Buildstream

Latest version: v2.4.0

Safety actively analyzes 710644 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 6

2.4.0

=================

o Add new user configuration for the cache (1950)

o docs: fix link to docker install instructions (1952)

o Fix console warnings in newer python versions (1958)

o Update github CI workflow actions (1957)

o Fix `bst artifact show --long` for artifacts with symlinks (1959)

o Fix race condition in public data handling (1955)

o Cleanup deadcode (1954)

o Make remote execution directory fetching more robust (1962)

o Disable logging for frequent cache query jobs (1963)

o Improve performance when using `storage-service` (1966)

o Fixed issues with nested junctions (1891, 1969, 1975)

o Drop support for Python 3.8 and add support for Python 3.13 (1971)

o Load time optimization for commands which don't require cache queries (1965)

o Address deprecation warnings from deprecated pkg_resources (1948)

=================

2.3.0

Not secure
=================

o Proxy remote asset and remote execution requests via buildbox-casd (1922, 1926)

o Optimize bst show when no cached state is needed (1923)

o Support %{description} in bst show commands

o Support HTTP Bearer authentication for remote API servers (1925)

o Drop support for Python 3.7 (1933, 1934, 1936)

o downloadablefilesource: Add 10 minutes timeout (1928)

o tar.py: Always check member paths (1932)

o Ensure blobs are available locally when using storage-service (1938)

o Support loading source mirror plugins from pip and junction origins (1931)

o Restore terminal after exiting a bst shell (1786)

o Fail early if buildbox-run is present but non-functional (1746)

=================

2.2.1

Not secure
=================

o Fix parsing of keepalive time (1916)

o Fix alias mapping when using source mirror plugins (1918)

o Fix typing of SourceFetcher.fetch() and Source.translate_url():
the `alias_override` parameter should be considered opaque.

o Update documentation regarding the buildbox merge (1919)

=================

2.2.0

Not secure
=================

o Support Python 3.12 (1881, 1884)

o Add suffix parameter to `Source.translate_url()` (1899)

o Error out if a YAML mapping has duplicate keys (1877)

o New configuration option to set the grpc keepalive time (1879)

o Add SourceMirror plugins to allow more flexibility when defining mirrors (1903)

o Use system-installed buildbox components over bundled ones if available (1902)

o Support bearer authentication in DownloadableFileSource (1911)

o Support mapping aliases from subprojects to parent project to ease mirroring (1910)

=================

2.1.0

Not secure
=================

o Support new architecture name "la64v100" (1811)

o Fix race condition when downloading sources (1831)

o Properly handle partial download errors (1846)

o Fix regressed ETag handling to prevent redundant file downloads (1834)

o Fix parsing remotes specified on the command line (1850)

o Fix bug when tracking ref-less sources (like local sources) when using project.refs (1858)

o Follow semantic versioning more strictly (1854)

o New `bst build --retry-failed` feature (1849)

o Fix parsing override-project-caches configuration (1861)

o Fix crashes when instructed to only download from mirrors, and
some sources have no mirrors defined (1862)

o Drop unnecessary dependency on dateutil (1867)

o Fix severe hangs when can occur when running out of disk
space specifically when attempting to open and write to
a new log file (1865)

=================

2.0.1

Not secure
=================

o Stop including generated C code in releases (1777)

o Support completions for Zsh shells (558)

o Support Python 3.11 (1782, 1806, 1815, 1759)

o Fix git submodule tests to work with recent git (1816)

o Enable coverage collection in tests (1817)

o Optimize file copies where possible (1793)

o Some fixes for downloadable file sources (1826, 1814)

o Various cleanups of deprecated code and documentation

=================

Page 1 of 6

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.