pulp-python 3.30.2__tar.gz → 3.31.0__tar.gz

{pulp_python-3.30.2 → pulp_python-3.31.0}/CHANGES.md

@@ -8,6 +8,36 @@
 
 [//]: # (towncrier release notes start)
 
+## 3.31.0 (2026-06-09) {: #3.31.0 }
+
+#### Features {: #3.31.0-feature }
+
+- Add more Pulp Exceptions.
+
+#### Bugfixes {: #3.31.0-bugfix }
+
+- Fixed `upload_time` in Simple and JSON APIs to reflect repository addition time instead of content creation time.
+  [#1232](https://github.com/pulp/pulp_python/issues/1232)
+- Fixed blocklist entries API to support `isnull` filter lookup on `version` to uniquely identify name-only entries.
+  [#1238](https://github.com/pulp/pulp_python/issues/1238)
+- Optimized `upload_time` lookups in Simple and JSON APIs.
+  [#1242](https://github.com/pulp/pulp_python/issues/1242)
+- Optimized `provenance` lookups in Simple API.
+  [#1243](https://github.com/pulp/pulp_python/issues/1243)
+
+---
+
+## 3.30.3 (2026-06-05) {: #3.30.3 }
+
+#### Bugfixes {: #3.30.3-bugfix }
+
+- Optimized `upload_time` lookups in Simple and JSON APIs.
+  [#1242](https://github.com/pulp/pulp_python/issues/1242)
+- Optimized `provenance` lookups in Simple API.
+  [#1243](https://github.com/pulp/pulp_python/issues/1243)
+
+---
+
 ## 3.30.2 (2026-05-19) {: #3.30.2 }
 
 #### Bugfixes {: #3.30.2-bugfix }
@@ -89,6 +119,26 @@
 
 ---
 
+## 3.27.4 (2026-06-05) {: #3.27.4 }
+
+#### Bugfixes {: #3.27.4-bugfix }
+
+- Optimized `upload_time` lookups in Simple and JSON APIs.
+  [#1242](https://github.com/pulp/pulp_python/issues/1242)
+- Optimized `provenance` lookups in Simple API.
+  [#1243](https://github.com/pulp/pulp_python/issues/1243)
+
+---
+
+## 3.27.3 (2026-05-19) {: #3.27.3 }
+
+#### Bugfixes {: #3.27.3-bugfix }
+
+- Fixed `upload_time` in Simple and JSON APIs to reflect repository addition time instead of content creation time.
+  [#1232](https://github.com/pulp/pulp_python/issues/1232)
+
+---
+
 ## 3.27.2 (2026-04-14) {: #3.27.2 }
 
 #### Bugfixes {: #3.27.2-bugfix }

{pulp_python-3.30.2 → pulp_python-3.31.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pulp-python
-Version: 3.30.2
+Version: 3.31.0
 Summary: pulp-python plugin for the Pulp Project
 Author-email: Pulp Team <pulp-list@redhat.com>
 Project-URL: Homepage, https://pulpproject.org

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python/app/__init__.py

@@ -12,7 +12,7 @@ class PulpPythonPluginAppConfig(PulpPluginAppConfig):
 
     name = "pulp_python.app"
     label = "python"
-    version = "3.30.2"
+    version = "3.31.0"
     python_package_name = "pulp-python"
     domain_compatible = True
 

pulp_python-3.31.0/pulp_python/app/exceptions.py

@@ -0,0 +1,54 @@
+from gettext import gettext as _
+
+from pulpcore.plugin.exceptions import PulpException
+
+
+class AttestationVerificationError(PulpException):
+    """
+    Raised when attestation verification fails.
+    """
+
+    error_code = "PYT0001"
+
+    def __init__(self, message):
+        super().__init__()
+        self.message = message
+
+    def __str__(self):
+        return f"[{self.error_code}] " + _("Attestation verification failed: {message}").format(
+            message=self.message
+        )
+
+
+class UnsupportedProtocolError(PulpException):
+    """
+    Raised when an unsupported protocol is used for syncing.
+    """
+
+    error_code = "PYT0002"
+
+    def __init__(self, protocol):
+        super().__init__()
+        self.protocol = protocol
+
+    def __str__(self):
+        return f"[{self.error_code}] " + _(
+            "Only HTTP(S) is supported for python syncing, got: {protocol}"
+        ).format(protocol=self.protocol)
+
+
+class InvalidAttestationsError(PulpException):
+    """
+    Raised when attestation data cannot be validated.
+    """
+
+    error_code = "PYT0003"
+
+    def __init__(self, message):
+        super().__init__()
+        self.message = message
+
+    def __str__(self):
+        return f"[{self.error_code}] " + _("Invalid attestations: {message}").format(
+            message=self.message
+        )

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python/app/models.py

@@ -412,16 +412,16 @@ class PythonRepository(Repository, AutoAddObjPermsMixin):
 
     def _check_for_package_substitution(self, new_version):
         """
-        Raise a ValidationError if newly added packages would replace existing packages that have
-        the same filename but a different sha256 checksum.
+        Raise a ValidationError if newly added packages would replace existing packages
+        that have the same filename but a different sha256 checksum.
         """
         qs = PythonPackageContent.objects.filter(pk__in=new_version.content)
         duplicates = collect_duplicates(qs, ("filename",))
         if duplicates:
             raise ValidationError(
-                "Found duplicate packages being added with the same filename but different checksums. "  # noqa: E501
-                "To allow this, set 'allow_package_substitution' to True on the repository. "
-                f"Conflicting packages: {duplicates}"
+                "Found duplicate packages being added with the same filename but different "
+                "checksums. To allow this, set 'allow_package_substitution' to True on the "
+                f"repository. Conflicting packages: {duplicates}"
             )
 
     def _check_blocklist(self, new_version):

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python/app/pypi/views.py

@@ -7,7 +7,7 @@ from urllib.parse import urljoin, urlparse, urlunsplit
 from django.contrib.sessions.models import Session
 from django.core.exceptions import ObjectDoesNotExist
 from django.db import transaction
-from django.db.models import OuterRef, Subquery
+from django.db.models import Exists, F, FilteredRelation, OuterRef, Q
 from django.db.utils import DatabaseError
 from django.http.response import (
     Http404,
@@ -26,7 +26,6 @@ from rest_framework.renderers import BrowsableAPIRenderer, JSONRenderer, Templat
 from rest_framework.response import Response
 from rest_framework.viewsets import ViewSet
 
-from pulpcore.plugin.models import RepositoryContent
 from pulpcore.plugin.tasking import dispatch
 from pulpcore.plugin.util import get_domain, get_url
 from pulpcore.plugin.viewsets import OperationPostponedResponse
@@ -368,13 +367,16 @@ class SimpleView(PackageUploadMixin, ViewSet):
             return redirect(urljoin(self.base_content_url, f"{path}/simple/{normalized}/"))
         if content is not None:
             local_packages = content.filter(name_normalized=normalized)
-            repo_added_subquery = RepositoryContent.objects.filter(
-                content_id=OuterRef("pk"),
-                repository=repo_ver.repository,
-                version_removed=None,
-            ).values("pulp_created")[:1]
             packages = local_packages.annotate(
-                repo_added_time=Subquery(repo_added_subquery)
+                active_membership=FilteredRelation(
+                    "version_memberships",
+                    condition=Q(
+                        version_memberships__repository=repo_ver.repository,
+                        version_memberships__version_removed=None,
+                    ),
+                ),
+                repo_added_time=F("active_membership__pulp_created"),
+                has_provenance=Exists(PackageProvenance.objects.filter(package_id=OuterRef("pk"))),
             ).values(
                 "filename",
                 "sha256",
@@ -383,9 +385,7 @@ class SimpleView(PackageUploadMixin, ViewSet):
                 "size",
                 "repo_added_time",
                 "version",
-            )
-            provenances = PackageProvenance.objects.filter(package__in=local_packages).values_list(
-                "package__filename", flat=True
+                "has_provenance",
             )
             local_releases = {
                 p["filename"]: {
@@ -394,7 +394,7 @@ class SimpleView(PackageUploadMixin, ViewSet):
                     "upload_time": p["repo_added_time"],
                     "provenance": (
                         self.get_provenance_url(normalized, p["version"], p["filename"])
-                        if p["filename"] in provenances
+                        if p["has_provenance"]
                         else None
                     ),
                 }

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python/app/serializers.py

@@ -9,7 +9,8 @@ from django.db.utils import IntegrityError
 from drf_spectacular.utils import extend_schema_serializer
 from packaging.requirements import Requirement
 from packaging.version import InvalidVersion, Version
-from pydantic import TypeAdapter, ValidationError
+from pydantic import TypeAdapter
+from pydantic import ValidationError as PydanticValidationError
 from pypi_attestations import AttestationError
 from rest_framework import serializers
 
@@ -387,7 +388,7 @@ class PythonPackageContentSerializer(core_serializers.SingleArtifactContentUploa
                 attestations = TypeAdapter(list[Attestation]).validate_json(value)
             else:
                 attestations = TypeAdapter(list[Attestation]).validate_python(value)
-        except ValidationError as e:
+        except PydanticValidationError as e:
             raise serializers.ValidationError(_("Invalid attestations: {}").format(e))
         return attestations
 
@@ -654,7 +655,7 @@ class PackageProvenanceSerializer(core_serializers.NoArtifactContentUploadSerial
         try:
             provenance = Provenance.model_validate_json(data["file"].read())
             data["provenance"] = provenance.model_dump(mode="json")
-        except ValidationError as e:
+        except PydanticValidationError as e:
             raise serializers.ValidationError(
                 _("The uploaded provenance is not valid: {}").format(e)
             )

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python/app/tasks/sync.py

@@ -1,8 +1,7 @@
 import asyncio
 import logging
 from functools import partial
-from gettext import gettext as _
-from urllib.parse import urljoin
+from urllib.parse import urljoin, urlparse
 
 from aiohttp import ClientError, ClientResponseError
 from bandersnatch.configuration import BandersnatchConfig
@@ -12,9 +11,9 @@ from lxml.etree import LxmlError
 from packaging.requirements import Requirement
 from pypi_attestations import Provenance
 from pypi_simple import IndexPage
-from rest_framework import serializers
 
 from pulpcore.plugin.download import HttpDownloader
+from pulpcore.plugin.exceptions import SyncError
 from pulpcore.plugin.models import Artifact, ProgressReport, Remote, Repository
 from pulpcore.plugin.stages import (
     DeclarativeArtifact,
@@ -23,6 +22,7 @@ from pulpcore.plugin.stages import (
     Stage,
 )
 
+from pulp_python.app.exceptions import UnsupportedProtocolError
 from pulp_python.app.models import (
     PackageProvenance,
     PythonPackageContent,
@@ -45,14 +45,14 @@ def sync(remote_pk, repository_pk, mirror):
         mirror (boolean): True for mirror mode, False for additive mode.
 
     Raises:
-        serializers: ValidationError
+        SyncError
 
     """
     remote = PythonRemote.objects.get(pk=remote_pk)
     repository = Repository.objects.get(pk=repository_pk)
 
     if not remote.url:
-        raise serializers.ValidationError(detail=_("A remote must have a url attribute to sync."))
+        raise SyncError("A remote must have a url attribute to sync.")
 
     first_stage = PythonBanderStage(remote)
     DeclarativeVersion(first_stage, repository, mirror).create()
@@ -115,7 +115,8 @@ class PythonBanderStage(Stage):
         url = self.remote.url.rstrip("/")
         downloader = self.remote.get_downloader(url=url)
         if not isinstance(downloader, HttpDownloader):
-            raise ValueError("Only HTTP(S) is supported for python syncing")
+            scheme = urlparse(url).scheme
+            raise UnsupportedProtocolError(scheme)
 
         async with Master(url, allow_non_https=True) as master:
             # Replace the session with the remote's downloader session

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python/app/tasks/upload.py

@@ -4,10 +4,13 @@ from datetime import datetime, timezone
 from django.contrib.sessions.models import Session
 from django.db import transaction
 from pydantic import TypeAdapter
+from pydantic import ValidationError as PydanticValidationError
+from pypi_attestations import AttestationError
 
 from pulpcore.plugin.models import Artifact, Content, ContentArtifact, CreatedResource
 from pulpcore.plugin.util import get_current_authenticated_user, get_domain, get_prn
 
+from pulp_python.app.exceptions import AttestationVerificationError, InvalidAttestationsError
 from pulp_python.app.models import PackageProvenance, PythonPackageContent, PythonRepository
 from pulp_python.app.provenance import (
     AnyPublisher,
@@ -123,13 +126,19 @@ def create_provenance(package, attestations, domain):
     Returns:
         the newly created PackageProvenance
     """
-    attestations = TypeAdapter(list[Attestation]).validate_python(attestations)
+    try:
+        attestations = TypeAdapter(list[Attestation]).validate_python(attestations)
+    except PydanticValidationError as e:
+        raise InvalidAttestationsError(str(e))
 
     user = get_current_authenticated_user()
     publisher = AnyPublisher(kind="Pulp User", prn=get_prn(user))
     att_bundle = AttestationBundle(publisher=publisher, attestations=attestations)
     provenance = Provenance(attestation_bundles=[att_bundle])
-    verify_provenance(package.filename, package.sha256, provenance)
+    try:
+        verify_provenance(package.filename, package.sha256, provenance)
+    except AttestationError as e:
+        raise AttestationVerificationError(str(e))
     provenance_json = provenance.model_dump(mode="json")
 
     prov_sha256 = PackageProvenance.calculate_sha256(provenance_json)

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python/app/utils.py

@@ -11,7 +11,7 @@ from datetime import timezone
 import pkginfo
 from aiohttp.client_exceptions import ClientError
 from django.conf import settings
-from django.db.models import OuterRef, Subquery
+from django.db.models import F, FilteredRelation, Q
 from django.db.utils import IntegrityError
 from jinja2 import Template
 from packaging.requirements import Requirement
@@ -20,7 +20,7 @@ from packaging.version import InvalidVersion, parse
 from pypi_simple import ACCEPT_JSON_PREFERRED, ProjectPage
 
 from pulpcore.plugin.exceptions import TimeoutException
-from pulpcore.plugin.models import Artifact, Remote, RepositoryContent
+from pulpcore.plugin.models import Artifact, Remote
 from pulpcore.plugin.util import get_domain
 
 log = logging.getLogger(__name__)
@@ -375,12 +375,16 @@ def python_content_to_json(
     Returns None if version is specified but not found within content_query
     """
     if repository_version:
-        repo_added_subquery = RepositoryContent.objects.filter(
-            content_id=OuterRef("pk"),
-            repository=repository_version.repository,
-            version_removed=None,
-        ).values("pulp_created")[:1]
-        content_query = content_query.annotate(repo_added_time=Subquery(repo_added_subquery))
+        content_query = content_query.annotate(
+            active_membership=FilteredRelation(
+                "version_memberships",
+                condition=Q(
+                    version_memberships__repository=repository_version.repository,
+                    version_memberships__version_removed=None,
+                ),
+            ),
+            repo_added_time=F("active_membership__pulp_created"),
+        )
     full_metadata = {"last_serial": 0}  # For now the serial field isn't supported by Pulp
     latest_content = latest_content_version(content_query, version)
     if not latest_content:

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python/tests/functional/api/test_domains.py

@@ -174,7 +174,10 @@ def test_domain_content_replication(
         pulpcore_bindings.UpstreamPulpsApi, upstream_pulp_body, pulp_domain=replica_domain.name
     )
     # Run the replicate task and assert that all tasks successfully complete.
-    response = pulpcore_bindings.UpstreamPulpsApi.replicate(upstream_pulp.pulp_href)
+    response = pulpcore_bindings.UpstreamPulpsApi.replicate(
+        upstream_pulp.pulp_href,
+        upstream_pulp_replicate=pulpcore_bindings.module.UpstreamPulpReplicate(),
+    )
     monitor_task_group(response.task_group)
 
     counts = {}
@@ -198,7 +201,10 @@ def test_domain_content_replication(
     body = {"remote": remote.pulp_href}
     monitor_task(python_bindings.RepositoriesPythonApi.sync(repo.pulp_href, body).task)
 
-    response = pulpcore_bindings.UpstreamPulpsApi.replicate(upstream_pulp.pulp_href)
+    response = pulpcore_bindings.UpstreamPulpsApi.replicate(
+        upstream_pulp.pulp_href,
+        upstream_pulp_replicate=pulpcore_bindings.module.UpstreamPulpReplicate(),
+    )
     monitor_task_group(response.task_group)
 
     response = python_bindings.ContentPackagesApi.list(pulp_domain=replica_domain.name)

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pulp-python
-Version: 3.30.2
+Version: 3.31.0
 Summary: pulp-python plugin for the Pulp Project
 Author-email: Pulp Team <pulp-list@redhat.com>
 Project-URL: Homepage, https://pulpproject.org

{pulp_python-3.30.2 → pulp_python-3.31.0}/pulp_python.egg-info/SOURCES.txt

@@ -17,6 +17,7 @@ pulp_python.egg-info/entry_points.txt
 pulp_python.egg-info/requires.txt
 pulp_python.egg-info/top_level.txt
 pulp_python/app/__init__.py
+pulp_python/app/exceptions.py
 pulp_python/app/global_access_conditions.py
 pulp_python/app/modelresource.py
 pulp_python/app/models.py

{pulp_python-3.30.2 → pulp_python-3.31.0}/pyproject.toml

@@ -7,7 +7,7 @@ build-backend = 'setuptools.build_meta'
 
 [project]
 name = "pulp-python"
-version = "3.30.2"
+version = "3.31.0"
 description = "pulp-python plugin for the Pulp Project"
 readme = "README.md"
 authors = [
@@ -79,7 +79,7 @@ ignore = [
 [tool.bumpversion]
 # This section is managed by the plugin template. Do not edit manually.
 
-current_version = "3.30.2"
+current_version = "3.31.0"
 commit = false
 tag = false
 parse = "(?P<major>\\d+)\\.(?P<minor>\\d+)\\.(?P<alpha>0a)?(?P<patch>\\d+)(\\.(?P<release>[a-z]+))?"