Pypiserver

------------------

- FIX: previously, it was possible to upload packages with hashing algorithms
other than md5, but downloading them again with pip was impossible due to
incorrect truncation of the hash. This has been fixed! (Thanks
ArneBachmann for figuring out what was wrong and reporting the issue
in 265).
- FIX: argument parsing would previously fail for the short form of
``--help``, due an incorrect operator used during comparison (thanks to
maggyero, 271)
- DOC: significant improvements to formatting and consistency in the README
(thanks to maggyero, 270)

------------------

- ENH: pypiserver now consistently and correctly handles the `X-Forwarded-Host`
header to allow for alternative base URLs (248, resolves 155, thanks
kujyp for an excellent first-time contribution!)
- DOC: significantly more information added to the `docker-compose.yml`
example, including recipes for various configuration options (thanks
jetheurer for pointing out the errors in the existing docs, 243!)
- DOC: removed outdated suggestion to serve the packages data directly via
a webserver and replaced with information about setting up nginx
caching (thanks RiceKab for bringing the issue to our attention, 232)

------------------

- FIX: bcrypt is now *properly* installed in the Docker image, and our
automated tests now do a better job of making sure authentication and
uploads work as expected in Docker (thanks ronneke1996, 239; also
thanks kellycampbell, 235 for an alternate approach that wound up
being unused but is still appreciated!)

------------------

- SEC: mitigate potential CRLF injection attacks from malicious URLs
(thanks samwcyo, 237)

------------------

- FIX: bcrypt is now installed into the Docker image, which allows
passlib to work like it should (thanks Diftraku, 224)

- MAINT: integration tests with ``twine`` have been updated to use the
command-line interface rather than the internal API, which should
make them more resilient over time (226)

------------------

- FIX: the command to download new versions of available packages now
works with ``pip`` >= 10.0 (thanks elboerto, 215)