Skip to content

chore(deps): update dependency pulp-rpm to v3.36.0#1071

Open
red-hat-konflux[bot] wants to merge 1 commit intomainfrom
konflux/mintmaker/main/pulp-rpm-3.x
Open

chore(deps): update dependency pulp-rpm to v3.36.0#1071
red-hat-konflux[bot] wants to merge 1 commit intomainfrom
konflux/mintmaker/main/pulp-rpm-3.x

Conversation

@red-hat-konflux
Copy link
Copy Markdown
Contributor

@red-hat-konflux red-hat-konflux Bot commented Apr 20, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
pulp-rpm (changelog) ==3.35.2==3.36.0 age confidence

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

pulp/pulp_rpm (pulp-rpm)

v3.36.0

Compare Source

Features {: #​3.36.0-feature }
  • Added code and a setting (MAX_PACKAGE_SIGNING_WORKERS) to sign packages concurrently when adding
    them to a repo. Signing packages concurrently will speed up the time it takes to sign and add
    packages to a repo.
    #​4357
  • Added signing_keys to the minimal package serializer.
    #​4393
  • Added a new field signing_keys on packages that tracks the fingerprints of keys Pulp has used to sign the package.
  • Signing fingerprints now use a versioned prefix format (e.g. v4:<hex>, keyid:<hex>) for
    package_signing_fingerprint on repositories and signing_keys on packages. The fingerprint prefix
    is passed to the signing script as the PULP_SIGNING_FINGERPRINT_TYPE environment variable.
Bugfixes {: #​3.36.0-bugfix }
  • Fixed RpmRepository.package_signing_fingerprint field to accept and default to null instead of empty string.
    #​4007
  • Significantly improved worst-case sync memory consumption and moderately improved worst-case publish memory consumption for most repos.
    #​4086
  • Fixed a bug where two packages with the same NEVRA and identical build times but different checksums could both pass the sync tie-breaker and be added to the repository version. The first-seen package now wins deterministically.
    #​4341
  • Updated package signing to refresh all RPM metadata fields from the signed package file, ensuring size, header offsets, and other fields stay consistent after signing.
    #​4383
Deprecations and Removals {: #​3.36.0-removal }
  • Remove handling of the nested-by-both publication layout option - it is complex and a bit flawed.
Misc {: #​3.36.0-misc }

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux
chore(deps): update dependency pulp-rpm to v3.36.0
20c16c9 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants