Conary 2.0.45 is a maintenance release.

• The standalone Conary repository server now prints a message if it fails to import the Conary REST api.
• Added the restore command, which restores file ownership to troves from which they were removed (because of a remove operation or --replace-files).
• The addGitSnapshot action now accepts a branch= argument. (CNY-2368)

• Fetching path hashes from a changeset now uses absolute trove info when available (which it is for any recent enough server), instead of merging differential trove info with database trove info, which significantly speeds up update planning.
• Database operations now use the TRUNCATE command where available, which may speed up some repository queries.
• An internal API used for emulating repository access by certain roles previously did not function when given a specific set of roles; this has been corrected.

• A consistent exception is now raised when bad XML-RPC data is fed into conary's parser on systems without the sgmlop package installed. (CNY-3180)
• An error in handling queries for labels sharing the host name component has been fixed. (CNY-3187)

conary-policy 1.0.24 is a maintenance release.

• Libraries (ELF files containing DT_SONAME entries, not symbolic links) with file names ending in .so (instead of .so.something) are now tagged as shared libraries. (CNP-175)
• TagLocale no longer looks at files in %(debuglibdir)s or %(debugsrcdir)s, since it would only complain about them and ignore them anyway. (CNP-177)

Conary 2.0.44 is a maintenance release.

• Conary can now be configured with a set of certificate authorities (trustedCerts) against which all secure repository access will be validated. (CNY-2735)
• Conary now logs the starting, output, and error exit codes of trove scripts to the /var/log/conary file. (CNY-3150)
• The "conary updateall" command now honors the --just-db option. (CNY-3167)
• The EULA_Conary.txt file has been renamed to EULA_Conary_Dual_License.txt in order to highlight the contents of the beginning of the file, which describe a choice of license terms. The contents of the file are not changed, and the licenses under which Conary may be used are not changed. (CNY-3168)
• The SetModes build action now takes an optional allowNoMatch keyword argument, that causes a warning to be printed instead of failing the build when the target file does not exist. (CNY-3171)

• Added removeInvalidRollbacks() to client API. (CNY-2933)
• The conary.lib.mainhandler.MainHandler.main() method now sets sys.excepthook only if the setSysExcepthook method variable is True (as it is by default), allowing subclasses to take responsibility for setting sys.excepthook differently. (CNY-3170)

• An internal function used to install files no longer leaks a file descriptor on error. (CNY-3152)
• Unknown errors while retrieving PGP keys for archive verification are now gracefully handled. (CNY-3120)
• The cvc refresh command now ignores negative cache entries. (CNY-3157)
• The cvc sign command properly handles keys specified by key ID, in addition to fingerprints. (CNY-3139)
• The conary updateall --items command now honors --labels, --full-versions and --flavors flags. (CNY-3138)
• The --lsprof option now writes out profiling information even if an exception occurs, for both the conary and cvc commands.
• Dependency numbers in temporary dependency checking tables no longer overlap dependency numbers in the persistent database.
• Dependencies with multiple flags previously were not marked as satisfied during dependency resolution passes, forcing extra work on subsequent passes.
• Local rollbacks previously failed to restore contents when a file's metadata changed but the contents stayed the same.
• Generating local rollbacks previously failed for non-root users when the file was unreadable due to permissions.
• The ccs2tar script uses tarfile.open() in a way that is compatible with both python 2.4 and 2.6 (CNY-3160)
• Brace expansion produces results similar to bash. (CNY-3158)
• Trove searches with invalid (non-ASCII) input no longer cause a crash on PostgreSQL-backed repositories. (CNY-3165)
• Flavor processing in depSetFreeze previously did not properly handle return codes from depFreezeRaw, which could lead to a segmentation fault. (CNY-3166)
• Path normalization no longer produces erroneous double-slash entries in /etc/ld.so.conf. (CNY-3142)
• Accessing a server through a Conary proxy that injects entitlements now correctly forces the use of SSL. (CNY-3176)

• Update handling now looks for preerase trove scripts in the local database instead of instantiating full troves from the database and looking in those troves.
• Dependency tables for removed troves are no longer dropped and rebuilt during each iteration of dependency solving; they are now incrementally built during subsequent iterations.
• Dependency ordering code now looks in the local database for trove references instead of instantiating troves to get that information.
• Code which decides what referenced troves need to be erased when collections are erased now:
  • looks in the local database for trove references instead of instantiating troves to get that information
  • batches reference checks, pin checks, and presence checks across troves instead of checking those for each trove individually
• Fast-pathed code which matches old troves with new troves for the case where only a single old trove and a single new trove with a given name exist.
• Graph calculations for dependency ordering now only occur when the results are needed instead of for every pass through the dependency resolver.
• Reworked rdiff to not download a full changeset from the repository. It now downloads only the config (text) files and diffs them on the client. This allows it to show diffs for changes across repositories and yields a nice speedup. (CNY-3039)
• Reworked "conary remove" functionality to generate a changeset for the file remove and commit that through the normal update path.
• During dependency checks for new troves, no longer include every trove which requires a given dependency in the SQL tables. Instead, include that dependency only once and expand the matched requirements when we order troves (which is the only time it matters).
• Added simple caching of path hashes from the database to improve performance of large system updates.