Kallithea 0.5.0 released

We are pleased to announce Kallithea 0.5.0, with as most important feature support for SSH repository access. This feature means:

  • repository URLs like ssh://kallithea@example.com/name/of/repository

  • when using SSH, all network traffic for both read and write happens over the SSH protocol on port 22, without using HTTPS nor the Kallithea WSGI application

  • encryption and authentication protocols are handled by ssh on the client using the user's public key to connect and authenticate to the server's sshd system service.

  • users can upload their public SSH key (e.g. .ssh/id_rsa.pub) through the Kallithea web UI, where it is put in the Kallithea system user's .ssh/authorized_keys file, locked down to Kallithea only providing protocol access as that user.

  • in their SSH client configuration, users can configure how the client should control access to their SSH key - without passphrase, with passphrase, and optionally with passphrase caching in the local shell session (ssh-agent). This is standard SSH functionality, not something Kallithea provides or interferes with.

  • network communication between client and server happens in a bidirectional stateful stream, and will in some cases be faster than HTTPS with several stateless round-trips.

In addition to adding SSH repository access, there have been improvements and fixes in several areas.

Support for Mercurial 5.2 was added.

The handling of the feature Admin > Settings > Visual > (HTTP) Clone URL was refactored. For most users this should not have any effect, but in case you are using a custom Clone URL, it is now explicitly checked that it contains either the string {repo} or _{repoid}.

The permission system was cleaned up. It is now ensured that all permissions are additive and that every user has at least the same permissions as the 'default' user.

In the .ini file, the api_access_controllers_whitelist has been removed. Authentication via API key will now automatically give access to all APIs that the corresponding user has access to.

With this release we dropped support for Python 2.6. Currently only Python 2.7 is supported, and we are working towards full support for Python 3.x.

Support for the 'repository locking' feature (pull-to-lock, push-to-unlock) was removed.

See 'Changes' below for a more detailed list of changes most relevant to users.

Upgrading from 0.4.x

Please refer to the upgrade instructions in the documentation for detailed steps: https://kallithea.readthedocs.io/en/stable/upgrade.html. Below are just some specific notes.

As mentioned in the upgrade instructions, generate a new configuration file and apply the necessary changes to fit your installation. There have been changes in the configuration file; starting from the old one would be a source of errors or confusion.

To enable SSH repository access, first follow the normal upgrade procedure, then refer to the instructions at: https://kallithea.readthedocs.io/en/stable/setup.html#using-kallithea-with-ssh


Below are the most relevant changes between 0.4.1 and 0.5.0. Note that it is not a complete list: many changes are purely internal refactoring. Please refer to the source repository if you are interested in full details.


  • cleanup of permission system, making all permissions additive, and with everybody inheriting from the default user
  • drop api_access_controllers_whitelist and give API key auth same access as other kinds of auth cs
  • allow LDAP users with non-ASCII characters in the DN cs

CLI commands

  • introduce -h alias for --help cs

Cache system

  • various preparatory changes to improve the caching system
  • invalidate repository cache of README and RSS based on latest revision hash cs

Configuration file (ini)

  • change default .ini to always include trace_errors settings and thus avoid deprecation warnings cs
  • rename .ini settings to avoid beaker-session deprecation warnings cs
  • create separate log handlers for color and null, and add comments hinting how they can be used cs
  • drop explicit propagate = 1 from logger configuration - that is already the default cs


  • drop unused Ui settings for hgweb cs


  • fix documentation regarding theme.less file cs
  • document official method for beaker cache cleanup cs
  • various updates and fixes


  • drop server_url parameter cs
  • make sure push and pull hooks are always enabled cs


  • reintroduce the optional wrapper middleware for logging request timing and memory usage cs

SSH repository access

  • add support for SSH repository access

User interface functionality


  • in advanced settings, only show repos of same type in the select list for "Parent" cs
  • refactor handling of Admin > Settings > Visual > (HTTP) Clone URL
  • clone_url: introduce {system_user} and {hostname} variables that will be used for SSH clone URL cs
  • always show permanent URL on repo settings page - the click-to-display functionality was confusing cs


  • track package-lock.json cs
  • update various external dependencies

Pull requests

  • in PR update list, only show first line of commit messages cs


  • fix '' is not unicode when searching for wildcards cs
  • avoid crash when making (odd) search for * cs

Version control systems support



  • fix pull requests between repositories by using the makeunionrepository factory with Mercurial 4.8 cs
  • add support for Mercurial 5.2

Other changes

  • helpers: replace webhelpers.flash with own implementation cs
  • helpers: use WebHelpers2 as much as possible - it supports Python3, and WebHelpers is dead cs
  • i18n: internal rework of how translations are imported into the source repository
  • i18n: update translations for Bulgarian, Dutch/Flemish, German, Greek, Japanese, Norwegian Bokmål, Polish, Simplified Chinese, Ukrainian.
  • i18n: add translations for Bulgarian and Turkish.
  • locking: drop the pull-to-lock / push-to-unlock functionality cs
  • setup: drop support for Python 2.6 cs
  • setup: various version bumps of external dependencies
  • setup: set explicit minimum version for all dependencies cs
  • various changes related to proper closing of resources and connections


We would like to thank everyone that contributed to the Kallithea repository (directly or by updating translations in Weblate) since release 0.4.1 (the numbers are the amount of commits)...

221 Mads Kiilerich
 37 Thomas De Schampheleire
  8 Christian Oyarzun
  2 Dominik Ruf
  2 Allan Nordhøy
  2 ssantos
  2 Tim Freund
  2 Oleksandr Shtalinberg
  2 Elizabeth Sherrock
  1 Nathan
  1 Христо Станев
  1 Hüseyin Tunç
  1 Mateusz Mendel
  1 leela

... as well as everyone contributing in other ways, e.g. by reporting issues, discussing via mail or IRC, etc.