Koji 1.31.0 is out. As usual - Thanks to everyone who contributed!
You can read release notes here:
* #3393: Header-based sessions - historically we've been using
session_id, etc. in xmlrpc/http calls. We're moving these values to
the http headers for better security (URLs in logs, etc.) Old
behaviour is still supported (can be disabled via option) and will be
also removed in future release. Especially owners of non-python
bindings should look into this.
* #3508: Koji now can checkout commits which are not part of default
"git clone" checkout (e.g. for gitlab merge requests)
* #3323: New "build_rpm" policy which is triggered before build
starts. It can handle SCM-based permissions as well as e.g.
destination target vs. username. It is obsoleting build_from_scm and
build_from_srpm policies, thus they'll be removed in future release.
* #3395, #3396: Logging suspicious session modifications and
displaying active sessions in webui.
* multiple kiwi plugin updates
* multiple VM (windows builds) updates
* 63 pull requests
You can view the 1.32 roadmap at https://pagure.io/koji/roadmap/1.32
For the current roadmap, see https://pagure.io/koji/roadmap
You can download this and other releases at https://pagure.io/koji/releases
- Initial work on new scheduler started - currently modularizing hub
to better support new usecases
- Next 2-3 minor releases will be very limited as there is no QE
capacity to test them. I'm planning to put there only very simple
changes and documentation updates.
- DB code consolidation is almost finished, only a few places not
using *Processors still remain.
- Further security improvements are coming in next release (#3571)
Tomas Kopecek <tkopecek(a)redhat.com>
RHEL Build Development, RedHat