From b8c6c591172fc60b1cc1200ed9d213e4d0a12e9b Mon Sep 17 00:00:00 2001 From: "Daniel A. Wozniak" Date: Sat, 17 Feb 2024 15:16:46 -0700 Subject: [PATCH 1/6] Bump relenv version to 0.15.0 --- .github/workflows/ci.yml | 8 ++++---- .github/workflows/nightly.yml | 8 ++++---- .github/workflows/scheduled.yml | 8 ++++---- .github/workflows/staging.yml | 8 ++++---- cicd/shared-gh-workflows-context.yml | 2 +- 5 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 26ab7dbbfe5..b2e305e384a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -427,7 +427,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" build-salt-onedir: @@ -443,7 +443,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" build-pkgs-onedir: @@ -456,7 +456,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" source: "onedir" @@ -470,7 +470,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" source: "src" build-ci-deps: diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 7ab0f53bc32..de3967a7a69 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -476,7 +476,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" build-salt-onedir: @@ -492,7 +492,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" build-pkgs-onedir: @@ -505,7 +505,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" source: "onedir" environment: nightly @@ -523,7 +523,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" source: "src" environment: nightly diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml index ce1e1420a96..b446f1df735 100644 --- a/.github/workflows/scheduled.yml +++ b/.github/workflows/scheduled.yml @@ -461,7 +461,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" build-salt-onedir: @@ -477,7 +477,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" build-pkgs-onedir: @@ -490,7 +490,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" source: "onedir" @@ -504,7 +504,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" source: "src" build-ci-deps: diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml index 97673dfb1ec..ee9b3da7b3d 100644 --- a/.github/workflows/staging.yml +++ b/.github/workflows/staging.yml @@ -466,7 +466,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" build-salt-onedir: @@ -482,7 +482,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" build-pkgs-onedir: @@ -495,7 +495,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" source: "onedir" environment: staging @@ -513,7 +513,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.14.2" + relenv-version: "0.15.0" python-version: "3.10.13" source: "src" environment: staging diff --git a/cicd/shared-gh-workflows-context.yml b/cicd/shared-gh-workflows-context.yml index c2691494b37..07cb0f30b9a 100644 --- a/cicd/shared-gh-workflows-context.yml +++ b/cicd/shared-gh-workflows-context.yml @@ -1,3 +1,3 @@ nox_version: "2022.8.7" python_version: "3.10.13" -relenv_version: "0.14.2" +relenv_version: "0.15.0" From 507f727106d5a2ae7c805d348417c19cbcd12c8a Mon Sep 17 00:00:00 2001 From: "Daniel A. Wozniak" Date: Sat, 17 Feb 2024 15:19:53 -0700 Subject: [PATCH 2/6] Add changelog for salt-pip fix --- changelog/65433.fixed.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog/65433.fixed.md diff --git a/changelog/65433.fixed.md b/changelog/65433.fixed.md new file mode 100644 index 00000000000..97dd474d15c --- /dev/null +++ b/changelog/65433.fixed.md @@ -0,0 +1 @@ +Upgrade relenv to 0.15.0 to fix namespaced packages installed by salt-pip From 96bd2b2b9bd804ea30fd414f172dd1fb9c6d9381 Mon Sep 17 00:00:00 2001 From: "Daniel A. Wozniak" Date: Sun, 18 Feb 2024 21:10:42 -0700 Subject: [PATCH 3/6] Upgrade to relenv 0.15.1 --- .github/workflows/ci.yml | 8 ++++---- .github/workflows/nightly.yml | 8 ++++---- .github/workflows/scheduled.yml | 8 ++++---- .github/workflows/staging.yml | 8 ++++---- changelog/66094.fixed.md | 1 + cicd/shared-gh-workflows-context.yml | 2 +- 6 files changed, 18 insertions(+), 17 deletions(-) create mode 100644 changelog/66094.fixed.md diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b2e305e384a..c54b0f60f46 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -427,7 +427,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" build-salt-onedir: @@ -443,7 +443,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" build-pkgs-onedir: @@ -456,7 +456,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" source: "onedir" @@ -470,7 +470,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" source: "src" build-ci-deps: diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index de3967a7a69..43d52e2b3b4 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -476,7 +476,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" build-salt-onedir: @@ -492,7 +492,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" build-pkgs-onedir: @@ -505,7 +505,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" source: "onedir" environment: nightly @@ -523,7 +523,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" source: "src" environment: nightly diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml index b446f1df735..1618dc54ab9 100644 --- a/.github/workflows/scheduled.yml +++ b/.github/workflows/scheduled.yml @@ -461,7 +461,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" build-salt-onedir: @@ -477,7 +477,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" build-pkgs-onedir: @@ -490,7 +490,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" source: "onedir" @@ -504,7 +504,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" source: "src" build-ci-deps: diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml index ee9b3da7b3d..35f20fe6e6e 100644 --- a/.github/workflows/staging.yml +++ b/.github/workflows/staging.yml @@ -466,7 +466,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" build-salt-onedir: @@ -482,7 +482,7 @@ jobs: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" build-pkgs-onedir: @@ -495,7 +495,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" source: "onedir" environment: staging @@ -513,7 +513,7 @@ jobs: with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} - relenv-version: "0.15.0" + relenv-version: "0.15.1" python-version: "3.10.13" source: "src" environment: staging diff --git a/changelog/66094.fixed.md b/changelog/66094.fixed.md new file mode 100644 index 00000000000..224440f534b --- /dev/null +++ b/changelog/66094.fixed.md @@ -0,0 +1 @@ +Upgrade relenv to 0.15.1 to fix debugpy support. diff --git a/cicd/shared-gh-workflows-context.yml b/cicd/shared-gh-workflows-context.yml index 07cb0f30b9a..42dc9883c7c 100644 --- a/cicd/shared-gh-workflows-context.yml +++ b/cicd/shared-gh-workflows-context.yml @@ -1,3 +1,3 @@ nox_version: "2022.8.7" python_version: "3.10.13" -relenv_version: "0.15.0" +relenv_version: "0.15.1" From 736ae6c79e2f80a576328352f1743792508f3a5a Mon Sep 17 00:00:00 2001 From: "Daniel A. Wozniak" Date: Mon, 19 Feb 2024 22:50:37 -0700 Subject: [PATCH 4/6] Fix ssh tests --- salt/loader/__init__.py | 10 ++++++++-- tests/conftest.py | 1 - 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/salt/loader/__init__.py b/salt/loader/__init__.py index f2e6d1529df..388742589a6 100644 --- a/salt/loader/__init__.py +++ b/salt/loader/__init__.py @@ -890,7 +890,9 @@ def log_handlers(opts, loaded_base_name=None): return FilterDictWrapper(ret, ".setup_handlers") -def ssh_wrapper(opts, functions=None, context=None, loaded_base_name=None): +def ssh_wrapper( + opts, functions=None, context=None, file_client=None, loaded_base_name=None +): """ Returns the custom logging handler modules @@ -908,7 +910,11 @@ def ssh_wrapper(opts, functions=None, context=None, loaded_base_name=None): ), opts, tag="wrapper", - pack={"__salt__": functions, "__context__": context}, + pack={ + "__salt__": functions, + "__context__": context, + "__file_client__": file_client, + }, loaded_base_name=loaded_base_name, ) diff --git a/tests/conftest.py b/tests/conftest.py index 5f79f67e8d6..b6adab5401d 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -23,7 +23,6 @@ import salt import salt._logging import salt._logging.mixins import salt.config -import salt.loader import salt.utils.files import salt.utils.path import salt.utils.platform From ba52813f7d52723a5a9ed6f51c59dbd2c5196401 Mon Sep 17 00:00:00 2001 From: Pedro Algarvio Date: Tue, 20 Feb 2024 18:17:58 +0000 Subject: [PATCH 5/6] Switch hooks to the Saltstack ORG --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0f926d986d5..555b1cec34c 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -45,7 +45,7 @@ repos: salt/ext/.* )$ - - repo: https://github.com/s0undt3ch/python-tools-scripts + - repo: https://github.com/saltstack/python-tools-scripts rev: "0.18.6" hooks: - id: tools @@ -1658,7 +1658,7 @@ repos: hooks: - id: remove-import-headers - - repo: https://github.com/s0undt3ch/salt-rewrite + - repo: https://github.com/saltstack/salt-rewrite # Automatically rewrite code with known rules rev: 2.4.4 hooks: From ce9d09bc9c8f48d588529177023b19f11f47ef1a Mon Sep 17 00:00:00 2001 From: Salt Project Packaging Date: Tue, 20 Feb 2024 22:04:07 +0000 Subject: [PATCH 6/6] Release v3006.7 --- CHANGELOG.md | 55 ++ changelog/34658.fixed.md | 3 - changelog/52289.fixed.md | 1 - changelog/63063.fixed.md | 1 - changelog/65018.fixed.md | 1 - changelog/65154.fixed.md | 2 - changelog/65193.fixed.md | 2 - changelog/65433.fixed.md | 1 - changelog/65450.fixed.md | 1 - changelog/65589.fixed.md | 1 - changelog/65670.fixed.md | 1 - changelog/65691.fixed.md | 1 - changelog/65692.fixed.md | 1 - changelog/65727.fixed.md | 1 - changelog/65752.fixed.md | 1 - changelog/65777.fixed.md | 1 - changelog/65824.fixed.md | 1 - changelog/65932.fixed.md | 1 - changelog/65938.changed.md | 1 - changelog/65951.deprecated.md | 1 - changelog/65954.fixed.md | 1 - changelog/65987.fixed.md | 1 - changelog/65990.fixed.md | 2 - changelog/66004.security.md | 3 - changelog/66006.fixed.md | 1 - changelog/66041.fixed.md | 1 - changelog/66061.fixed.md | 2 - changelog/66090.security.md | 1 - changelog/66094.fixed.md | 1 - doc/man/salt-api.1 | 2 +- doc/man/salt-call.1 | 2 +- doc/man/salt-cloud.1 | 2 +- doc/man/salt-cp.1 | 2 +- doc/man/salt-key.1 | 2 +- doc/man/salt-master.1 | 2 +- doc/man/salt-minion.1 | 2 +- doc/man/salt-proxy.1 | 2 +- doc/man/salt-run.1 | 2 +- doc/man/salt-ssh.1 | 2 +- doc/man/salt-syndic.1 | 2 +- doc/man/salt.1 | 2 +- doc/man/salt.7 | 643 +++++++++++++++--- doc/man/spm.1 | 2 +- doc/topics/releases/3006.7.md | 70 ++ .../releases/templates/3006.7.md.template | 14 + pkg/debian/changelog | 54 ++ pkg/rpm/salt.spec | 53 +- 47 files changed, 815 insertions(+), 136 deletions(-) delete mode 100644 changelog/34658.fixed.md delete mode 100644 changelog/52289.fixed.md delete mode 100644 changelog/63063.fixed.md delete mode 100644 changelog/65018.fixed.md delete mode 100644 changelog/65154.fixed.md delete mode 100644 changelog/65193.fixed.md delete mode 100644 changelog/65433.fixed.md delete mode 100644 changelog/65450.fixed.md delete mode 100644 changelog/65589.fixed.md delete mode 100644 changelog/65670.fixed.md delete mode 100644 changelog/65691.fixed.md delete mode 100644 changelog/65692.fixed.md delete mode 100644 changelog/65727.fixed.md delete mode 100644 changelog/65752.fixed.md delete mode 100644 changelog/65777.fixed.md delete mode 100644 changelog/65824.fixed.md delete mode 100644 changelog/65932.fixed.md delete mode 100644 changelog/65938.changed.md delete mode 100644 changelog/65951.deprecated.md delete mode 100644 changelog/65954.fixed.md delete mode 100644 changelog/65987.fixed.md delete mode 100644 changelog/65990.fixed.md delete mode 100644 changelog/66004.security.md delete mode 100644 changelog/66006.fixed.md delete mode 100644 changelog/66041.fixed.md delete mode 100644 changelog/66061.fixed.md delete mode 100644 changelog/66090.security.md delete mode 100644 changelog/66094.fixed.md create mode 100644 doc/topics/releases/3006.7.md create mode 100644 doc/topics/releases/templates/3006.7.md.template diff --git a/CHANGELOG.md b/CHANGELOG.md index 485b7f77f46..2957e513df8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,61 @@ Versions are `MAJOR.PATCH`. # Changelog +## 3006.7 (2024-02-20) + + +### Deprecated + +- Deprecate and stop using ``salt.features`` [#65951](https://github.com/saltstack/salt/issues/65951) + + +### Changed + +- Change module search path priority, so Salt extensions can be overridden by syncable modules and module_dirs. You can switch back to the old logic by setting features.enable_deprecated_module_search_path_priority to true, but it will be removed in Salt 3008. [#65938](https://github.com/saltstack/salt/issues/65938) + + +### Fixed + +- Fix an issue with mac_shadow that was causing a command execution error when + retrieving values that were not yet set. For example, retrieving last login + before the user had logged in. [#34658](https://github.com/saltstack/salt/issues/34658) +- Fixed an issue when keys didn't match because of line endings [#52289](https://github.com/saltstack/salt/issues/52289) +- Corrected encoding of credentials for use with Artifactory [#63063](https://github.com/saltstack/salt/issues/63063) +- Use `send_multipart` instead of `send` when sending multipart message. [#65018](https://github.com/saltstack/salt/issues/65018) +- Fix an issue where the minion would crash on Windows if some of the grains + failed to resolve [#65154](https://github.com/saltstack/salt/issues/65154) +- Fix issue with openscap when the error was outside the expected scope. It now + returns failed with the error code and the error [#65193](https://github.com/saltstack/salt/issues/65193) +- Upgrade relenv to 0.15.0 to fix namespaced packages installed by salt-pip [#65433](https://github.com/saltstack/salt/issues/65433) +- Fix regression of fileclient re-use when rendering sls pillars and states [#65450](https://github.com/saltstack/salt/issues/65450) +- Fixes the s3fs backend computing the local cache's files with the wrong hash type [#65589](https://github.com/saltstack/salt/issues/65589) +- Fixed Salt-SSH pillar rendering and state rendering with nested SSH calls when called via saltutil.cmd or in an orchestration [#65670](https://github.com/saltstack/salt/issues/65670) +- Fix boto execution module loading [#65691](https://github.com/saltstack/salt/issues/65691) +- Removed PR 65185 changes since incomplete solution [#65692](https://github.com/saltstack/salt/issues/65692) +- catch only ret/ events not all returning events. [#65727](https://github.com/saltstack/salt/issues/65727) +- Fix nonsensical time in fileclient timeout error. [#65752](https://github.com/saltstack/salt/issues/65752) +- Fixes an issue when reading/modifying ini files that contain unicode characters [#65777](https://github.com/saltstack/salt/issues/65777) +- added https proxy to the list of proxies so that requests knows what to do with https based proxies [#65824](https://github.com/saltstack/salt/issues/65824) +- Ensure minion channels are closed on any master connection error. [#65932](https://github.com/saltstack/salt/issues/65932) +- Fixed issue where Salt can't find libcrypto when pip installed from a cloned repo [#65954](https://github.com/saltstack/salt/issues/65954) +- Fix RPM package systemd scriptlets to make RPM packages more universal [#65987](https://github.com/saltstack/salt/issues/65987) +- Fixed an issue where fileclient requests during Pillar rendering cause + fileserver backends to be needlessly refreshed. [#65990](https://github.com/saltstack/salt/issues/65990) +- Fix exceptions being set on futures that are already done in ZeroMQ transport [#66006](https://github.com/saltstack/salt/issues/66006) +- Use hmac compare_digest method in hashutil module to mitigate potential timing attacks [#66041](https://github.com/saltstack/salt/issues/66041) +- Fix request channel default timeout regression. In 3006.5 it was changed from + 60 to 30 and is now set back to 60 by default. [#66061](https://github.com/saltstack/salt/issues/66061) +- Upgrade relenv to 0.15.1 to fix debugpy support. [#66094](https://github.com/saltstack/salt/issues/66094) + + +### Security + +- Bump to ``cryptography==42.0.0`` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f + + In the process, we were also required to update to ``pyOpenSSL==24.0.0`` [#66004](https://github.com/saltstack/salt/issues/66004) +- Bump to `cryptography==42.0.3` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f [#66090](https://github.com/saltstack/salt/issues/66090) + + ## 3006.6 (2024-01-26) diff --git a/changelog/34658.fixed.md b/changelog/34658.fixed.md deleted file mode 100644 index 1152b41d2df..00000000000 --- a/changelog/34658.fixed.md +++ /dev/null @@ -1,3 +0,0 @@ -Fix an issue with mac_shadow that was causing a command execution error when -retrieving values that were not yet set. For example, retrieving last login -before the user had logged in. diff --git a/changelog/52289.fixed.md b/changelog/52289.fixed.md deleted file mode 100644 index 50d5aaf516a..00000000000 --- a/changelog/52289.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fixed an issue when keys didn't match because of line endings diff --git a/changelog/63063.fixed.md b/changelog/63063.fixed.md deleted file mode 100644 index 6f26fc11abd..00000000000 --- a/changelog/63063.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Corrected encoding of credentials for use with Artifactory diff --git a/changelog/65018.fixed.md b/changelog/65018.fixed.md deleted file mode 100644 index c719aac9f99..00000000000 --- a/changelog/65018.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Use `send_multipart` instead of `send` when sending multipart message. diff --git a/changelog/65154.fixed.md b/changelog/65154.fixed.md deleted file mode 100644 index bbc6d8d7ec5..00000000000 --- a/changelog/65154.fixed.md +++ /dev/null @@ -1,2 +0,0 @@ -Fix an issue where the minion would crash on Windows if some of the grains -failed to resolve diff --git a/changelog/65193.fixed.md b/changelog/65193.fixed.md deleted file mode 100644 index 48a7e76e461..00000000000 --- a/changelog/65193.fixed.md +++ /dev/null @@ -1,2 +0,0 @@ -Fix issue with openscap when the error was outside the expected scope. It now -returns failed with the error code and the error diff --git a/changelog/65433.fixed.md b/changelog/65433.fixed.md deleted file mode 100644 index 97dd474d15c..00000000000 --- a/changelog/65433.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Upgrade relenv to 0.15.0 to fix namespaced packages installed by salt-pip diff --git a/changelog/65450.fixed.md b/changelog/65450.fixed.md deleted file mode 100644 index 5847b07145c..00000000000 --- a/changelog/65450.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fix regression of fileclient re-use when rendering sls pillars and states diff --git a/changelog/65589.fixed.md b/changelog/65589.fixed.md deleted file mode 100644 index e6f8f40e341..00000000000 --- a/changelog/65589.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fixes the s3fs backend computing the local cache's files with the wrong hash type diff --git a/changelog/65670.fixed.md b/changelog/65670.fixed.md deleted file mode 100644 index 54728d69d43..00000000000 --- a/changelog/65670.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fixed Salt-SSH pillar rendering and state rendering with nested SSH calls when called via saltutil.cmd or in an orchestration diff --git a/changelog/65691.fixed.md b/changelog/65691.fixed.md deleted file mode 100644 index 3b5192f80c0..00000000000 --- a/changelog/65691.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fix boto execution module loading diff --git a/changelog/65692.fixed.md b/changelog/65692.fixed.md deleted file mode 100644 index b4eef6c93d4..00000000000 --- a/changelog/65692.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Removed PR 65185 changes since incomplete solution diff --git a/changelog/65727.fixed.md b/changelog/65727.fixed.md deleted file mode 100644 index fe507ce4f8c..00000000000 --- a/changelog/65727.fixed.md +++ /dev/null @@ -1 +0,0 @@ -catch only ret/ events not all returning events. diff --git a/changelog/65752.fixed.md b/changelog/65752.fixed.md deleted file mode 100644 index f611c5e65ec..00000000000 --- a/changelog/65752.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fix nonsensical time in fileclient timeout error. diff --git a/changelog/65777.fixed.md b/changelog/65777.fixed.md deleted file mode 100644 index 3427b468878..00000000000 --- a/changelog/65777.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fixes an issue when reading/modifying ini files that contain unicode characters diff --git a/changelog/65824.fixed.md b/changelog/65824.fixed.md deleted file mode 100644 index 213f3f505fb..00000000000 --- a/changelog/65824.fixed.md +++ /dev/null @@ -1 +0,0 @@ -added https proxy to the list of proxies so that requests knows what to do with https based proxies diff --git a/changelog/65932.fixed.md b/changelog/65932.fixed.md deleted file mode 100644 index cafb2bb0022..00000000000 --- a/changelog/65932.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Ensure minion channels are closed on any master connection error. diff --git a/changelog/65938.changed.md b/changelog/65938.changed.md deleted file mode 100644 index a96e39b485d..00000000000 --- a/changelog/65938.changed.md +++ /dev/null @@ -1 +0,0 @@ -Change module search path priority, so Salt extensions can be overridden by syncable modules and module_dirs. You can switch back to the old logic by setting features.enable_deprecated_module_search_path_priority to true, but it will be removed in Salt 3008. diff --git a/changelog/65951.deprecated.md b/changelog/65951.deprecated.md deleted file mode 100644 index 833f9bf478d..00000000000 --- a/changelog/65951.deprecated.md +++ /dev/null @@ -1 +0,0 @@ -Deprecate and stop using ``salt.features`` diff --git a/changelog/65954.fixed.md b/changelog/65954.fixed.md deleted file mode 100644 index 113d603e005..00000000000 --- a/changelog/65954.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fixed issue where Salt can't find libcrypto when pip installed from a cloned repo diff --git a/changelog/65987.fixed.md b/changelog/65987.fixed.md deleted file mode 100644 index 0a5fdff03d2..00000000000 --- a/changelog/65987.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fix RPM package systemd scriptlets to make RPM packages more universal diff --git a/changelog/65990.fixed.md b/changelog/65990.fixed.md deleted file mode 100644 index 32027d2afc3..00000000000 --- a/changelog/65990.fixed.md +++ /dev/null @@ -1,2 +0,0 @@ -Fixed an issue where fileclient requests during Pillar rendering cause -fileserver backends to be needlessly refreshed. diff --git a/changelog/66004.security.md b/changelog/66004.security.md deleted file mode 100644 index 111cdc6136a..00000000000 --- a/changelog/66004.security.md +++ /dev/null @@ -1,3 +0,0 @@ -Bump to ``cryptography==42.0.0`` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f - -In the process, we were also required to update to ``pyOpenSSL==24.0.0`` diff --git a/changelog/66006.fixed.md b/changelog/66006.fixed.md deleted file mode 100644 index aa05c9c19af..00000000000 --- a/changelog/66006.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Fix exceptions being set on futures that are already done in ZeroMQ transport diff --git a/changelog/66041.fixed.md b/changelog/66041.fixed.md deleted file mode 100644 index 7f099a8d8e1..00000000000 --- a/changelog/66041.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Use hmac compare_digest method in hashutil module to mitigate potential timing attacks diff --git a/changelog/66061.fixed.md b/changelog/66061.fixed.md deleted file mode 100644 index 1735b25b2a4..00000000000 --- a/changelog/66061.fixed.md +++ /dev/null @@ -1,2 +0,0 @@ -Fix request channel default timeout regression. In 3006.5 it was changed from -60 to 30 and is now set back to 60 by default. diff --git a/changelog/66090.security.md b/changelog/66090.security.md deleted file mode 100644 index 2082ab1778f..00000000000 --- a/changelog/66090.security.md +++ /dev/null @@ -1 +0,0 @@ -Bump to `cryptography==42.0.3` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f diff --git a/changelog/66094.fixed.md b/changelog/66094.fixed.md deleted file mode 100644 index 224440f534b..00000000000 --- a/changelog/66094.fixed.md +++ /dev/null @@ -1 +0,0 @@ -Upgrade relenv to 0.15.1 to fix debugpy support. diff --git a/doc/man/salt-api.1 b/doc/man/salt-api.1 index ef5fc5ed68c..f82b64a4acf 100644 --- a/doc/man/salt-api.1 +++ b/doc/man/salt-api.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-API" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-API" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-api \- salt-api Command .sp diff --git a/doc/man/salt-call.1 b/doc/man/salt-call.1 index 5854684c3ce..01a8c6c5900 100644 --- a/doc/man/salt-call.1 +++ b/doc/man/salt-call.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-CALL" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-CALL" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-call \- salt-call Documentation .SH SYNOPSIS diff --git a/doc/man/salt-cloud.1 b/doc/man/salt-cloud.1 index 75365f7ea89..e2c57db40fc 100644 --- a/doc/man/salt-cloud.1 +++ b/doc/man/salt-cloud.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-CLOUD" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-CLOUD" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-cloud \- Salt Cloud Command .sp diff --git a/doc/man/salt-cp.1 b/doc/man/salt-cp.1 index f0bc77a539c..bbd76b69121 100644 --- a/doc/man/salt-cp.1 +++ b/doc/man/salt-cp.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-CP" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-CP" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-cp \- salt-cp Documentation .sp diff --git a/doc/man/salt-key.1 b/doc/man/salt-key.1 index 35b6d1aa3d3..c6de3044097 100644 --- a/doc/man/salt-key.1 +++ b/doc/man/salt-key.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-KEY" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-KEY" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-key \- salt-key Documentation .SH SYNOPSIS diff --git a/doc/man/salt-master.1 b/doc/man/salt-master.1 index 2e3e0b5a8de..e7c04e2c15f 100644 --- a/doc/man/salt-master.1 +++ b/doc/man/salt-master.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-MASTER" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-MASTER" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-master \- salt-master Documentation .sp diff --git a/doc/man/salt-minion.1 b/doc/man/salt-minion.1 index 1be877af479..70e2f1879c7 100644 --- a/doc/man/salt-minion.1 +++ b/doc/man/salt-minion.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-MINION" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-MINION" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-minion \- salt-minion Documentation .sp diff --git a/doc/man/salt-proxy.1 b/doc/man/salt-proxy.1 index c7ce2d85acb..93bdd1f6fae 100644 --- a/doc/man/salt-proxy.1 +++ b/doc/man/salt-proxy.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-PROXY" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-PROXY" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-proxy \- salt-proxy Documentation .sp diff --git a/doc/man/salt-run.1 b/doc/man/salt-run.1 index e968134ca1c..5231095e460 100644 --- a/doc/man/salt-run.1 +++ b/doc/man/salt-run.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-RUN" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-RUN" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-run \- salt-run Documentation .sp diff --git a/doc/man/salt-ssh.1 b/doc/man/salt-ssh.1 index 1ea3976ae10..1835a0ba620 100644 --- a/doc/man/salt-ssh.1 +++ b/doc/man/salt-ssh.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-SSH" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-SSH" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-ssh \- salt-ssh Documentation .SH SYNOPSIS diff --git a/doc/man/salt-syndic.1 b/doc/man/salt-syndic.1 index b006b33bbb8..652fbeb0c94 100644 --- a/doc/man/salt-syndic.1 +++ b/doc/man/salt-syndic.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT-SYNDIC" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT-SYNDIC" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt-syndic \- salt-syndic Documentation .sp diff --git a/doc/man/salt.1 b/doc/man/salt.1 index 9197a01fd3f..5faa32466d7 100644 --- a/doc/man/salt.1 +++ b/doc/man/salt.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt \- salt .SH SYNOPSIS diff --git a/doc/man/salt.7 b/doc/man/salt.7 index 88d600d0fcc..108bbdf6bf4 100644 --- a/doc/man/salt.7 +++ b/doc/man/salt.7 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SALT" "7" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SALT" "7" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME salt \- Salt Documentation .SH SALT PROJECT @@ -725,7 +725,7 @@ version of Python: .sp .nf .ft C -pyenv install 3.7.0 +pyenv install 3.9.18 .ft P .fi .UNINDENT @@ -742,7 +742,7 @@ new virtual environment with this command: .sp .nf .ft C -pyenv virtualenv 3.7.0 salt +pyenv virtualenv 3.9.18 salt .ft P .fi .UNINDENT @@ -1016,8 +1016,8 @@ you\(aqll need to run 3.9 or earlier. For example: .sp .nf .ft C -pyenv install 3.7.15 -pyenv virtualenv 3.7.15 salt\-docs +pyenv install 3.9.18 +pyenv virtualenv 3.9.18 salt\-docs echo \(aqsalt\-docs\(aq > .python\-version .ft P .fi @@ -1256,7 +1256,7 @@ meaningful and complete! \fITypically\fP the best tests for Salt are going to be unit tests. Testing is \fI\%a whole topic on its own\fP, But you may also want to write functional or integration tests. You\(aqll -find those in the \fBsalt/tests\fP directory. +find those in the \fBtests/\fP directory. .sp When you\(aqre thinking about tests to write, the most important thing to keep in mind is, “What, exactly, am I testing?” When a test fails, you @@ -1558,6 +1558,133 @@ For this, you would be able to install with: .fi .UNINDENT .UNINDENT +.SH SALT PROJECT MAINTENANCE POLICIES +.sp +This document explains the current project maintenance policies. The goal of +these policies are to reduce the maintenance burden on core maintainers of the +Salt Project and to encourage more active engagement from the Salt community. +.INDENT 0.0 +.IP \(bu 2 +\fI\%Issue management\fP +.IP \(bu 2 +\fI\%Pull request management\fP +.IP \(bu 2 +\fI\%Salt Enhancement Proposals (SEP) process\fP +.UNINDENT +.SS Issue management +.sp +Issues for the Salt Project are critical to Salt community communication and to +find and resolve issues in the Salt Project. As such, the issue tracker needs to +be kept clean and current to the currently supported releases of Salt. They also +need to be free of feature requests, arguments, and trolling. +.sp +We have decided to update our issue policy to be similar to RedHat community +project policies. +.sp +Community members who repeatedly violate these policies are subject to bans. +.INDENT 0.0 +.IP 1. 3 +All issues that were not opened against a currently supported release of Salt +will be closed. +.INDENT 3.0 +.IP \(bu 2 +When an old release of Salt is marked out of support, all issues opened +against the now defunct release will be closed. +.IP \(bu 2 +If the issue is still present in the current release of Salt, submit a new +issue. Do not re\-open the old issue after it has been closed. +.IP \(bu 2 +When opening a new issue that was a bug in a previous release of Salt, you +must validate it against a currently supported release of Salt for +consideration. Issues that do not show the problem against a current +release will be closed without consideration. +.UNINDENT +.IP 2. 3 +Only defects can be submitted to the issue tracker. +.INDENT 3.0 +.IP \(bu 2 +Feature requests without a PR will be immediately closed. +.IP \(bu 2 +Feature requests must be designated as a feature being developed and owned +by the issue submitter and assigned to a release. Otherwise they will be +immediately closed. +.IP \(bu 2 +Discussions about features can be held in the GitHub +\fI\%Discussions\fP tab or in +the community \fI\%Open Hour\fP\&. +.IP \(bu 2 +Questions will be immediately closed. +.UNINDENT +.IP 3. 3 +Issues must submit sufficient information. +.INDENT 3.0 +.IP \(bu 2 +Issues must follow the relevant template for information. +.IP \(bu 2 +Issues that do not give sufficient information about the nature of the +issue \fBand how to reproduce the issue\fP will be immediately closed. +.IP \(bu 2 +Issues that do not comply will be immediately closed. +.UNINDENT +.UNINDENT +.SS Pull request management +.sp +The Salt pull request (PR) queue has been a challenge to maintain for the entire +life of the project. This is in large part due to the incredibly active and +vibrant community around Salt. +.sp +Unfortunately, it has proven to be too much for the core team and the greater +Salt community to manage. As such, we deem it necessary to make fundamental +changes to how we manage the PR queue: +.INDENT 0.0 +.IP 1. 3 +All PRs opened against releases of Salt that are no longer supported will be +closed immediately. +.IP 2. 3 +Closed PRs can be resubmitted, NOT re\-opened. +.IP 3. 3 +PRs need to provide full tests for all of the code affected, regardless of +whether the PR author wrote the code affected. +.IP 4. 3 +PR tests need to be written using the current test mechanism (pytest). +.IP 5. 3 +PRs need to pass tests. +.IP 6. 3 +PRs must NOT increase the overall test time by a noticeable length. +.IP 7. 3 +PRs must NOT add new plugins directly to Salt unless sanctioned by the Salt +core team. New plugins should be made into Salt Extensions. +.IP 8. 3 +PRs that have not been updated due to inactivity will be closed. Inactivity +is determined by a lack of submitter activity for the space of 1 month. +.IP 9. 3 +PR tests should always maintain or increase total code coverage. +.UNINDENT +.SS Salt Enhancement Proposals (SEP) process +.sp +\fBA message from Thomas Hatch, creator of Salt:\fP +.sp +In 2019, we decided to create a community process to discuss and review Salt +Enhancement Proposals (SEPs). Unfortunately, I feel that this process has not +proven to be an effective way to solve the core issues around Salt Enhancements. +Overall, the Salt enhancement process has proven itself to be more of a burden +than an accelerant to Salt stability, security, and progress. As such, I feel +that the current optimal course of action is to shut the process down. +.sp +Instead of the Salt Enhancement Proposal process, we will add a time in the +\fI\%Open Hour\fP for people to present ideas and +concepts to better understand if they are worth their effort to develop. +Extensive documentation around more intrusive or involved enhancements should +be included in pull requests (PRs). Conversations about enhancements can also be +held in the \fI\%Discussions\fP tab +in GitHub. +.sp +By migrating the conversation into the PR process, we ensure that we are only +reviewing viable proposals instead of being burdened with requests that the core +team is expected to fulfill. +.sp +Effective immediately (January 2024), we are archiving and freezing the SEP +repo. .SH INSTALLATION .sp See the \fI\%Salt Install Guide\fP @@ -194368,7 +194495,7 @@ Passes through all the parameters described in the \fI\%utils.http.query function\fP: .INDENT 7.0 .TP -.B salt.utils.http.query(url, method=\(aqGET\(aq, params=None, data=None, data_file=None, header_dict=None, header_list=None, header_file=None, username=None, password=None, auth=None, decode=False, decode_type=\(aqauto\(aq, status=False, headers=False, text=False, cookies=None, cookie_jar=None, cookie_format=\(aqlwp\(aq, persist_session=False, session_cookie_jar=None, data_render=False, data_renderer=None, header_render=False, header_renderer=None, template_dict=None, test=False, test_url=None, node=\(aqminion\(aq, port=80, opts=None, backend=None, ca_bundle=None, verify_ssl=None, cert=None, text_out=None, headers_out=None, decode_out=None, stream=False, streaming_callback=None, header_callback=None, handle=False, agent=\(aqSalt/3006.6\(aq, hide_fields=None, raise_error=True, formdata=False, formdata_fieldname=None, formdata_filename=None, decode_body=True, **kwargs) +.B salt.utils.http.query(url, method=\(aqGET\(aq, params=None, data=None, data_file=None, header_dict=None, header_list=None, header_file=None, username=None, password=None, auth=None, decode=False, decode_type=\(aqauto\(aq, status=False, headers=False, text=False, cookies=None, cookie_jar=None, cookie_format=\(aqlwp\(aq, persist_session=False, session_cookie_jar=None, data_render=False, data_renderer=None, header_render=False, header_renderer=None, template_dict=None, test=False, test_url=None, node=\(aqminion\(aq, port=80, opts=None, backend=None, ca_bundle=None, verify_ssl=None, cert=None, text_out=None, headers_out=None, decode_out=None, stream=False, streaming_callback=None, header_callback=None, handle=False, agent=\(aqSalt/3006.7\(aq, hide_fields=None, raise_error=True, formdata=False, formdata_fieldname=None, formdata_filename=None, decode_body=True, **kwargs) Query a resource, and decode the return data .UNINDENT .INDENT 7.0 @@ -197100,8 +197227,46 @@ all (for example /etc/sysctl.conf) .INDENT 0.0 .TP -.B salt.modules.ini_manage.get_ini(file_name, separator=\(aq=\(aq) -Retrieve whole structure from an ini file and return it as dictionary. +.B salt.modules.ini_manage.get_ini(file_name, separator=\(aq=\(aq, encoding=None) +Retrieve the whole structure from an ini file and return it as a dictionary. +.INDENT 7.0 +.TP +.B Parameters +.INDENT 7.0 +.IP \(bu 2 +\fBfile_name\fP (\fI\%str\fP) \-\- The full path to the ini file. +.IP \(bu 2 +\fBseparator\fP (\fI\%str\fP) \-\- +.sp +The character used to separate keys and values. Standard ini files +use the \(dq=\(dq character. The default is \fB=\fP\&. +.sp +New in version 2016.11.0. + + +.IP \(bu 2 +\fBencoding\fP (\fI\%str\fP) \-\- +.sp +A string value representing encoding of the target ini file. If +\fBNone\fP is passed, it uses the system default which is likely +\fButf\-8\fP\&. Default is \fBNone\fP +.sp +New in version 3006.6. + + +.UNINDENT +.TP +.B Returns +.INDENT 7.0 +.TP +.B A dictionary containing the sections along with the values and +names contained in each section +.UNINDENT + +.TP +.B Return type +\fI\%dict\fP +.UNINDENT .sp API Example: .INDENT 7.0 @@ -197110,9 +197275,8 @@ API Example: .nf .ft C import salt.client -with salt.client.giet_local_client() as sc: - sc.cmd(\(aqtarget\(aq, \(aqini.get_ini\(aq, - [path_to_ini_file]) +with salt.client.get_local_client() as sc: + sc.cmd(\(aqtarget\(aq, \(aqini.get_ini\(aq, [path_to_ini_file]) .ft P .fi .UNINDENT @@ -197132,9 +197296,52 @@ salt \(aq*\(aq ini.get_ini /path/to/ini .UNINDENT .INDENT 0.0 .TP -.B salt.modules.ini_manage.get_option(file_name, section, option, separator=\(aq=\(aq) +.B salt.modules.ini_manage.get_option(file_name, section, option, separator=\(aq=\(aq, encoding=None) Get value of a key from a section in an ini file. Returns \fBNone\fP if no matching key was found. +.INDENT 7.0 +.TP +.B Parameters +.INDENT 7.0 +.IP \(bu 2 +\fBfile_name\fP (\fI\%str\fP) \-\- The full path to the ini file. +.IP \(bu 2 +\fBsection\fP (\fI\%str\fP) \-\- A string value representing the section of the ini that the option +is in. If the option is not in a section, leave this empty. +.IP \(bu 2 +\fBoption\fP (\fI\%str\fP) \-\- A string value representing the option to search for. +.IP \(bu 2 +\fBseparator\fP (\fI\%str\fP) \-\- +.sp +The character used to separate keys and values. Standard ini files +use the \(dq=\(dq character. The default is \fB=\fP\&. +.sp +New in version 2016.11.0. + + +.IP \(bu 2 +\fBencoding\fP (\fI\%str\fP) \-\- +.sp +A string value representing encoding of the target ini file. If +\fBNone\fP is passed, it uses the system default which is likely +\fButf\-8\fP\&. Default is \fBNone\fP +.sp +New in version 3006.6. + + +.UNINDENT +.TP +.B Returns +.INDENT 7.0 +.TP +.B The value as defined in the ini file, or \fBNone\fP if empty or not +found +.UNINDENT + +.TP +.B Return type +\fI\%str\fP +.UNINDENT .sp API Example: .INDENT 7.0 @@ -197144,8 +197351,7 @@ API Example: .ft C import salt.client with salt.client.get_local_client() as sc: - sc.cmd(\(aqtarget\(aq, \(aqini.get_option\(aq, - [path_to_ini_file, section_name, option]) + sc.cmd(\(aqtarget\(aq, \(aqini.get_option\(aq, [path_to_ini_file, section_name, option]) .ft P .fi .UNINDENT @@ -197165,9 +197371,50 @@ salt \(aq*\(aq ini.get_option /path/to/ini section_name option_name .UNINDENT .INDENT 0.0 .TP -.B salt.modules.ini_manage.get_section(file_name, section, separator=\(aq=\(aq) -Retrieve a section from an ini file. Returns the section as dictionary. If +.B salt.modules.ini_manage.get_section(file_name, section, separator=\(aq=\(aq, encoding=None) +Retrieve a section from an ini file. Returns the section as a dictionary. If the section is not found, an empty dictionary is returned. +.INDENT 7.0 +.TP +.B Parameters +.INDENT 7.0 +.IP \(bu 2 +\fBfile_name\fP (\fI\%str\fP) \-\- The full path to the ini file. +.IP \(bu 2 +\fBsection\fP (\fI\%str\fP) \-\- A string value representing name of the section to search for. +.IP \(bu 2 +\fBseparator\fP (\fI\%str\fP) \-\- +.sp +The character used to separate keys and values. Standard ini files +use the \(dq=\(dq character. The default is \fB=\fP\&. +.sp +New in version 2016.11.0. + + +.IP \(bu 2 +\fBencoding\fP (\fI\%str\fP) \-\- +.sp +A string value representing encoding of the target ini file. If +\fBNone\fP is passed, it uses the system default which is likely +\fButf\-8\fP\&. Default is \fBNone\fP +.sp +New in version 3006.6. + + +.UNINDENT +.TP +.B Returns +.INDENT 7.0 +.TP +.B A dictionary containing the names and values of all items in the +section of the ini file. If the section is not found, an empty +dictionary is returned +.UNINDENT + +.TP +.B Return type +\fI\%dict\fP +.UNINDENT .sp API Example: .INDENT 7.0 @@ -197177,8 +197424,7 @@ API Example: .ft C import salt.client with salt.client.get_local_client() as sc: - sc.cmd(\(aqtarget\(aq, \(aqini.get_section\(aq, - [path_to_ini_file, section_name]) + sc.cmd(\(aqtarget\(aq, \(aqini.get_section\(aq, [path_to_ini_file, section_name]) .ft P .fi .UNINDENT @@ -197198,9 +197444,52 @@ salt \(aq*\(aq ini.get_section /path/to/ini section_name .UNINDENT .INDENT 0.0 .TP -.B salt.modules.ini_manage.remove_option(file_name, section, option, separator=\(aq=\(aq) +.B salt.modules.ini_manage.remove_option(file_name, section, option, separator=\(aq=\(aq, encoding=None) Remove a key/value pair from a section in an ini file. Returns the value of the removed key, or \fBNone\fP if nothing was removed. +.INDENT 7.0 +.TP +.B Parameters +.INDENT 7.0 +.IP \(bu 2 +\fBfile_name\fP (\fI\%str\fP) \-\- The full path to the ini file. +.IP \(bu 2 +\fBsection\fP (\fI\%str\fP) \-\- A string value representing the section of the ini that the option +is in. If the option is not in a section, leave this empty. +.IP \(bu 2 +\fBoption\fP (\fI\%str\fP) \-\- A string value representing the option to search for. +.IP \(bu 2 +\fBseparator\fP (\fI\%str\fP) \-\- +.sp +The character used to separate keys and values. Standard ini files +use the \(dq=\(dq character. The default is \fB=\fP\&. +.sp +New in version 2016.11.0. + + +.IP \(bu 2 +\fBencoding\fP (\fI\%str\fP) \-\- +.sp +A string value representing encoding of the target ini file. If +\fBNone\fP is passed, it uses the system default which is likely +\fButf\-8\fP\&. Default is \fBNone\fP +.sp +New in version 3006.6. + + +.UNINDENT +.TP +.B Returns +.INDENT 7.0 +.TP +.B A string value representing the option that was removed or \fBNone\fP +if nothing was removed +.UNINDENT + +.TP +.B Return type +\fI\%str\fP +.UNINDENT .sp API Example: .INDENT 7.0 @@ -197210,8 +197499,7 @@ API Example: .ft C import salt sc = salt.client.get_local_client() -sc.cmd(\(aqtarget\(aq, \(aqini.remove_option\(aq, - [path_to_ini_file, section_name, option]) +sc.cmd(\(aqtarget\(aq, \(aqini.remove_option\(aq, [path_to_ini_file, section_name, option]) .ft P .fi .UNINDENT @@ -197231,9 +197519,49 @@ salt \(aq*\(aq ini.remove_option /path/to/ini section_name option_name .UNINDENT .INDENT 0.0 .TP -.B salt.modules.ini_manage.remove_section(file_name, section, separator=\(aq=\(aq) -Remove a section in an ini file. Returns the removed section as dictionary, -or \fBNone\fP if nothing was removed. +.B salt.modules.ini_manage.remove_section(file_name, section, separator=\(aq=\(aq, encoding=None) +Remove a section in an ini file. Returns the removed section as a +dictionary, or \fBNone\fP if nothing is removed. +.INDENT 7.0 +.TP +.B Parameters +.INDENT 7.0 +.IP \(bu 2 +\fBfile_name\fP (\fI\%str\fP) \-\- The full path to the ini file. +.IP \(bu 2 +\fBsection\fP (\fI\%str\fP) \-\- A string value representing the name of the section search for. +.IP \(bu 2 +\fBseparator\fP (\fI\%str\fP) \-\- +.sp +The character used to separate keys and values. Standard ini files +use the \(dq=\(dq character. The default is \fB=\fP\&. +.sp +New in version 2016.11.0. + + +.IP \(bu 2 +\fBencoding\fP (\fI\%str\fP) \-\- +.sp +A string value representing encoding of the target ini file. If +\fBNone\fP is passed, it uses the system default which is likely +\fButf\-8\fP\&. Default is \fBNone\fP +.sp +New in version 3006.6. + + +.UNINDENT +.TP +.B Returns +.INDENT 7.0 +.TP +.B A dictionary containing the names and values of all items in the +section that was removed or \fBNone\fP if nothing was removed +.UNINDENT + +.TP +.B Return type +\fI\%dict\fP +.UNINDENT .sp API Example: .INDENT 7.0 @@ -197243,8 +197571,7 @@ API Example: .ft C import salt.client with salt.client.get_local_client() as sc: - sc.cmd(\(aqtarget\(aq, \(aqini.remove_section\(aq, - [path_to_ini_file, section_name]) + sc.cmd(\(aqtarget\(aq, \(aqini.remove_section\(aq, [path_to_ini_file, section_name]) .ft P .fi .UNINDENT @@ -197264,29 +197591,46 @@ salt \(aq*\(aq ini.remove_section /path/to/ini section_name .UNINDENT .INDENT 0.0 .TP -.B salt.modules.ini_manage.set_option(file_name, sections=None, separator=\(aq=\(aq) +.B salt.modules.ini_manage.set_option(file_name, sections=None, separator=\(aq=\(aq, encoding=None) Edit an ini file, replacing one or more sections. Returns a dictionary containing the changes made. .INDENT 7.0 .TP -.B file_name -path of ini_file -.TP -.B sections -None -A dictionary representing the sections to be edited ini file -The keys are the section names and the values are the dictionary -containing the options -If the ini file does not contain sections the keys and values represent -the options -.TP -.B separator -= -A character used to separate keys and values. Standard ini files use -the \(dq=\(dq character. +.B Parameters +.INDENT 7.0 +.IP \(bu 2 +\fBfile_name\fP (\fI\%str\fP) \-\- The full path to the ini file. +.IP \(bu 2 +\fBsections\fP (\fI\%dict\fP) \-\- A dictionary representing the sections to be edited in the ini file. +The keys are the section names and the values are a dictionary +containing the options. If the ini file does not contain sections +the keys and values represent the options. The default is \fBNone\fP\&. +.IP \(bu 2 +\fBseparator\fP (\fI\%str\fP) \-\- +.sp +The character used to separate keys and values. Standard ini files +use the \(dq=\(dq character. The default is \fB=\fP\&. .sp New in version 2016.11.0. + +.IP \(bu 2 +\fBencoding\fP (\fI\%str\fP) \-\- +.sp +A string value representing encoding of the target ini file. If +\fBNone\fP is passed, it uses the system default which is likely +\fButf\-8\fP\&. Default is \fBNone\fP +.sp +New in version 3006.6. + + +.UNINDENT +.TP +.B Returns +A dictionary representing the changes made to the ini file +.TP +.B Return type +\fI\%dict\fP .UNINDENT .sp API Example: @@ -197298,8 +197642,7 @@ API Example: import salt.client with salt.client.get_local_client() as sc: sc.cmd( - \(aqtarget\(aq, \(aqini.set_option\(aq, - [\(aqpath_to_ini_file\(aq, \(aq{\(dqsection_to_change\(dq: {\(dqkey\(dq: \(dqvalue\(dq}}\(aq] + \(aqtarget\(aq, \(aqini.set_option\(aq, [\(aqpath_to_ini_file\(aq, \(aq{\(dqsection_to_change\(dq: {\(dqkey\(dq: \(dqvalue\(dq}}\(aq] ) .ft P .fi @@ -218197,7 +218540,7 @@ salt \(aq*\(aq assistive.enabled com.smileonmymac.textexpander .UNINDENT .INDENT 0.0 .TP -.B salt.modules.mac_assistive.install(app_id, enable=True) +.B salt.modules.mac_assistive.install(app_id, enable=True, tries=3, wait=10) Install a bundle ID or command as being allowed to use assistive access. .INDENT 7.0 @@ -218207,6 +218550,12 @@ The bundle ID or command to install for assistive access. .TP .B enabled Sets enabled or disabled status. Default is \fBTrue\fP\&. +.TP +.B tries +How many times to try and write to a read\-only tcc. Default is \fBTrue\fP\&. +.TP +.B wait +Number of seconds to wait between tries. Default is \fB10\fP\&. .UNINDENT .sp CLI Example: @@ -219107,7 +219456,7 @@ salt \(aq*\(aq keychain.get_default_keychain .UNINDENT .INDENT 0.0 .TP -.B salt.modules.mac_keychain.get_friendly_name(cert, password) +.B salt.modules.mac_keychain.get_friendly_name(cert, password, legacy=False) Get the friendly name of the given certificate .INDENT 7.0 .TP @@ -219120,6 +219469,9 @@ described for openssl command in the PASS PHRASE ARGUMENTS section .sp Note: The password given here will show up as plaintext in the returned job info. +.TP +.B legacy +Assume legacy format for certificate. .UNINDENT .sp CLI Example: @@ -219129,6 +219481,8 @@ CLI Example: .nf .ft C salt \(aq*\(aq keychain.get_friendly_name /tmp/test.p12 test123 + +salt \(aq*\(aq keychain.get_friendly_name /tmp/test.p12 test123 legacy=True .ft P .fi .UNINDENT @@ -220993,7 +221347,8 @@ Get the date/time the account was created \fBname\fP (\fI\%str\fP) \-\- The username of the account .TP .B Returns -The date/time the account was created (yyyy\-mm\-dd hh:mm:ss) +The date/time the account was created (yyyy\-mm\-dd hh:mm:ss) or 0 if +the value is not defined .TP .B Return type \fI\%str\fP @@ -221086,7 +221441,8 @@ Get the date/time the account was changed \fBname\fP (\fI\%str\fP) \-\- The username of the account .TP .B Returns -The date/time the account was modified (yyyy\-mm\-dd hh:mm:ss) +The date/time the account was modified (yyyy\-mm\-dd hh:mm:ss) or 0 +if the value is not defined .TP .B Return type \fI\%str\fP @@ -221117,10 +221473,11 @@ Get the number of failed login attempts \fBname\fP (\fI\%str\fP) \-\- The username of the account .TP .B Returns -The number of failed login attempts +The number of failed login attempts. 0 may mean there are no failed +login attempts or the value is not defined .TP .B Return type -\fI\%int\fP +\fI\%str\fP .TP .B Raises CommandExecutionError on user not found or any other unknown error @@ -221149,7 +221506,7 @@ Get the date/time of the last failed login attempt .TP .B Returns The date/time of the last failed login attempt on this account -(yyyy\-mm\-dd hh:mm:ss) +(yyyy\-mm\-dd hh:mm:ss) or 0 if the value is not defined .TP .B Return type \fI\%str\fP @@ -291579,7 +291936,8 @@ It exists as a more intuitive way of applying states. .sp APPLYING ALL STATES CONFIGURED IN TOP.SLS (A.K.A. \fI\%HIGHSTATE\fP) .sp -To apply all configured states, simply run \fBstate.apply\fP: +To apply all configured states, simply run \fBstate.apply\fP with no SLS +targets, like so: .INDENT 7.0 .INDENT 3.5 .sp @@ -302346,7 +302704,7 @@ New in version 3004. A transactional system, like \fI\%MicroOS\fP, can present some challenges when the user decided to manage it via Salt. .sp -MicroOS provide a read\-only rootfs and a tool, +MicroOS provides a read\-only rootfs and a tool, \fBtransactional\-update\fP, that takes care of the management of the system (updating, upgrading, installation or reboot, among others) in an atomic way. @@ -302473,7 +302831,7 @@ For example: .sp .nf .ft C -transactional\-update \-\-continue \-\-drop\-if\-no\-change run zypper in apache2\(dq +transactional\-update \-\-continue \-\-drop\-if\-no\-change run zypper in apache2 .ft P .fi .UNINDENT @@ -302591,11 +302949,11 @@ everything can be expressed inside a transaction (for example, restarting a service inside transaction is not allowed). .SS Two step for service restart .sp -In the \fBapache2\(ga example from the beginning we can observe the -biggest drawback. If the package \(ga\(gaapache2\fP is missing, the new +In the \fBapache2\fP example from the beginning we can observe the +biggest drawback. If the package \fBapache2\fP is missing, the new module will create a new transaction, will execute \fBpkg.install\fP inside the transaction (creating the salt\-thin, moving it inside and -delegating the execution to \fItransactional\-update\fP CLI as part of the +delegating the execution to \fBtransactional\-update\fP CLI as part of the full state). Inside the transaction we can do too the required changes in \fB/etc\fP for adding the new \fBvhost\fP, and we can enable the service via systemctl inside the same transaction. @@ -302645,7 +303003,7 @@ this function, check \fIstate.apply_\fP documentation. .TP .B activate_transaction If at the end of the transaction there is a pending activation -(i.e there is a new snaphot in the system), a new reboot will +(i.e there is a new snapshot in the system), a new reboot will be scheduled (default False) .UNINDENT .sp @@ -302707,7 +303065,7 @@ Salt execution module function .TP .B activate_transaction If at the end of the transaction there is a pending activation -(i.e there is a new snaphot in the system), a new reboot will +(i.e there is a new snapshot in the system), a new reboot will be scheduled (default False) .UNINDENT .sp @@ -302877,15 +303235,15 @@ this function, check \fIstate.highstate\fP documentation. .TP .B activate_transaction If at the end of the transaction there is a pending activation -(i.e there is a new snaphot in the system), a new reboot will -be scheduled (default False) +(i.e there is a new snapshot in the system), a new reboot will +be scheduled (Default: False). .TP .B queue Instead of failing immediately when another state run is in progress, queue the new state run to begin running once the other has finished. .sp This option starts a new thread for each queued state run, so use this -option sparingly. (Default: False) +option sparingly (Default: False). .UNINDENT .sp CLI Example: @@ -303245,8 +303603,8 @@ salt microos transactional_update rollback .B salt.modules.transactional_update.run(command, self_update=False, snapshot=None) Run a command in a new snapshot .sp -Execute the command inside a new snapshot. By default this snaphot -will remain, but if \-\-drop\-if\-no\-chage is set, the new snapshot +Execute the command inside a new snapshot. By default this snapshot +will remain, but if \-\-drop\-if\-no\-change is set, the new snapshot will be dropped if there is no change in the file system. .INDENT 7.0 .TP @@ -303289,15 +303647,15 @@ of keyword values is also supported. .TP .B activate_transaction If at the end of the transaction there is a pending activation -(i.e there is a new snaphot in the system), a new reboot will -be scheduled (default False) +(i.e there is a new snapshot in the system), a new reboot will +be scheduled (Default: False). .TP .B queue Instead of failing immediately when another state run is in progress, queue the new state run to begin running once the other has finished. .sp This option starts a new thread for each queued state run, so use this -option sparingly. (Default: False) +option sparingly (Default: False). .UNINDENT .sp CLI Example: @@ -303337,15 +303695,15 @@ may be used to match multiple states. .TP .B activate_transaction If at the end of the transaction there is a pending activation -(i.e there is a new snaphot in the system), a new reboot will -be scheduled (default False) +(i.e there is a new snapshot in the system), a new reboot will +be scheduled (Default: False). .TP .B queue Instead of failing immediately when another state run is in progress, queue the new state run to begin running once the other has finished. .sp This option starts a new thread for each queued state run, so use this -option sparingly. (Default: False) +option sparingly (Default: False). .UNINDENT .sp For a formal description of the possible parameters accepted in @@ -351598,6 +351956,27 @@ More info here: \fI\%https://docs.aws.amazon.com/cli/latest/topic/s3\-config.html\fP .UNINDENT .UNINDENT +.sp +\fBNOTE:\fP +.INDENT 0.0 +.INDENT 3.5 +This fileserver back\-end will by default sync all buckets on every +fileserver update. +.sp +If you want files to be only populated in the cache when requested, you can +disable this in the master config: +.INDENT 0.0 +.INDENT 3.5 +.sp +.nf +.ft C +s3.s3_sync_on_update: False +.ft P +.fi +.UNINDENT +.UNINDENT +.UNINDENT +.UNINDENT .SS salt.fileserver.svnfs .sp Subversion Fileserver Backend @@ -442311,7 +442690,7 @@ This is the top level of the registry. They all begin with HKEY. .IP \(bu 2 HKEY_CLASSES_ROOT (HKCR) .IP \(bu 2 -HKEY_CURRENT_USER(HKCU) +HKEY_CURRENT_USER (HKCU) .IP \(bu 2 HKEY_LOCAL MACHINE (HKLM) .IP \(bu 2 @@ -442393,7 +442772,7 @@ Ensure a registry value is removed. To remove a key use key_absent. A string value representing the full path of the key to include the HIVE, Key, and all Subkeys. For example: .sp -\fBHKEY_LOCAL_MACHINE\e\eSOFTWARE\e\eSalt\fP +\fBHKEY_LOCAL_MACHINE\eSOFTWARE\eSalt\fP .sp Valid hive values include: .INDENT 2.0 @@ -442433,7 +442812,7 @@ CLI Example: .sp .nf .ft C -\(aqHKEY_CURRENT_USER\e\eSOFTWARE\e\eSalt\(aq: +\(aqHKEY_CURRENT_USER\eSOFTWARE\eSalt\(aq: reg.absent \- vname: version .ft P @@ -442536,7 +442915,7 @@ Ensure a registry key or value is present. A string value representing the full path of the key to include the HIVE, Key, and all Subkeys. For example: .sp -\fBHKEY_LOCAL_MACHINE\e\eSOFTWARE\e\eSalt\fP +\fBHKEY_LOCAL_MACHINE\eSOFTWARE\eSalt\fP .sp Valid hive values include: .INDENT 2.0 @@ -442820,14 +443199,14 @@ A dictionary showing the results of the registry operation. Example: .sp The following example will set the \fB(Default)\fP value for the -\fBSOFTWARE\e\eSalt\fP key in the \fBHKEY_CURRENT_USER\fP hive to +\fBSOFTWARE\eSalt\fP key in the \fBHKEY_CURRENT_USER\fP hive to \fB2016.3.1\fP: .INDENT 7.0 .INDENT 3.5 .sp .nf .ft C -HKEY_CURRENT_USER\e\eSOFTWARE\e\eSalt: +HKEY_CURRENT_USER\eSOFTWARE\eSalt: reg.present: \- vdata: 2016.3.1 .ft P @@ -442838,14 +443217,14 @@ HKEY_CURRENT_USER\e\eSOFTWARE\e\eSalt: Example: .sp The following example will set the value for the \fBversion\fP entry under -the \fBSOFTWARE\e\eSalt\fP key in the \fBHKEY_CURRENT_USER\fP hive to +the \fBSOFTWARE\eSalt\fP key in the \fBHKEY_CURRENT_USER\fP hive to \fB2016.3.1\fP\&. The value will be reflected in \fBWow6432Node\fP: .INDENT 7.0 .INDENT 3.5 .sp .nf .ft C -HKEY_CURRENT_USER\e\eSOFTWARE\e\eSalt: +HKEY_CURRENT_USER\eSOFTWARE\eSalt: reg.present: \- vname: version \- vdata: 2016.3.1 @@ -442861,7 +443240,7 @@ In the above example the path is interpreted as follows: .IP \(bu 2 \fBHKEY_CURRENT_USER\fP is the hive .IP \(bu 2 -\fBSOFTWARE\e\eSalt\fP is the key +\fBSOFTWARE\eSalt\fP is the key .IP \(bu 2 \fBvname\fP is the value name (\(aqversion\(aq) that will be created under the key .IP \(bu 2 @@ -457898,7 +458277,7 @@ installed2 .UNINDENT .INDENT 0.0 .TP -.B salt.states.zcbuildout.installed(name, config=\(aqbuildout.cfg\(aq, quiet=False, parts=None, user=None, env=(), buildout_ver=None, test_release=False, distribute=None, new_st=None, offline=False, newest=False, python=\(aq/opt/actions\-runner/_work/salt\-priv/salt\-priv/.tools\-venvs/py3.10/docs/bin/python\(aq, debug=False, verbose=False, unless=None, onlyif=None, use_vt=False, loglevel=\(aqdebug\(aq, **kwargs) +.B salt.states.zcbuildout.installed(name, config=\(aqbuildout.cfg\(aq, quiet=False, parts=None, user=None, env=(), buildout_ver=None, test_release=False, distribute=None, new_st=None, offline=False, newest=False, python=\(aq/opt/actions\-runner/_work/salt/salt/.tools\-venvs/py3.10/docs/bin/python\(aq, debug=False, verbose=False, unless=None, onlyif=None, use_vt=False, loglevel=\(aqdebug\(aq, **kwargs) Install buildout in a specific directory .sp It is a thin wrapper to modules.buildout.buildout @@ -466917,7 +467296,7 @@ version of Python: .sp .nf .ft C -pyenv install 3.7.0 +pyenv install 3.9.18 .ft P .fi .UNINDENT @@ -466934,7 +467313,7 @@ new virtual environment with this command: .sp .nf .ft C -pyenv virtualenv 3.7.0 salt +pyenv virtualenv 3.9.18 salt .ft P .fi .UNINDENT @@ -467208,8 +467587,8 @@ you\(aqll need to run 3.9 or earlier. For example: .sp .nf .ft C -pyenv install 3.7.15 -pyenv virtualenv 3.7.15 salt\-docs +pyenv install 3.9.18 +pyenv virtualenv 3.9.18 salt\-docs echo \(aqsalt\-docs\(aq > .python\-version .ft P .fi @@ -467448,7 +467827,7 @@ meaningful and complete! \fITypically\fP the best tests for Salt are going to be unit tests. Testing is \fI\%a whole topic on its own\fP, But you may also want to write functional or integration tests. You\(aqll -find those in the \fBsalt/tests\fP directory. +find those in the \fBtests/\fP directory. .sp When you\(aqre thinking about tests to write, the most important thing to keep in mind is, “What, exactly, am I testing?” When a test fails, you @@ -478009,6 +478388,85 @@ Bump to \fBgitpython==3.1.41\fP due to \fI\%https://github.com/advisories/GHSA\- Bump to \fBjinja2==3.1.3\fP due to \fI\%https://github.com/advisories/GHSA\-h5c8\-rqwp\-cp95\fP \fI\%#65830\fP .UNINDENT .UNINDENT +(release\-3006.7)= +.SS Salt 3006.7 release notes +.SS Changelog +.SS Deprecated +.INDENT 0.0 +.IP \(bu 2 +Deprecate and stop using \fBsalt.features\fP \fI\%#65951\fP +.UNINDENT +.SS Changed +.INDENT 0.0 +.IP \(bu 2 +Change module search path priority, so Salt extensions can be overridden by syncable modules and module_dirs. You can switch back to the old logic by setting features.enable_deprecated_module_search_path_priority to true, but it will be removed in Salt 3008. \fI\%#65938\fP +.UNINDENT +.SS Fixed +.INDENT 0.0 +.IP \(bu 2 +Fix an issue with mac_shadow that was causing a command execution error when +retrieving values that were not yet set. For example, retrieving last login +before the user had logged in. \fI\%#34658\fP +.IP \(bu 2 +Fixed an issue when keys didn\(aqt match because of line endings \fI\%#52289\fP +.IP \(bu 2 +Corrected encoding of credentials for use with Artifactory \fI\%#63063\fP +.IP \(bu 2 +Use \fBsend_multipart\fP instead of \fBsend\fP when sending multipart message. \fI\%#65018\fP +.IP \(bu 2 +Fix an issue where the minion would crash on Windows if some of the grains +failed to resolve \fI\%#65154\fP +.IP \(bu 2 +Fix issue with openscap when the error was outside the expected scope. It now +returns failed with the error code and the error \fI\%#65193\fP +.IP \(bu 2 +Upgrade relenv to 0.15.0 to fix namespaced packages installed by salt\-pip \fI\%#65433\fP +.IP \(bu 2 +Fix regression of fileclient re\-use when rendering sls pillars and states \fI\%#65450\fP +.IP \(bu 2 +Fixes the s3fs backend computing the local cache\(aqs files with the wrong hash type \fI\%#65589\fP +.IP \(bu 2 +Fixed Salt\-SSH pillar rendering and state rendering with nested SSH calls when called via saltutil.cmd or in an orchestration \fI\%#65670\fP +.IP \(bu 2 +Fix boto execution module loading \fI\%#65691\fP +.IP \(bu 2 +Removed PR 65185 changes since incomplete solution \fI\%#65692\fP +.IP \(bu 2 +catch only ret/ events not all returning events. \fI\%#65727\fP +.IP \(bu 2 +Fix nonsensical time in fileclient timeout error. \fI\%#65752\fP +.IP \(bu 2 +Fixes an issue when reading/modifying ini files that contain unicode characters \fI\%#65777\fP +.IP \(bu 2 +added https proxy to the list of proxies so that requests knows what to do with https based proxies \fI\%#65824\fP +.IP \(bu 2 +Ensure minion channels are closed on any master connection error. \fI\%#65932\fP +.IP \(bu 2 +Fixed issue where Salt can\(aqt find libcrypto when pip installed from a cloned repo \fI\%#65954\fP +.IP \(bu 2 +Fix RPM package systemd scriptlets to make RPM packages more universal \fI\%#65987\fP +.IP \(bu 2 +Fixed an issue where fileclient requests during Pillar rendering cause +fileserver backends to be needlessly refreshed. \fI\%#65990\fP +.IP \(bu 2 +Fix exceptions being set on futures that are already done in ZeroMQ transport \fI\%#66006\fP +.IP \(bu 2 +Use hmac compare_digest method in hashutil module to mitigate potential timing attacks \fI\%#66041\fP +.IP \(bu 2 +Fix request channel default timeout regression. In 3006.5 it was changed from +60 to 30 and is now set back to 60 by default. \fI\%#66061\fP +.IP \(bu 2 +Upgrade relenv to 0.15.1 to fix debugpy support. \fI\%#66094\fP +.UNINDENT +.SS Security +.INDENT 0.0 +.IP \(bu 2 +Bump to \fBcryptography==42.0.0\fP due to \fI\%https://github.com/advisories/GHSA\-3ww4\-gg4f\-jr7f\fP +.sp +In the process, we were also required to update to \fBpyOpenSSL==24.0.0\fP \fI\%#66004\fP +.IP \(bu 2 +Bump to \fBcryptography==42.0.3\fP due to \fI\%https://github.com/advisories/GHSA\-3ww4\-gg4f\-jr7f\fP \fI\%#66090\fP +.UNINDENT .sp See \fI\%Install a release candidate\fP for more information about installing an RC when one is available. @@ -478998,6 +479456,19 @@ Bump to \fIurllib3==1.26.17\fP or \fIurllib3==2.0.6\fP due to \fI\%https://githu .IP \(bu 2 Bump to \fIgitpython==3.1.37\fP due to \fI\%https://github.com/advisories/GHSA\-cwvm\-v4w8\-q58c\fP (#65383) .UNINDENT +.SS Salt 3005.5 Release Notes +.sp +Version 3005.5 is a CVE security fix release for \fI\%3005\fP\&. +.SS Security +.INDENT 0.0 +.IP \(bu 2 +Fix CVE\-2024\-22231 by preventing directory traversal when creating syndic cache directory on the master. +.IP \(bu 2 +Fix CVE\-2024\-22232 Prevent directory traversal attacks in the master\(aqs serve_file method. +.UNINDENT +.sp +These vulnerablities were discovered and reported by: +Yudi Zhao(Huawei Nebula Security Lab),Chenwei Jiang(Huawei Nebula Security Lab) (#565) .SS Salt 3004 Release Notes \- Codename Silicon .SS New Features .SS Transactional System Support (MicroOS) diff --git a/doc/man/spm.1 b/doc/man/spm.1 index 1930413db07..f9be92b6be5 100644 --- a/doc/man/spm.1 +++ b/doc/man/spm.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SPM" "1" "Generated on January 26, 2024 at 11:57:28 AM UTC." "3006.6" "Salt" +.TH "SPM" "1" "Generated on February 20, 2024 at 09:55:17 PM UTC." "3006.7" "Salt" .SH NAME spm \- Salt Package Manager Command .sp diff --git a/doc/topics/releases/3006.7.md b/doc/topics/releases/3006.7.md new file mode 100644 index 00000000000..d9776b05eea --- /dev/null +++ b/doc/topics/releases/3006.7.md @@ -0,0 +1,70 @@ +(release-3006.7)= +# Salt 3006.7 release notes + + + + + + + +## Changelog + +### Deprecated + +- Deprecate and stop using ``salt.features`` [#65951](https://github.com/saltstack/salt/issues/65951) + + +### Changed + +- Change module search path priority, so Salt extensions can be overridden by syncable modules and module_dirs. You can switch back to the old logic by setting features.enable_deprecated_module_search_path_priority to true, but it will be removed in Salt 3008. [#65938](https://github.com/saltstack/salt/issues/65938) + + +### Fixed + +- Fix an issue with mac_shadow that was causing a command execution error when + retrieving values that were not yet set. For example, retrieving last login + before the user had logged in. [#34658](https://github.com/saltstack/salt/issues/34658) +- Fixed an issue when keys didn't match because of line endings [#52289](https://github.com/saltstack/salt/issues/52289) +- Corrected encoding of credentials for use with Artifactory [#63063](https://github.com/saltstack/salt/issues/63063) +- Use `send_multipart` instead of `send` when sending multipart message. [#65018](https://github.com/saltstack/salt/issues/65018) +- Fix an issue where the minion would crash on Windows if some of the grains + failed to resolve [#65154](https://github.com/saltstack/salt/issues/65154) +- Fix issue with openscap when the error was outside the expected scope. It now + returns failed with the error code and the error [#65193](https://github.com/saltstack/salt/issues/65193) +- Upgrade relenv to 0.15.0 to fix namespaced packages installed by salt-pip [#65433](https://github.com/saltstack/salt/issues/65433) +- Fix regression of fileclient re-use when rendering sls pillars and states [#65450](https://github.com/saltstack/salt/issues/65450) +- Fixes the s3fs backend computing the local cache's files with the wrong hash type [#65589](https://github.com/saltstack/salt/issues/65589) +- Fixed Salt-SSH pillar rendering and state rendering with nested SSH calls when called via saltutil.cmd or in an orchestration [#65670](https://github.com/saltstack/salt/issues/65670) +- Fix boto execution module loading [#65691](https://github.com/saltstack/salt/issues/65691) +- Removed PR 65185 changes since incomplete solution [#65692](https://github.com/saltstack/salt/issues/65692) +- catch only ret/ events not all returning events. [#65727](https://github.com/saltstack/salt/issues/65727) +- Fix nonsensical time in fileclient timeout error. [#65752](https://github.com/saltstack/salt/issues/65752) +- Fixes an issue when reading/modifying ini files that contain unicode characters [#65777](https://github.com/saltstack/salt/issues/65777) +- added https proxy to the list of proxies so that requests knows what to do with https based proxies [#65824](https://github.com/saltstack/salt/issues/65824) +- Ensure minion channels are closed on any master connection error. [#65932](https://github.com/saltstack/salt/issues/65932) +- Fixed issue where Salt can't find libcrypto when pip installed from a cloned repo [#65954](https://github.com/saltstack/salt/issues/65954) +- Fix RPM package systemd scriptlets to make RPM packages more universal [#65987](https://github.com/saltstack/salt/issues/65987) +- Fixed an issue where fileclient requests during Pillar rendering cause + fileserver backends to be needlessly refreshed. [#65990](https://github.com/saltstack/salt/issues/65990) +- Fix exceptions being set on futures that are already done in ZeroMQ transport [#66006](https://github.com/saltstack/salt/issues/66006) +- Use hmac compare_digest method in hashutil module to mitigate potential timing attacks [#66041](https://github.com/saltstack/salt/issues/66041) +- Fix request channel default timeout regression. In 3006.5 it was changed from + 60 to 30 and is now set back to 60 by default. [#66061](https://github.com/saltstack/salt/issues/66061) +- Upgrade relenv to 0.15.1 to fix debugpy support. [#66094](https://github.com/saltstack/salt/issues/66094) + + +### Security + +- Bump to ``cryptography==42.0.0`` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f + + In the process, we were also required to update to ``pyOpenSSL==24.0.0`` [#66004](https://github.com/saltstack/salt/issues/66004) +- Bump to `cryptography==42.0.3` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f [#66090](https://github.com/saltstack/salt/issues/66090) diff --git a/doc/topics/releases/templates/3006.7.md.template b/doc/topics/releases/templates/3006.7.md.template new file mode 100644 index 00000000000..3740af58042 --- /dev/null +++ b/doc/topics/releases/templates/3006.7.md.template @@ -0,0 +1,14 @@ +(release-3006.7)= +# Salt 3006.7 release notes{{ unreleased }} +{{ warning }} + + + + +## Changelog +{{ changelog }} diff --git a/pkg/debian/changelog b/pkg/debian/changelog index 404ae322134..0ba69f84d07 100644 --- a/pkg/debian/changelog +++ b/pkg/debian/changelog @@ -1,3 +1,57 @@ +salt (3006.7) stable; urgency=medium + + + # Deprecated + + * Deprecate and stop using ``salt.features`` [#65951](https://github.com/saltstack/salt/issues/65951) + + # Changed + + * Change module search path priority, so Salt extensions can be overridden by syncable modules and module_dirs. You can switch back to the old logic by setting features.enable_deprecated_module_search_path_priority to true, but it will be removed in Salt 3008. [#65938](https://github.com/saltstack/salt/issues/65938) + + # Fixed + + * Fix an issue with mac_shadow that was causing a command execution error when + retrieving values that were not yet set. For example, retrieving last login + before the user had logged in. [#34658](https://github.com/saltstack/salt/issues/34658) + * Fixed an issue when keys didn't match because of line endings [#52289](https://github.com/saltstack/salt/issues/52289) + * Corrected encoding of credentials for use with Artifactory [#63063](https://github.com/saltstack/salt/issues/63063) + * Use `send_multipart` instead of `send` when sending multipart message. [#65018](https://github.com/saltstack/salt/issues/65018) + * Fix an issue where the minion would crash on Windows if some of the grains + failed to resolve [#65154](https://github.com/saltstack/salt/issues/65154) + * Fix issue with openscap when the error was outside the expected scope. It now + returns failed with the error code and the error [#65193](https://github.com/saltstack/salt/issues/65193) + * Upgrade relenv to 0.15.0 to fix namespaced packages installed by salt-pip [#65433](https://github.com/saltstack/salt/issues/65433) + * Fix regression of fileclient re-use when rendering sls pillars and states [#65450](https://github.com/saltstack/salt/issues/65450) + * Fixes the s3fs backend computing the local cache's files with the wrong hash type [#65589](https://github.com/saltstack/salt/issues/65589) + * Fixed Salt-SSH pillar rendering and state rendering with nested SSH calls when called via saltutil.cmd or in an orchestration [#65670](https://github.com/saltstack/salt/issues/65670) + * Fix boto execution module loading [#65691](https://github.com/saltstack/salt/issues/65691) + * Removed PR 65185 changes since incomplete solution [#65692](https://github.com/saltstack/salt/issues/65692) + * catch only ret/ events not all returning events. [#65727](https://github.com/saltstack/salt/issues/65727) + * Fix nonsensical time in fileclient timeout error. [#65752](https://github.com/saltstack/salt/issues/65752) + * Fixes an issue when reading/modifying ini files that contain unicode characters [#65777](https://github.com/saltstack/salt/issues/65777) + * added https proxy to the list of proxies so that requests knows what to do with https based proxies [#65824](https://github.com/saltstack/salt/issues/65824) + * Ensure minion channels are closed on any master connection error. [#65932](https://github.com/saltstack/salt/issues/65932) + * Fixed issue where Salt can't find libcrypto when pip installed from a cloned repo [#65954](https://github.com/saltstack/salt/issues/65954) + * Fix RPM package systemd scriptlets to make RPM packages more universal [#65987](https://github.com/saltstack/salt/issues/65987) + * Fixed an issue where fileclient requests during Pillar rendering cause + fileserver backends to be needlessly refreshed. [#65990](https://github.com/saltstack/salt/issues/65990) + * Fix exceptions being set on futures that are already done in ZeroMQ transport [#66006](https://github.com/saltstack/salt/issues/66006) + * Use hmac compare_digest method in hashutil module to mitigate potential timing attacks [#66041](https://github.com/saltstack/salt/issues/66041) + * Fix request channel default timeout regression. In 3006.5 it was changed from + 60 to 30 and is now set back to 60 by default. [#66061](https://github.com/saltstack/salt/issues/66061) + * Upgrade relenv to 0.15.1 to fix debugpy support. [#66094](https://github.com/saltstack/salt/issues/66094) + + # Security + + * Bump to ``cryptography==42.0.0`` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f + + In the process, we were also required to update to ``pyOpenSSL==24.0.0`` [#66004](https://github.com/saltstack/salt/issues/66004) + * Bump to `cryptography==42.0.3` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f [#66090](https://github.com/saltstack/salt/issues/66090) + + + -- Salt Project Packaging Tue, 20 Feb 2024 21:54:35 +0000 + salt (3006.6) stable; urgency=medium diff --git a/pkg/rpm/salt.spec b/pkg/rpm/salt.spec index 4053921d366..2821cfd2f05 100644 --- a/pkg/rpm/salt.spec +++ b/pkg/rpm/salt.spec @@ -31,7 +31,7 @@ %define fish_dir %{_datadir}/fish/vendor_functions.d Name: salt -Version: 3006.6 +Version: 3006.7 Release: 0 Summary: A parallel remote execution system Group: System Environment/Daemons @@ -646,6 +646,57 @@ if [ $1 -ge 1 ] ; then fi %changelog +* Tue Feb 20 2024 Salt Project Packaging - 3006.7 + +# Deprecated + +- Deprecate and stop using ``salt.features`` [#65951](https://github.com/saltstack/salt/issues/65951) + +# Changed + +- Change module search path priority, so Salt extensions can be overridden by syncable modules and module_dirs. You can switch back to the old logic by setting features.enable_deprecated_module_search_path_priority to true, but it will be removed in Salt 3008. [#65938](https://github.com/saltstack/salt/issues/65938) + +# Fixed + +- Fix an issue with mac_shadow that was causing a command execution error when + retrieving values that were not yet set. For example, retrieving last login + before the user had logged in. [#34658](https://github.com/saltstack/salt/issues/34658) +- Fixed an issue when keys didn't match because of line endings [#52289](https://github.com/saltstack/salt/issues/52289) +- Corrected encoding of credentials for use with Artifactory [#63063](https://github.com/saltstack/salt/issues/63063) +- Use `send_multipart` instead of `send` when sending multipart message. [#65018](https://github.com/saltstack/salt/issues/65018) +- Fix an issue where the minion would crash on Windows if some of the grains + failed to resolve [#65154](https://github.com/saltstack/salt/issues/65154) +- Fix issue with openscap when the error was outside the expected scope. It now + returns failed with the error code and the error [#65193](https://github.com/saltstack/salt/issues/65193) +- Upgrade relenv to 0.15.0 to fix namespaced packages installed by salt-pip [#65433](https://github.com/saltstack/salt/issues/65433) +- Fix regression of fileclient re-use when rendering sls pillars and states [#65450](https://github.com/saltstack/salt/issues/65450) +- Fixes the s3fs backend computing the local cache's files with the wrong hash type [#65589](https://github.com/saltstack/salt/issues/65589) +- Fixed Salt-SSH pillar rendering and state rendering with nested SSH calls when called via saltutil.cmd or in an orchestration [#65670](https://github.com/saltstack/salt/issues/65670) +- Fix boto execution module loading [#65691](https://github.com/saltstack/salt/issues/65691) +- Removed PR 65185 changes since incomplete solution [#65692](https://github.com/saltstack/salt/issues/65692) +- catch only ret/ events not all returning events. [#65727](https://github.com/saltstack/salt/issues/65727) +- Fix nonsensical time in fileclient timeout error. [#65752](https://github.com/saltstack/salt/issues/65752) +- Fixes an issue when reading/modifying ini files that contain unicode characters [#65777](https://github.com/saltstack/salt/issues/65777) +- added https proxy to the list of proxies so that requests knows what to do with https based proxies [#65824](https://github.com/saltstack/salt/issues/65824) +- Ensure minion channels are closed on any master connection error. [#65932](https://github.com/saltstack/salt/issues/65932) +- Fixed issue where Salt can't find libcrypto when pip installed from a cloned repo [#65954](https://github.com/saltstack/salt/issues/65954) +- Fix RPM package systemd scriptlets to make RPM packages more universal [#65987](https://github.com/saltstack/salt/issues/65987) +- Fixed an issue where fileclient requests during Pillar rendering cause + fileserver backends to be needlessly refreshed. [#65990](https://github.com/saltstack/salt/issues/65990) +- Fix exceptions being set on futures that are already done in ZeroMQ transport [#66006](https://github.com/saltstack/salt/issues/66006) +- Use hmac compare_digest method in hashutil module to mitigate potential timing attacks [#66041](https://github.com/saltstack/salt/issues/66041) +- Fix request channel default timeout regression. In 3006.5 it was changed from + 60 to 30 and is now set back to 60 by default. [#66061](https://github.com/saltstack/salt/issues/66061) +- Upgrade relenv to 0.15.1 to fix debugpy support. [#66094](https://github.com/saltstack/salt/issues/66094) + +# Security + +- Bump to ``cryptography==42.0.0`` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f + + In the process, we were also required to update to ``pyOpenSSL==24.0.0`` [#66004](https://github.com/saltstack/salt/issues/66004) +- Bump to `cryptography==42.0.3` due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f [#66090](https://github.com/saltstack/salt/issues/66090) + + * Fri Jan 26 2024 Salt Project Packaging - 3006.6 # Changed