Next | Query returned 64 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2023-11-07 23:38:10 by Thomas Klausner | Files touched by this commit (112)
Log message:
*: latest py-sphinx only support Python 3.9+
   2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247)
Log message:
*: recursive bump for Python 3.11 as new default
   2023-06-18 07:39:38 by Adam Ciarcinski | Files touched by this commit (20)
Log message:
py-ZopeInterface: moved to py-zope.interface
   2022-11-28 20:07:30 by Nia Alarie | Files touched by this commit (3)
Log message:
Convert several packages to using versioned_depends for py-cryptography.

Somehow this has been hanging around in my tree for months.
   2022-10-03 18:40:22 by Greg Troxel | Files touched by this commit (3) | Package updated
Log message:
filesystems/tahoe-lafs: Update to 1.18.0

packaging changes: Drop explanation about python 2.7 being supported
by upstream and $MAINTAINER not wanting to deal with dependencies.

Upstream NEWS:

Release 1.18.0 (2022-10-02)
'''''''''''''''''''''''''''

Backwards Incompatible Changes
------------------------------

- Python 3.6 is no longer supported, as it has reached end-of-life and is no \ 
longer receiving security updates. (`#3865 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3865>`_)
- Python 3.7 or later is now required; Python 2 is no longer supported. (`#3873 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3873>`_)
- Share corruption reports stored on disk are now always encoded in UTF-8. \ 
(`#3879 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3879>`_)
- Record both the PID and the process creation-time:

  a new kind of pidfile in `running.process` records both
  the PID and the creation-time of the process. This facilitates
  automatic discovery of a "stale" pidfile that points to a
  currently-running process. If the recorded creation-time matches
  the creation-time of the running process, then it is a still-running
  `tahoe run` process. Otherwise, the file is stale.

  The `twistd.pid` file is no longer present. (`#3926 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3926>`_)

Features
--------

- The implementation of SDMF and MDMF (mutables) now requires RSA keys to be \ 
exactly 2048 bits, aligning them with the specification.

  Some code existed to allow tests to shorten this and it's
  conceptually possible a modified client produced mutables
  with different key-sizes. However, the spec says that they
  must be 2048 bits. If you happen to have a capability with
  a key-size different from 2048 you may use 1.17.1 or earlier
  to read the content. (`#3828 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3828>`_)
- "make" based release automation (`#3846 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3846>`_)
   2022-06-30 13:19:02 by Nia Alarie | Files touched by this commit (524)
Log message:
*: Revbump packages that use Python at runtime without a PKGNAME prefix
   2022-06-16 00:31:44 by Greg Troxel | Files touched by this commit (3)
Log message:
filesystems/tahoe-lafs: Update to 1.17.1

Upstream NEWS, omitting bugfixes and minor improvements:

Release 1.17.0 (2021-12-06)
'''''''''''''''''''''''''''

Security-related Changes
------------------------

- The introducer server no longer writes the sensitive introducer fURL value to \ 
its log at startup time.  Instead it writes the well-known path of the file from \ 
which this value can be read. (`#3819 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3819>`_)
- The storage protocol operation ``readv`` now safely rejects attempts to read \ 
negative lengths.
  Previously these read requests were satisfied with the complete contents of \ 
the share file (including trailing metadata) starting from the specified offset. \ 
(`#3822 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3822>`_)
- The storage server implementation no longer records corruption advisories \ 
about storage indexes for which it holds no shares. (`#3824 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3824>`_)
- The lease-checker now uses JSON instead of pickle to serialize its state.

  tahoe will now refuse to run until you either delete all pickle files or
  migrate them using the new command::

      tahoe admin migrate-crawler

  This will migrate all crawler-related pickle files. (`#3825 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3825>`_)
- The SFTP server no longer accepts password-based credentials for authentication.
  Public/private key-based credentials are now the only supported authentication \ 
type.
  This removes plaintext password storage from the SFTP credentials file.
  It also removes a possible timing side-channel vulnerability which might have \ 
allowed attackers to discover an account's plaintext password. (`#3827 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3827>`_)
- The storage server now keeps hashes of lease renew and cancel secrets for \ 
immutable share files instead of keeping the original secrets. (`#3839 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3839>`_)
- The storage server now keeps hashes of lease renew and cancel secrets for \ 
mutable share files instead of keeping the original secrets. (`#3841 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3841>`_)

Features
--------

- Tahoe-LAFS releases now have just a .tar.gz source release and a (universal) \ 
wheel (`#3735 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3735>`_)
- tahoe-lafs now provides its statistics also in OpenMetrics format (for \ 
Prometheus et. al.) at `/statistics?t=openmetrics`. (`#3786 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3786>`_)
- If uploading an immutable hasn't had a write for 30 minutes, the storage \ 
server will abort the upload. (`#3807 \ 
<https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3807>`_)

Removed Features
----------------

- The little-used "control port" has been removed from all node types. \ 
(`#3814 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3814>`_)
   2022-01-05 16:41:32 by Thomas Klausner | Files touched by this commit (289)
Log message:
python: egg.mk: add USE_PKG_RESOURCES flag

This flag should be set for packages that import pkg_resources
and thus need setuptools after the build step.

Set this flag for packages that need it and bump PKGREVISION.
   2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595)
Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS
   2021-10-26 12:25:31 by Nia Alarie | Files touched by this commit (47)
Log message:
filesystems: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Next | Query returned 64 messages, browsing 1 to 10 | Previous