Workflow

Pulpcore

Latest version: v3.74.1

Safety actively analyzes 723177 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 4 of 77

3.67.1

REST API {: 3.67.1-rest-api }

Bugfixes {: 3.67.1-rest-api-bugfix }

- Fixed an assertion on all content being added/removed in a repository version is of the same domain.
[content-assert](https://github.com/pulp/pulpcore/issues/content-assert)

Plugin API {: 3.67.1-plugin-api }

No significant changes.

Pulp File {: 3.67.1-pulp-file }

No significant changes.

Pulp Cert Guard {: 3.67.1-pulp-cert-guard }

No significant changes.

---

3.67.0

REST API {: 3.67.0-rest-api }

Features {: 3.67.0-rest-api-feature }

- Added `DefaultAccessPolicy` that will always use the default policy declared on the views.
Added `AccessPolicyFromSettings` that will read policies from the `ACCESS_POLICIES` setting first.
[5882](https://github.com/pulp/pulpcore/issues/5882)
- Replaced built-in opentelemetry metrics with custom middlewares. Additionally, introduced a new
setting `OTEL_ENABLED` that toggles the opentelemetry instrumentation on and off. It defaults to
`False`.
[5943](https://github.com/pulp/pulpcore/issues/5943)

Bugfixes {: 3.67.0-rest-api-bugfix }

- pass envvars to Signing Scripts to access GNUPGHOME
[5911](https://github.com/pulp/pulpcore/issues/5911)
- Fixed repository modify allowing content from separate domains.
[5934](https://github.com/pulp/pulpcore/issues/5934)
- Fixed the JSONField specification so it doesn't break ruby bindings.
See context [here](https://github.com/pulp/pulp_rpm/issues/3639).

Improved Documentation {: 3.67.0-rest-api-doc }

- Fixed pulpcore code-api generated docs, which was not using the right mkdocstring directives yet.
[5834](https://github.com/pulp/pulpcore/issues/5834)

Plugin API {: 3.67.0-plugin-api }

Bugfixes {: 3.67.0-plugin-api-bugfix }

- Downloaders now always ensure the download ends up under `WORKING_DIRECTORY`.
[5912](https://github.com/pulp/pulpcore/issues/5912)

Removals {: 3.67.0-plugin-api-removal }

- Deprecated `AccessPolicyFromDB` for removal in 4.0.
[5822](https://github.com/pulp/pulpcore/issues/5822)

Pulp File {: 3.67.0-pulp-file }

No significant changes.

Pulp Cert Guard {: 3.67.0-pulp-cert-guard }

No significant changes.

---

3.66.1

REST API {: 3.66.1-rest-api }

Bugfixes {: 3.66.1-rest-api-bugfix }

- Fixed repository modify allowing content from separate domains.
[5934](https://github.com/pulp/pulpcore/issues/5934)
- Fixed the JSONField specification so it doesn't break ruby bindings.
See context [here](https://github.com/pulp/pulp_rpm/issues/3639).

Plugin API {: 3.66.1-plugin-api }

No significant changes.

Pulp File {: 3.66.1-pulp-file }

No significant changes.

Pulp Cert Guard {: 3.66.1-pulp-cert-guard }

No significant changes.

---

3.66.0

REST API {: 3.66.0-rest-api }

Features {: 3.66.0-rest-api-feature }

- Added OpenPGP keyring repository type and OpenPGP key content type.
[3024](https://github.com/pulp/pulpcore/issues/3024)
- Re-enabled and refactored the Domain Storage metric emitter.
[5762](https://github.com/pulp/pulpcore/issues/5762)
- Added a formal "immediate" type of Task and changed workers behavior to prioritize those.
This labeling is exlusive to plugin code and should only be applied where it's known that
the task will finish shortly, like in updates of repositories, remotes, and distributions.
[5767](https://github.com/pulp/pulpcore/issues/5767)

Bugfixes {: 3.66.0-rest-api-bugfix }

- Fixed task purge to not expect a user, when a run has been scheduled by Pulp itself.
[5881](https://github.com/pulp/pulpcore/issues/5881)

Plugin API {: 3.66.0-plugin-api }

No significant changes.

Pulp File {: 3.66.0-pulp-file }

No significant changes.

Pulp Cert Guard {: 3.66.0-pulp-cert-guard }

No significant changes.

---

3.65.0

REST API {: 3.65.0-rest-api }

Bugfixes {: 3.65.0-rest-api-bugfix }

- pulp-worker fails to start with "float object cannot be interpreted as an integer" on some versions of python.
[5861](https://github.com/pulp/pulpcore/issues/5861)
- Fixed the name of the metrics' attribute reporting the worker's process name. Started emitting the
name of the Pulp service with a dedicated label (i.e., job=pulp-api).
[5864](https://github.com/pulp/pulpcore/issues/5864)
- Started propagating headers from the content-app when using a non-default filesystem storage.
[5879](https://github.com/pulp/pulpcore/issues/5879)

Improved Documentation {: 3.65.0-rest-api-doc }

- Correct rendering of pulp bash example in reclaim-disk-space.md
[5876](https://github.com/pulp/pulpcore/issues/5876)

Plugin API {: 3.65.0-plugin-api }

No significant changes.

Pulp File {: 3.65.0-pulp-file }

Bugfixes {: 3.65.0-pulp-file-bugfix }

- During sync, quote the URL path for file downloads using HTTP.
[5686](https://github.com/pulp/pulpcore/issues/5686)

Pulp Cert Guard {: 3.65.0-pulp-cert-guard }

No significant changes.

---

3.64.0

REST API {: 3.64.0-rest-api }

Features {: 3.64.0-rest-api-feature }

- Started using an upstream version of the OpenTelemetry aiohttp server instrumentation.
[5833](https://github.com/pulp/pulpcore/issues/5833)
- Included the worker's name in the ``http.server.duration`` OpenTelemetry metric attributes.
[5844](https://github.com/pulp/pulpcore/issues/5844)

Bugfixes {: 3.64.0-rest-api-bugfix }

- Started collecting artifact size metrics even after caching the served content.
[5817](https://github.com/pulp/pulpcore/issues/5817)

Plugin API {: 3.64.0-plugin-api }

No significant changes.

Pulp File {: 3.64.0-pulp-file }

No significant changes.

Pulp Cert Guard {: 3.64.0-pulp-cert-guard }

No significant changes.

---

Page 4 of 77

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.