pulp-python 3.28.2__tar.gz → 3.30.0__tar.gz

{pulp_python-3.28.2 → pulp_python-3.30.0}/CHANGES.md

@@ -8,6 +8,35 @@
 
 [//]: # (towncrier release notes start)
 
+## 3.30.0 (2026-05-13) {: #3.30.0 }
+
+#### Features {: #3.30.0-feature }
+
+- Added filtering by `name`, `version`, and `filename` to the blocklist entries API endpoint.
+  [#1229](https://github.com/pulp/pulp_python/issues/1229)
+
+#### Deprecations and Removals {: #3.30.0-removal }
+
+- Deprecated the `repair-python-metadata` management command in favor of the repository `repair_metadata` task.
+  [#1207](https://github.com/pulp/pulp_python/issues/1207)
+
+---
+
+## 3.29.0 (2026-04-17) {: #3.29.0 }
+
+#### Features {: #3.29.0-feature }
+
+- Added repository-specific package blocklist.
+  [#1166](https://github.com/pulp/pulp_python/issues/1166)
+
+#### Bugfixes {: #3.29.0-bugfix }
+
+- Fixed "Worker has gone missing" errors during repair_metadata on large repositories (1000+ packages) by reducing peak memory consumption.
+  [#1188](https://github.com/pulp/pulp_python/issues/1188)
+- Support "atomic" replications in pulpcore 3.107
+
+---
+
 ## 3.28.2 (2026-04-14) {: #3.28.2 }
 
 #### Bugfixes {: #3.28.2-bugfix }
@@ -42,6 +71,23 @@
 
 ---
 
+## 3.27.2 (2026-04-14) {: #3.27.2 }
+
+#### Bugfixes {: #3.27.2-bugfix }
+
+- Fixed "Worker has gone missing" errors during repair_metadata on large repositories (1000+ packages) by reducing peak memory consumption.
+  [#1188](https://github.com/pulp/pulp_python/issues/1188)
+
+---
+
+## 3.27.1 (2026-04-01) {: #3.27.1 }
+
+#### Bugfixes {: #3.27.1-bugfix }
+
+- Support "atomic" replications in pulpcore 3.107
+
+---
+
 ## 3.27.0 (2026-03-17) {: #3.27.0 }
 
 #### Bugfixes {: #3.27.0-bugfix }
@@ -243,6 +289,23 @@
 
 ---
 
+## 3.19.3 (2026-05-04) {: #3.19.3 }
+
+#### Bugfixes {: #3.19.3-bugfix }
+
+- Fixed pull-through caching not checking the repository if package was not present on remote.
+  [#1004](https://github.com/pulp/pulp_python/issues/1004)
+- Fixed pull-through caching failing for packages with bad names.
+  [#1040](https://github.com/pulp/pulp_python/issues/1040)
+
+---
+
+## 3.19.2 (2026-04-28) {: #3.19.2 }
+
+No significant changes.
+
+---
+
 ## 3.19.1 (2025-09-14) {: #3.19.1 }
 
 #### Bugfixes {: #3.19.1-bugfix }
@@ -349,6 +412,14 @@
 
 ---
 
+## 3.13.6 (2026-04-01) {: #3.13.6 }
+
+#### Bugfixes {: #3.13.6-bugfix }
+
+- Support "atomic" replications in pulpcore 3.107
+
+---
+
 ## 3.13.5 (2025-04-23) {: #3.13.5 }
 
 No significant changes.
@@ -415,6 +486,14 @@ No significant changes.
 
 ---
 
+## 3.12.9 (2026-04-01) {: #3.12.9 }
+
+#### Bugfixes {: #3.12.9-bugfix }
+
+- Support "atomic" replications in pulpcore 3.107
+
+---
+
 ## 3.12.8 (2025-11-18) {: #3.12.8 }
 
 No significant changes.
@@ -507,6 +586,12 @@ No significant changes.
 
 ---
 
+## 3.11.8 (2026-04-21) {: #3.11.8 }
+
+No significant changes.
+
+---
+
 ## 3.11.7 (2025-11-18) {: #3.11.7 }
 
 No significant changes.

{pulp_python-3.28.2 → pulp_python-3.30.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pulp-python
-Version: 3.28.2
+Version: 3.30.0
 Summary: pulp-python plugin for the Pulp Project
 Author-email: Pulp Team <pulp-list@redhat.com>
 Project-URL: Homepage, https://pulpproject.org

{pulp_python-3.28.2 → pulp_python-3.30.0}/pulp_python/app/__init__.py

@@ -1,6 +1,8 @@
+from gettext import gettext as _
+
 from django.db.models.signals import post_migrate
+
 from pulpcore.plugin import PulpPluginAppConfig
-from gettext import gettext as _
 
 
 class PulpPythonPluginAppConfig(PulpPluginAppConfig):
@@ -10,7 +12,7 @@ class PulpPythonPluginAppConfig(PulpPluginAppConfig):
 
     name = "pulp_python.app"
     label = "python"
-    version = "3.28.2"
+    version = "3.30.0"
     python_package_name = "pulp-python"
     domain_compatible = True
 
@@ -26,7 +28,7 @@ class PulpPythonPluginAppConfig(PulpPluginAppConfig):
 
 # TODO: Remove this when https://github.com/pulp/pulpcore/issues/5500 is resolved
 def _populate_pypi_access_policies(sender, apps, verbosity, **kwargs):
-    from pulp_python.app.pypi.views import PyPIView, SimpleView, UploadView, MetadataView
+    from pulp_python.app.pypi.views import MetadataView, PyPIView, SimpleView, UploadView
 
     try:
         AccessPolicy = apps.get_model("core", "AccessPolicy")

{pulp_python-3.28.2 → pulp_python-3.30.0}/pulp_python/app/management/commands/repair-python-metadata.py

@@ -1,11 +1,12 @@
-import re
 import os
-from django.core.management import BaseCommand, CommandError
+import re
 from gettext import gettext as _
 
 from django.conf import settings
+from django.core.management import BaseCommand, CommandError
 
 from pulpcore.plugin.util import extract_pk
+
 from pulp_python.app.models import PythonPackageContent, PythonRepository
 from pulp_python.app.utils import artifact_to_python_content_data
 
@@ -78,7 +79,10 @@ class Command(BaseCommand):
     Management command to repair metadata of PythonPackageContent.
     """
 
-    help = _("Repair the metadata of PythonPackageContent stored in PythonRepositories")
+    help = _(
+        "[Deprecated] Use the repository `repair_metadata` task instead. "
+        "Repair the metadata of PythonPackageContent stored in PythonRepositories."
+    )
 
     def add_arguments(self, parser):
         """Set up arguments."""

pulp_python-3.30.0/pulp_python/app/migrations/0022_pythonblocklistentry.py

@@ -0,0 +1,48 @@
+# Generated by Django 5.2.10 on 2026-04-16 14:00
+
+import django.db.models.deletion
+import django_lifecycle.mixins
+import pulpcore.app.models.base
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("python", "0021_pythonrepository_upload_duplicate_filenames"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="PythonBlocklistEntry",
+            fields=[
+                (
+                    "pulp_id",
+                    models.UUIDField(
+                        default=pulpcore.app.models.base.pulp_uuid,
+                        editable=False,
+                        primary_key=True,
+                        serialize=False,
+                    ),
+                ),
+                ("pulp_created", models.DateTimeField(auto_now_add=True)),
+                ("pulp_last_updated", models.DateTimeField(auto_now=True, null=True)),
+                ("name", models.TextField(default=None, null=True)),
+                ("version", models.TextField(default=None, null=True)),
+                ("filename", models.TextField(default=None, null=True)),
+                ("added_by", models.TextField(default="")),
+                (
+                    "repository",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="blocklist_entries",
+                        to="python.pythonrepository",
+                    ),
+                ),
+            ],
+            options={
+                "default_related_name": "%(app_label)s_%(model_name)s",
+            },
+            bases=(django_lifecycle.mixins.LifecycleModelMixin, models.Model),
+        ),
+    ]

{pulp_python-3.28.2 → pulp_python-3.30.0}/pulp_python/app/modelresource.py

@@ -1,6 +1,7 @@
 from pulpcore.plugin.importexport import BaseContentResource
 from pulpcore.plugin.modelresources import RepositoryResource
 from pulpcore.plugin.util import get_domain
+
 from pulp_python.app.models import (
     PythonPackageContent,
     PythonRepository,

{pulp_python-3.28.2 → pulp_python-3.30.0}/pulp_python/app/models.py

@@ -1,43 +1,45 @@
 import hashlib
 import json
 from logging import getLogger
+from pathlib import PurePath
 
 from aiohttp.web import json_response
+from django.conf import settings
 from django.contrib.postgres.fields import ArrayField
 from django.core.exceptions import ObjectDoesNotExist
 from django.db import models
-from django.conf import settings
 from django_lifecycle import (
     BEFORE_SAVE,
     hook,
 )
 from rest_framework.serializers import ValidationError
+
 from pulpcore.plugin.models import (
     AutoAddObjPermsMixin,
+    BaseModel,
     Content,
-    Publication,
     Distribution,
+    Publication,
     Remote,
     Repository,
 )
+from pulpcore.plugin.repo_version_utils import (
+    collect_duplicates,
+    remove_duplicates,
+    validate_repo_version,
+)
 from pulpcore.plugin.responses import ArtifactResponse
+from pulpcore.plugin.util import get_domain, get_domain_pk
 
-from pathlib import PurePath
 from .provenance import Provenance
 from .utils import (
-    artifact_to_python_content_data,
+    PYPI_LAST_SERIAL,
+    PYPI_SERIAL_CONSTANT,
     artifact_to_metadata_artifact,
+    artifact_to_python_content_data,
     canonicalize_name,
     python_content_to_json,
-    PYPI_LAST_SERIAL,
-    PYPI_SERIAL_CONSTANT,
-)
-from pulpcore.plugin.repo_version_utils import (
-    collect_duplicates,
-    remove_duplicates,
-    validate_repo_version,
 )
-from pulpcore.plugin.util import get_domain_pk, get_domain
 
 log = getLogger(__name__)
 
@@ -399,9 +401,12 @@ class PythonRepository(Repository, AutoAddObjPermsMixin):
 
         When allow_package_substitution is False, reject any new version that would implicitly
         replace existing content with different checksums (content substitution).
+
+        Also checks newly added content against the repository's blocklist entries.
         """
         if not self.allow_package_substitution:
             self._check_for_package_substitution(new_version)
+        self._check_blocklist(new_version)
         remove_duplicates(new_version)
         validate_repo_version(new_version)
 
@@ -418,3 +423,64 @@ class PythonRepository(Repository, AutoAddObjPermsMixin):
                 "To allow this, set 'allow_package_substitution' to True on the repository. "
                 f"Conflicting packages: {duplicates}"
             )
+
+    def _check_blocklist(self, new_version):
+        """
+        Check newly added content in a repository version against the blocklist.
+        """
+        added_content = PythonPackageContent.objects.filter(
+            pk__in=new_version.added().values_list("pk", flat=True)
+        ).only("filename", "name_normalized", "version")
+        if added_content.exists():
+            self.check_blocklist_for_packages(added_content)
+
+    def check_blocklist_for_packages(self, packages):
+        """
+        Raise a ValidationError if any of the given packages match a blocklist entry.
+        """
+        entries = PythonBlocklistEntry.objects.filter(repository=self)
+        if not entries.exists():
+            return
+
+        blocked = []
+        for pkg in packages:
+            for entry in entries:
+                if entry.filename and entry.filename == pkg.filename:
+                    blocked.append(pkg.filename)
+                    break
+                if entry.name == pkg.name_normalized:
+                    if not entry.version or entry.version == pkg.version:
+                        blocked.append(pkg.filename)
+                        break
+        if blocked:
+            raise ValidationError(
+                "Blocklisted packages cannot be added to this repository: {}".format(
+                    ", ".join(blocked)
+                )
+            )
+
+
+class PythonBlocklistEntry(BaseModel):
+    """
+    An entry in a PythonRepository's package blocklist.
+
+    Blocklist entries prevent packages from being added to the repository.
+    Entries can match by package `name` (all versions), package `name` + `version`,
+    or exact `filename`. Exactly one of `name` or `filename` must be provided.
+    """
+
+    name = models.TextField(null=True, default=None)
+    version = models.TextField(null=True, default=None)
+    filename = models.TextField(null=True, default=None)
+    added_by = models.TextField(default="")
+    repository = models.ForeignKey(
+        PythonRepository, on_delete=models.CASCADE, related_name="blocklist_entries"
+    )
+
+    def __str__(self):
+        if self.filename:
+            return f"<{self._meta.object_name}: {self.filename}>"
+        return f"<{self._meta.object_name}: {self.name} [{self.version or 'all'}]>"
+
+    class Meta:
+        default_related_name = "%(app_label)s_%(model_name)s"

{pulp_python-3.28.2 → pulp_python-3.30.0}/pulp_python/app/pypi/serializers.py

@@ -1,13 +1,15 @@
 import logging
 from gettext import gettext as _
 
-from rest_framework import serializers
+from django.db.utils import IntegrityError
 from pydantic import TypeAdapter, ValidationError
-from pulp_python.app.provenance import Attestation
-from pulp_python.app.utils import DIST_EXTENSIONS, SUPPORTED_METADATA_VERSIONS
+from rest_framework import serializers
+
 from pulpcore.plugin.models import Artifact
 from pulpcore.plugin.util import get_domain
-from django.db.utils import IntegrityError
+
+from pulp_python.app.provenance import Attestation
+from pulp_python.app.utils import DIST_EXTENSIONS, SUPPORTED_METADATA_VERSIONS
 
 log = logging.getLogger(__name__)
 
@@ -110,7 +112,7 @@ class PackageUploadSerializer(serializers.Serializer):
                 attestations = TypeAdapter(list[Attestation]).validate_python(attestations)
             except ValidationError as e:
                 raise serializers.ValidationError(
-                    {"attestations": _("The uploaded attestations are not valid: {}".format(e))}
+                    {"attestations": _("The uploaded attestations are not valid: {}").format(e)}
                 )
 
         sha256 = data.get("sha256_digest")

{pulp_python-3.28.2 → pulp_python-3.30.0}/pulp_python/app/pypi/views.py

@@ -1,60 +1,59 @@
 import logging
-
-from rest_framework.viewsets import ViewSet
-from rest_framework.renderers import BrowsableAPIRenderer, JSONRenderer, TemplateHTMLRenderer
-from rest_framework.response import Response
-from rest_framework.exceptions import NotAcceptable
-from django.core.exceptions import ObjectDoesNotExist
-from django.shortcuts import redirect
-from datetime import datetime, timezone, timedelta
+from datetime import datetime, timedelta, timezone
+from itertools import chain
+from pathlib import PurePath
+from urllib.parse import urljoin, urlparse, urlunsplit
 
 from django.contrib.sessions.models import Session
+from django.core.exceptions import ObjectDoesNotExist
 from django.db import transaction
 from django.db.utils import DatabaseError
 from django.http.response import (
     Http404,
-    HttpResponseNotFound,
-    HttpResponseForbidden,
+    HttpResponse,
     HttpResponseBadRequest,
+    HttpResponseForbidden,
+    HttpResponseNotFound,
     StreamingHttpResponse,
-    HttpResponse,
 )
+from django.shortcuts import redirect
 from drf_spectacular.utils import extend_schema
 from dynaconf import settings
-from itertools import chain
 from packaging.utils import canonicalize_name
-from urllib.parse import urljoin, urlparse, urlunsplit
-from pathlib import PurePath
+from rest_framework.exceptions import NotAcceptable
+from rest_framework.renderers import BrowsableAPIRenderer, JSONRenderer, TemplateHTMLRenderer
+from rest_framework.response import Response
+from rest_framework.viewsets import ViewSet
 
-from pulpcore.plugin.viewsets import OperationPostponedResponse
 from pulpcore.plugin.tasking import dispatch
 from pulpcore.plugin.util import get_domain, get_url
+from pulpcore.plugin.viewsets import OperationPostponedResponse
+
+from pulp_python.app import tasks
 from pulp_python.app.models import (
+    PackageProvenance,
     PythonDistribution,
     PythonPackageContent,
     PythonPublication,
-    PackageProvenance,
 )
 from pulp_python.app.pypi.serializers import (
-    SummarySerializer,
     PackageMetadataSerializer,
     PackageUploadSerializer,
     PackageUploadTaskSerializer,
+    SummarySerializer,
 )
 from pulp_python.app.utils import (
-    write_simple_index,
-    write_simple_index_json,
-    write_simple_detail,
-    write_simple_detail_json,
-    python_content_to_json,
     PYPI_LAST_SERIAL,
     PYPI_SERIAL_CONSTANT,
     get_remote_package_filter,
     get_remote_simple_page,
+    python_content_to_json,
+    write_simple_detail,
+    write_simple_detail_json,
+    write_simple_index,
+    write_simple_index_json,
 )
 
-from pulp_python.app import tasks
-
 log = logging.getLogger(__name__)
 
 ORIGIN_HOST = settings.CONTENT_ORIGIN if settings.CONTENT_ORIGIN else settings.PYPI_API_HOSTNAME

{pulp_python-3.28.2 → pulp_python-3.30.0}/pulp_python/app/replica.py

@@ -1,10 +1,11 @@
-from pulpcore.plugin.replica import Replicator
-
 from pulp_glue.python.context import (
     PulpPythonDistributionContext,
     PulpPythonPublicationContext,
     PulpPythonRepositoryContext,
 )
+
+from pulpcore.plugin.replica import Replicator
+
 from pulp_python.app.models import PythonDistribution, PythonRemote, PythonRepository
 from pulp_python.app.tasks import sync as python_sync