pkg_gpgcheck set to 0 for Zypper repository configurations to work around Zypper bug where gpgkey= urls are not respected. More details available in the SUSE bug reports 1088037 and 954274.
Descriptions of packagecloud-ctl queue management commands fixed.
New Distributions Added
Elementary OS "loki" 0.4
2.0.1 (released March 22, 2018)
Additional information about Node.js packages is now displayed on package pages.
YUM indexer efficiency increased significantly for large repositories.
APT indexer efficiency increased significantly for large repositories.
Deletion of large repositories is now much more efficient.
Unnecessary queries removed from repository pages, resulting in faster load times.
A feature added to recent versions of Bundler (1.14 and higher) to warn about an unwritable home directory was resulting in this warning being written out for all bundle-related tasks, including dumping the GPG public key. This issue has now been resolved.
A bug in an open source library prevented GPG signatures of repositories with UTF-8 strings in the repository description. This has now been fixed.
Python repositories previously incorrectly returned 404s for valid HEAD requests. This has now been fixed.
A bug preventing users from manually updating the 'latest' distribution tag for a package has been fixed.
Accessing private NPM repositories with the wrong authorization scheme (e.g. Basic instead of Bearer) previously returned a 500. This has been fixed to return a 401.
Prevent Debian packages with severely broken version strings from being uploaded.
Prevent RPM packages with missing version or release strings from being uploaded.
2.0.0 (released February 26, 2018)
New Distributions Added
Support for NPM registries and Node.js packages.
Add support for Android Java packages (APK) files and the binary manifests contained within.
Allow promote and delete when using package search.
Bump all libraries, frameworks, and Ruby to the latest versions.
Add support for additional download URLs like: download.rpm to make package managers which string match file extensions happy.
Allow user to select master token on repo install pages so the install scripts will use the desired token.
Add detection of gnupg to repository install scripts.
Handle requests for 6Server and 7Server routing them to el/6 and el/7, respectively.
Extended Python License field to allow more verbose License files.
Add structured data so that links from packagecloud pasted into chat apps look much nicer :)
Improved performance of Debian indexer for "all" arch.
RubyGems with different platforms (but the same version) were unable to be uploaded due to a buggy database constraint. This is now fixed.
Fix a bug introduced by certain versions of dpkg on Debian systems which generated malformed version strings in package metadata.
Parsing debian package metadata may have parsed control.swp files (generated by vim and erroneously included a debian package). Fix this by explicitly checking the filename.
Require all debian binary packages to have at least: version, maintainer, and description fields.
Fix an issue when uploading JAR packages with no pom.xml file.
1.0.55 (released September 17, 2017)
New Distributions Added
LinuxMint 18.2 (sonya)
openSUSE LEAP 42.3
All repository indexer jobs now log a lot more useful information.
Java package API response now include a download_url field.
Link to enterprise documentation added to footer.
Improved error-handling for packagecloud-ctl reset-password command.
Adds configuration options for tuning Garbage Collection parameters for application and job workers, new defaults should increase performance overall. See the Garbage Collection page for more details.
Fixed bug around handling of Debian DSC packages containing a '+' character in the filename.
Fixed bug with Search API pagination.
Fixed promotion of Debian DSC packages and Java packages.
Fixed a bug around stale repository indexes when all packages have been promoted out of a repository.
Names for Master Tokens and Read Tokens have been increased to 255 characters and slashes are no longer allowed. (Slash characters in token names will automatically be replaced with a dash). See Release Notes for instructions.
You can no longer accidentally delete web-dl read tokens.
Size field is now properly stored for Debian DSC packages.
Fixed race condition in Debian Indexer jobs that would cause Release files to occasionally return 404 while they were being generated.
Fixed packagecloud-ctl backup-all command.
Fixes packagecloud-ctl bootstrap-database command when database does not exist.
1.0.54 (released July 24, 2017)
Adds Java WAR support.
API for managing package signing GPG keys. Install the latest package_cloud gem to use (v2.0.43).
Fixes installation instructions for Java SNAPSHOT versions.
Improved error handling for package uploads.
Fixes bug preventing reliable logged-in sessions from working for deployments with multiple frontends (see the Session Secret documentation for more information).
Fixes bug where proxied requests to S3 from python/pip would fail.
The bootstrap-database command now returns the correct exit status for all cases.
1.0.53 (released June 7, 2017)
Allows upload of GPG package signing keys to repository (supported only for yum/rpm, for now).
Support for using an external GPG agent for keys that need a passphrase, see documentation for External GPG Agent.
Better error handling for malformed debian file uploads.
Hitting ESC key now closes modals.
Fixes issue where sometimes copy/paste button would copy incorrect text.
Fixes issue around zypper configuration file generation.
Forgot password page will now show a warning if SMTP is not configured.
Handle RPMs that have ghost files present in the archive when they should not. This is caused by a buggy librpm that is shipped with CentOS 6.
Minor updates to the mirroring instructions tab.
Cosmetic updates to the package delete button.
Remove the scheme (e.g., http:// or https://) from the origin when generating a release file. Apt's unattended-upgrades cannot handle '://' and crashes when pointed at repositories with this character set in the Release file.
Added a dialog for creating master tokens and read tokens from the web UI.
Fixed a bug preventing certain RubyGem packages from being uploaded.
Fixed a bug preventing certain RubyGem packages from being deleted.
1.0.38 (released August 3, 2016)
Java JAR support added.
Repository pages can now have markdown READMEs.
Package dependencies are now returned for each package when using the package show API.
Statistics API URLs are now returned for each package when using the package show API.
Allow the log level to be adjusted to prevent excessive logging. The default log level has been set to 'error' unless otherwise specified with packagecloud_rails['log_level'] in /etc/packagecloud/packagecloud.rb.
Add support for Linux Mint 18.
Add support for Fedora 24.
Add support for the ppcel64 architecture for Debian packages.
Fix rendering of package descriptions
Fix bad query that occasionally caused MySQL deadlock errors when marking packages as being indexed.
When a user on packagecloud:enterprise is disabled, all collaborations that user had are now deleted.
Allow python wheels with periods in the name to be uploaded.
Fix handling of ARM-architecture RPM packages.
Strip 4-byte UTF-8 characters from description fields to prevent a MySQL error on insertion.
Debian packages with unknown architectures are now rejected.
1.0.37 (released May 10, 2016)
Performance improvement for Debian package indexer. Reindex times are significantly reduced for large (> 2000 package) repositories.
Improve performance of all package servers. The latency between making a request for a package via apt-get, yum install, pip install, and gem install and receiving a 302 has been reduced by 40-60%.
Improve performance of RPM indexer significantly. Repositories with large numbers of packages (> 2000 packages) will have the most noticeable speed increase.
Search was rewritten from the ground up to be much faster and easier to use.
Added a badge to repository pages to indicate if a package is currently being indexed. Once the package is indexed, the badge disappears.
Added an "indexed" attribute to package API results.
Added "download_url" to package API results.
Added a delete button to package pages.
Enabled SHA256 GPG signatures for Debian Wheezy and above (previously was only Debian Jessie and above).
Fix a bug in the RPM indexer where noarch RPM would queue a reindex of the SRPM packages.
Fix authentication bug for the RubyGems dependency API. This (and only this) endpoint must be accessible with read tokens and not normal API tokens so that bundler can properly use the endpoint.