Backport #9660 "django update broke pulpimport filestorage-usage" to 3.14.z
Django addressed a security issue involving filepaths in a way that broke how pulpimport was using Storage:
In 3.14, the following failure in
pulp_rpm.tests.functional.api.test_pulpimport.ParallelImportTestCase testMethod=test_clean_import :
E pulp_smash.pulp3.bindings.PulpTaskError: (PulpTaskError(...), "Pulp task failed (Detected path traversal attempt in '/var/lib/pulp/media/artifact/d4/89a5ea552e5ea595976e39f891fe249e95d8eb40cbd7f50a46c0126a7072ab')")
Against core/main, the same test hangs.
The problem is that core/import builds a full-path to send to Storage.save(), which used to "work" but is now Not Allowed (for perfectly good security-reasons)