misunderstood bug: a non-deleting mirror would
delete packages if they were fully removed from PyPI.
Fixes #61
-
Don't require a X-PyPI-Last-Serial header on file downloads. (Thanks to @dstufft.)
-
Increase our generation to help mirrors recover potential setuptools corruption after some data bug on PyPI.
-
Fixes #54 by reordering the simple index page and file fetching parts. Thanks @dstufft for the inspiration.
-
Stop syncing serversig files and even start removing them.
- Create a new generation to enforce a full sync when upgrading. This is required to get the canonical names for all packages.
-
Implement canonical package directory names to support an upcoming PIP release and other tools. (Thanks to @dstufft)
-
Fix a race condition where workers could get stuck indefinitely waiting for another item in a depleted queue. (Thanks to @hongqn)
-
Delete broken tests that I forgot to remove.
-
Reduce the officially sanctioned maximum number of connections.
-
Move towards replacing the XMLRPC API with JSON to make our requests cacheable. Also reduces the amount of requests needed dramatically.
-
Remove apache stats script as this information is no longer being used anyway.
- Move to xmlrpc2 to get SSL verification on XML-RPC calls, too. (
Fixes #40
and big thanks to @ewdurbin)
- Potential performance improvement: use requests' session object to allow HTTP
pipelining. Thanks to Wouter Bolsterlee for the recommendation in
Fixes #39
.
- Made code Python 2.6 compatible. Thanks to @ewdurbin for the pull request.
-
Refactor lock acquisition to avoid shadowing exceptions when creating the lockfile vs. acquiring the lock.
-
Move from distribute back to setuptools.
- Slight brownbag release: the requirements.txt accidentally included a development version of py.test due to my usage of mr.developer.
- Fix brownbag release with broken 'stable' tag and missing requirements.txt update.
-
Generate the index simple page ourselves: its not signed anyway and helps PyPI caching more aggressively.
-
Add a py.test plugin to actually show a green bar. Hopefully will be integrated into py.test in the near future.
-
Fix dealing with inconsistent todo files: empty files or with an incorrect header will just be deleted and processing resumes at the last known good state.
-
Mark up requirement of Python 2.7
Fixes #19
-
Fix dealing with new CDN cache issues. Thanks to @dstufft for making PyPI support mirrors again.
-
Improve test coverage.
- Fix packaging: include default config file. (Thanks to Jannis Leidel)
-
Update pip install documentation to use the a URL for referring to the requirements.txt directly.
-
Adjust buildout and jenkins job to stop fighting over the distribute version to install.
- Hopefully fixed updating the stable tag when releasing.
- Experiment with zest.releaser integration to automatically generate requirements.txt during release process.
- Experiment with zest.releaser integration to automatically generate requirements.txt during release process.
- Experiment with zest.releaser integration to automatically generate requirements.txt during release process.
- Experiment with zest.releaser integration to automatically generate requirements.txt during release process.
- Initial release. Massive rewrite of pep381client.