Release notes¶
2.4.0¶
Bodhi 2.4.0 is a feature and bugfix release.
Features¶
- The web interface now displays whether an update has autopush enabled (#999).
- Autopush is now disabled on any update that receives authenticated negative karma (#1191).
- Bodhi now links to Koji builds via TLS instead of plaintext (#1246).
- Some usage examples have been added to the
bodhi
man page. - Bodhi’s server package has a new script called
bodhi-clean-old-mashes
that can recursively delete any folders with names that end in a dash followed by a string that can be interpreted as a float, sparing the newest 10 by lexigraphical sorting. This should help release engineers keep the Koji mashing folder clean. - There is now a
bodhi.client.bindings
module provided by the Bodhi client package. It contains Python bindings to Bodhi’s REST API. - The
bodhi
CLI now prints autokarma and thresholds when displaying updates. bodhi-push
now has a--version
flag.- There are now man pages for
bodhi-push
andinitialize_bodhi_db
.
Bugs¶
- Users’ e-mail addresses will now be updated when they log in to Bodhi (#902).
- The masher now tests for
repomd.xml
instead of the directory that contains it (#908). - Users can now only upvote an update once (#1018).
- Only comment on non-autokarma updates when they meet testing requirements (#1009).
- Autokarma can no longer be set to NULL (#1048).
- Users can now be more fickle than ever about karma (#1064).
- Critical path updates can now be free of past negative karma ghosts (#1065).
- Bodhi now comments on non-autokarma updates after enough time has passed (#1094).
bodhi-push
now does not crash when users abort a push (#1107).bodhi-push
now does not print updates when resuming a push (#1113).- Bodhi now says “Log in” and “Log out” instead of “Login” and “Logout” (#1146).
- Bodhi now configures the Koji client to retry, which should help make the masher more reliable (#1201).
- Bodhi is now compatible with Pillow-4.0.0 (#1262).
- The bodhi cli no longer prints update JSON when setting the request (#1408195).
- Bodhi’s signed handler now skips builds that were not assigned to a release.
- The comps file is now cloned into an explicit path during mashing.
- The buildsystem is now locked during login.
Development improvements¶
- A great deal of tests were written for Bodhi. Test coverage is now up to 81% and is enforced by the test suite.
- Bodhi’s server code is now PEP-8 compliant.
- The docs now contain contribution guidelines.
- The build system will now fail with a useful Exception if used without being set up.
- The Vagrantfile is a good bit fancier, with hostname, dnf caching, unsafe but performant disk I/O, and more.
- The docs now include a database schema image.
- Bodhi is now run by systemd in the Vagrant guest.
- The Vagrant environment now has several helpful shell aliases and a helpful MOTD to advertise them to developers.
- The development environment now uses Fedora 25 by default.
- The test suite is less chatty, as several unicode warnings have been fixed.
Dependency change¶
- Bodhi server now depends on click for
bodhi-push
.
Release contributors¶
The following contributors submitted patches for Bodhi 2.4.0:
- Trishna Guha
- Patrick Uiterwijk
- Jeremy Cline
- Till Mass
- Josef Sukdol
- Clement Verna
- andreas
- Ankit Raj Ojha
- Randy Barlow
2.3.3¶
Bodhi 2.3.3 converts koji auth to be done with krb5 and fixes one bug:
Thanks to Patrick Uiterwijk for contributing both of these commits!
2.3.2¶
Bodhi 2.3.2 is a bugfix release that addresses the following issues:
push.py
now defaults to the current releases (#1071).- Fixed a typo in the masher in sending an ostree compose message (#1072).
- Fixed a typo in looking up an e-mail template (#1073).
- The fedmsg name is now passed explicitly (#1079).
- The man page was corrected to state that builds should be comma separated (#1095).
- Fixed a race condition between robosignatory and the signed handler (#1111).
- Fix querying the updates for resumption in
push.py
(e7cb3f13). push.py
now prompts for the username if not given (abeca57e).
Release contributors¶
The following contributors authored patches for 2.3.2:
- Patrick Uiterwijk
- Randy Barlow
2.3.1¶
Bodhi 2.3.1 fixes #1067,
such that edited updates now tag new builds into the pending_signing_tag
instead of the pending_testing_tag
. This is needed for automatic signing
gating to work.
2.3.0¶
Bodhi 2.3.0 is a feature and bug fix release.
Features¶
- The package input field is now autofocused when creating new updates (#876).
- Releases now have a
pending_signing_tag
(3fe3e219). - fedmsg notifications are now sent during ostree compositions (b972cad0).
- Critical path updates will have autopush disabled if they receive negative karma (b1f71006).
- The e-mail templates reference dnf for Fedora and yum for Enterprise Linux (1c1f2ab7).
- Updates are now obsoleted if they reach the unstable threshold while pending (f033c74c).
- Bodhi now gates Updates based on whether they are signed yet or not (#1011).
Bugs¶
- Candidate builds and bugs are no longer duplicated while searching (#897).
- The Bugzilla connection is only initialized when needed (950eee2c).
- A sorting issue was fixed on the metrics page so the data is presented correctly (487acaaf).
- The Copyright date in the footer of the web interface is updated (1447b6c7).
- Bodhi will comment with the required time instead of the elapsed time on updates (#1017).
- Bodhi will only comment once to say that non-autopush updates have reached the threshold (#1009).
/masher/
is now allowed in addition to/masher
for GET requests (cdb621ba).
Dependencies¶
Bodhi now depends on fedmsg-atomic-composer >= 2016.3, which addresses a few issues during mashing.
Development improvements¶
Bodhi 2.3.0 also has a few improvements to the development environment that make it easier to contribute to Bodhi or improve Bodhi’s automated tests:
- Documentation was added to describe how to connect development Bodhi to staging Koji (7f3b5fa2).
- An unused
locked_date_for_update()
method was removed (b87a6395). - The development.ini.example base_address was changed to localhost so requests would be allowed (0fd5901d).
- The
setup.py
file has more complete metadata, making it more suitable for submission to PyPI (5c201ac2). - The #bodhi and #fedora-apps channels are now documented in the readme file (52093069).
- A new test has been added to enforce PEP-8 style and a few modules have been converted to conform (bbafc9e6).
Release contributors¶
The following contributors authored patches for 2.3.0:
- Josef Sukdol
- Julio Faracco
- Patrick Uiterwijk
- Randy Barlow
- Richard Fearn
- Trishna Guha
2.2.4¶
This release fixes two issues:
2.2.3¶
This release fixes #951, which prevented updates with large numbers of packages to be viewable in web browsers.
2.2.2¶
This is another in a series of bug fix releases for Bodhi this week. In this release, we’ve fixed the following issues:
2.2.1¶
Bodhi 2.2.1 is a bug fix release, primarily focusing on mashing issues:
- Register date locked during mashing (#952).
- UTF-8 encode the updateinfo before writing it to disk (#955).
- Improved logging during updateinfo generation (#956).
- Removed some unused code (07ff664f).
- Fix some incorrect imports (9dd5bdbc and b1cc12ad).
- Rely on self.skip_mash to detect when it is ok to skip a mash (ad65362e).
2.2.0¶
Bodhi 2.2.0 is a security and feature release, with a few bug fixes as well.
Security¶
This update addresses CVE-2016-1000008 by disallowing the re-use of solved captchas. Additionally, the captcha is warped to make it more difficult to solve through automation. Thanks to Patrick Uiterwijk for discovering and reporting this issue.
Features¶
- Bodhi’s
approve_testing.py
script will now comment on updates when they have reached a stable karma threshold (5b0d1c7c). - The web interface now displays a push to stable button when the karma reaches the right level when autokarma is disabled (#772 and #796).
- Masher messages now have an “agent”, so it is possible to tell which user ran the mash (45e4fc9f).
- Locked updates now list the time they were locked (#831).
- Bugs are closed and commented on in the same Bugzilla POST (#404).
- Karma values equal to 0 are no longer displayed with a green background to better distinguish them from positive karma reports (#799).
- Updates display a link to the feedback guidelines (#865).
- The new CLI now has a man page (95574831).
- The CLI now has a
--version
flag (#895).
Bugs¶
- Locked updates that aren’t part of a current push will now be pushed and warnings will be logged (bf4bdeef). This should help us to fix #838.
- Don’t show users an option to push to stable on obsoleted updates (#848).
- taskotron updates are shown per build, rather than per update (ce2394c6, 8e199668).
- The Sphinx documentation now builds again (b3f80b1b).
- Validator messages are now more useful and helpful (#630).
- The Bodhi CLI no longer depends on the server code to function (#900).
- Private bugs will no longer prevent the updates consumer from continuing (#905).
- bootstrap is now included in the setuptools manifest for the server package (#919).