saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-16 09:40:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
118071 commits 34 branches 292 tags 802 MiB
Commit graph

38 commits

Author SHA1 Message Date
Pedro Algarvio
6dff22e227 Properly constraint CI requirements from PKG requirements 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-09-29 16:12:59 +01:00
Pedro Algarvio
5241abd10a Bump to cryptography==41.0.4 due to https://github.com/advisories/GHSA-v8gr-m533-ghj9 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-09-25 21:03:45 +01:00
Megan Wilhite
b0dfa09544 [3006.2] Update cryptography to 41.0.3 2023-08-03 13:11:11 +00:00
Pedro Algarvio
ad847f86c4 Bump to certifi==2023.07.22 due to https://github.com/advisories/GHSA-xqr8-7jwr-rhp7 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-27 19:19:26 +01:00
Megan Wilhite
18c7a1f8f1 [3006.2] update requests 2023-07-20 17:56:31 +01:00
Megan Wilhite
c069d99ea8 [3006.2] Update cryptography 2023-07-20 08:03:43 +01:00
Pedro Algarvio
bdb77bfee7 Bump to pyyaml==6.0.1 due to https://github.com/yaml/pyyaml/issues/601 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-19 08:49:10 +01:00
Pedro Algarvio
9a32f14e41 Upgrade to pyopenssl==23.0.0 due to the cryptography upgrade. 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-03-22 15:08:20 +00:00
Pedro Algarvio
5e7d4e3021 Upgrade to cryptography>=39.0.1 
Due to:
  * GHSA-x4qr-2fvf-3mr5
  * GHSA-w7pp-m8wf-vj6r

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-03-22 15:08:20 +00:00
MKLeb
463d97e95f Revert "Upgrade to cryptography==39.0.1" 
This reverts commit 78fedf1656.
 2023-02-24 07:20:18 +00:00
Pedro Algarvio
78fedf1656 Upgrade to cryptography==39.0.1 
Due to:
  * https://github.com/advisories/GHSA-x4qr-2fvf-3mr5
  * https://github.com/advisories/GHSA-w7pp-m8wf-vj6r

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-02-23 05:49:08 +00:00
Pedro Algarvio
4b708715f2 Upgrade to werkzeug==2.2.3 
This addresses:
  * https://github.com/advisories/GHSA-px8h-6qxv-m22q
  * https://github.com/advisories/GHSA-xg9f-g7g7-2323

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-02-23 05:49:08 +00:00
Pedro Algarvio
3fa827925f Fix pre-commit by changing the pyzmq requirements. 
It's now `pyzmq>=20.0.0` on all platforms, and `<=22.0.3` just for windows.

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-02-09 05:37:59 +00:00
Pedro Algarvio
cea048be5f Update docs related requirements 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-02-04 14:11:36 +00:00
Pedro Algarvio
6acef263b1 Stop triggering the jinja2.contextfunction deprecation warning 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-01-18 11:54:43 +00:00
Pedro Algarvio
5a0fd275eb Update setptoctitle requirements to stop getting the PY_SSIZE_T_CLEAN warning 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-01-18 11:54:43 +00:00
Pedro Algarvio
4ecfd3d3d5 Use packaging for version parsing. looseversion when needed only. 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-01-09 12:31:51 -07:00
David Murphy
75b1be30a6 Further cleanup, removed used of looseversion and packaging 2022-12-20 07:07:21 -07:00
David Murphy
e8441238e1 Initial removal usage of distutils and replacement with setuptools 2022-12-20 07:07:21 -07:00
Pedro Algarvio
7df5feb62b Bump to certifi>=2022.12.7 
Follow up to https://github.com/saltstack/salt/pull/63284

See https://github.com/advisories/GHSA-43fp-rhv2-5gv8 for additional context.

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2022-12-12 04:32:02 +00:00
MKLeb
58ec510d26
Merge tag 'v3005.1' into merge-forward/3005.1 
Version 3005.1
 2022-10-04 20:52:23 -04:00
Gareth J. Greenaway
20fb0beb38 package jmespath 2022-09-12 12:13:00 -07:00
Carlos Álvaro
b3c6d949ba fix: Update setproctitle version for all platforms 2022-09-01 13:33:16 -06:00
Megan Wilhite
fc7d0a9296
Merge freeze into master (#62438) 
* fixes saltstack/salt#62372 unable to use random shuffle and sample functions as Jinja filters

* move random_shuffle and random_sample logic to utils

* static seed in tests seems to have shifted

* static seed in tests require hash module

* Change Tiamat to onedir in release notes

* Reinstate known issues

* Update release notes with onedir package support policy

* need to check the version of Netmiko python library and then import the exceptions from different locations depending on the result.

* Adding changelog.

* swap out if...else for double try...except.

* Remove extra fix we don't need anymore

* [Docs] include onedir system python note

* Update all platforms to use pycparser 2.21 or greater for Py 3.9 or higher, fixes fips fault with openssl v3.x

* Remove the PyObjC dependency

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>

* Add "<tiamat> python" subcommand to allow execution or arbitrary scripts via bundled Python runtime

* Document usage of bundled Python runtime for Client API

* Use explicit locals for custom script execution, handle exception in similar fashion as Python

* Remove old __file__ replacement

* Apply suggestions from code review

Co-authored-by: Pedro Algarvio <pedro@algarvio.me>

Co-authored-by: nicholasmhughes <nicholasmhughes@gmail.com>
Co-authored-by: Alyssa Rock <alyssa.rock@gmail.com>
Co-authored-by: Gareth J. Greenaway <gareth@saltstack.com>
Co-authored-by: Twangboy <leesh@vmware.com>
Co-authored-by: David Murphy < dmurphy@saltstack.com>
Co-authored-by: Pedro Algarvio <palgarvio@vmware.com>
Co-authored-by: Lukas Raska <lukas@raska.me>
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
 2022-08-08 11:27:10 -06:00
David Murphy
b63534c6e5 Update all platforms to use pycparser 2.21 or greater for Py 3.9 or higher, fixes fips fault with openssl v3.x 2022-08-05 09:05:38 -06:00
Pedro Algarvio
e3929c59d1 Bump to `pyzmq==23.2.0` for Python >=3.9 
This way we can use wheel packages on Py3.10 instead of having it build
from source.

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2022-07-10 09:42:59 +01:00
Pedro Algarvio
f6fd24f125 Upgrade some requirements 
These requirements should be kept up-to-date as much as possible.

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2022-06-06 07:18:12 -06:00
Pedro Algarvio
46e6416e5b Update to `python-gnupg==0.4.8` 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2022-04-08 09:10:15 -04:00
Megan Wilhite
fb3033f032 Use the correct Markup from jinja for each version 2022-03-30 15:28:41 -07:00
Kirill Ponomarev
306aa6dd29
Update pytest to 6.2.5 for python 3.10 (#61295) 
* Update pytest to 6.2.5 for python 3.10

* bump junos-eznc to 2.6.0

* bump setproctitle version and fix integration tests

* Skip tests for python 3.10

* Fix test with py3.10

* bump jinja2 version and dependencies

* Fix test with py3.10

* Skip tests for python 3.10 and new moto version

* Use tempfile library to test perms on directories

* Maintain static requirements changes, revert `requirements/base.txt`

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>

Co-authored-by: Megan Wilhite <mwilhite@vmware.com>
Co-authored-by: Pedro Algarvio <palgarvio@vmware.com>
 2021-12-22 09:02:56 -05:00
cmcmarrow
86d7c2dd05 fix pre 2021-09-24 20:20:32 -07:00
Megan Wilhite
0751d505f1 Add rpm-vercmp to tiamat builds 2021-09-23 07:19:21 -04:00
Pedro Algarvio
2ed6d1a974 Enforce requirements and their versions consistency 
Use use the packaging requirements as version constraints to all other
requirements files which should include Salt's base requirements.

The nox sessions now don't install the base requirements since the "top"
requirements file includes the base requirements.

All of this, ensuring that the same versions are used on all of them.
 2021-09-21 13:42:53 -07:00
Wayne Werner
3c578c4459
Bump pyzmq minimum to more than 19.0.2 (#60764) 
At least under arm64 debian 11, python 3.9, 19.0.2 is buggy.

Closes #60671
 2021-08-24 08:57:13 -07:00
Pedro Algarvio
a46aa3a55c Bump to `urllib3==1.26.6` 
GHSA-q2q7-5pp4-w6pg

high severity

Vulnerable versions: < 1.26.5
Patched version: 1.26.5

Impact

When provided with a URL containing many @ characters in the authority component the authority regular expression exhibits
catastrophic backtracking causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.

Patches

The issue has been fixed in urllib3 v1.26.5.

References

* [CVE-2021-33503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503)
* [JVNVU#92413403 (English)](https://jvn.jp/en/vu/JVNVU92413403/)
* [JVNVU#92413403 (Japanese)](https://jvn.jp/vu/JVNVU92413403/)
* [urllib3 v1.26.5](https://github.com/urllib3/urllib3/releases/tag/1.26.5)
 2021-08-02 16:13:40 -07:00
Pedro Algarvio
ec6e96a036 Upgrade to six==1.16.0 to avoid problems on CI runs 
```
13:59:02  nox > Session invoke-pre-commit was successful.
13:59:02  nox > Running session invoke-pre-commit
13:59:02  nox > pip install --progress-bar=off -r requirements/static/ci/py3.7/invoke.txt
13:59:02  Collecting blessings==1.7
13:59:02    Using cached blessings-1.7-py3-none-any.whl (18 kB)
13:59:02  Collecting invoke==1.4.1
13:59:02    Using cached invoke-1.4.1-py3-none-any.whl (210 kB)
13:59:02  Collecting pyyaml==5.3.1
13:59:02    Using cached PyYAML-5.3.1.tar.gz (269 kB)
13:59:02  Collecting six==1.15.0
13:59:02    Using cached six-1.15.0-py2.py3-none-any.whl (10 kB)
13:59:02  Building wheels for collected packages: pyyaml
13:59:02    Building wheel for pyyaml (setup.py) ... - \ | / - \ | done
13:59:02    Created wheel for pyyaml: filename=PyYAML-5.3.1-cp37-cp37m-linux_x86_64.whl size=546391 sha256=e42e1d66cc32087f4d33ceb81268c86b59f1a97029b19459f91b8d6ad1430167
13:59:02    Stored in directory: /var/jenkins/.cache/pip/wheels/5e/03/1e/e1e954795d6f35dfc7b637fe2277bff021303bd9570ecea653
13:59:02  Successfully built pyyaml
13:59:02  Installing collected packages: six, pyyaml, invoke, blessings
13:59:02    Attempting uninstall: six
13:59:02      Found existing installation: six 1.16.0
13:59:02      Uninstalling six-1.16.0:
13:59:02  ERROR: Could not install packages due to an OSError: [Errno 2] No such file or directory: '/var/jenkins/.cache/pre-commit/repomw8oee1s/py_env-python3/lib/python3.7/site-packages/__pycache__/six.cpython-37.pyc'
13:59:02
13:59:02  nox > Command pip install --progress-bar=off -r requirements/static/ci/py3.7/invoke.txt failed with exit code 1
13:59:02  nox > Session invoke-pre-commit failed.
```
 2021-05-27 09:32:39 -04:00
Pedro Algarvio
821dc29b3d Bump requirements to address a few security issues 2021-05-12 08:05:34 -04:00
Pedro Algarvio
2ea5ad81a9 Compile the requirements 2021-05-05 06:48:41 -07:00