saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
120546 commits 34 branches 292 tags 803 MiB
Commit graph

131 commits

Author SHA1 Message Date
Pedro Algarvio
b7630f3b08
Merge 3006.x into 3007.x 2024-02-29 14:25:24 +00:00
Pedro Algarvio
fce314e011 Upgrade to cryptography==42.0.5 due to a few security issues 
* https://github.com/advisories/GHSA-9v9h-cgj8-h64p
* https://github.com/advisories/GHSA-3ww4-gg4f-jr7f
* https://github.com/advisories/GHSA-6vqw-3v5j-54x4
 2024-02-28 08:56:13 +00:00
Pedro Algarvio
34ab8c732b
Merge 3006.x into 3007.x 2024-02-19 13:10:20 +00:00
Pedro Algarvio
bf02ba409a Bump to cryptography==42.0.3 due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f 2024-02-18 19:48:18 -07:00
Pedro Algarvio
7f29337f70
Bump to pyzmq==25.1.2 to hopefully address some build issues on MacOS 2024-02-15 13:57:02 +00:00
Pedro Algarvio
4de6b1011f
Merge 3006.x into 3007.x 2024-02-07 11:09:05 +00:00
Pedro Algarvio
bcd236d48c Bump to cryptography==42.0.0 due to https://github.com/advisories/GHSA-3ww4-gg4f-jr7f 2024-02-07 01:08:55 -07:00
Pedro Algarvio
f96f8e0130
Merge 3006.x into 3007.x 2024-01-31 11:20:17 +00:00
Pedro Algarvio
3448e40847
Merge 3006.x into 3007.x 2024-01-24 15:02:25 +00:00
Pedro Algarvio
82e4e2b55f
Merge 3006.x into 3007.x 2024-01-16 11:50:44 +00:00
Pedro Algarvio
71b68d722c Bump to jinja2==3.1.3 due to https://github.com/advisories/GHSA-h5c8-rqwp-cp95 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2024-01-16 09:23:16 +00:00
Pedro Algarvio
d3fad04d9e Bump to pycryptodome==3.19.1 and pycryptodomex==3.19.1 due to https://github.com/advisories/GHSA-j225-cvw7-qrx7 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2024-01-16 09:23:16 +00:00
Daniel A. Wozniak
10b714cf55 Simplify payload unpacking. 2023-12-28 00:29:50 -07:00
Pedro Algarvio
7fc7572810
Bump to cffi=1.16.0 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-11-29 21:39:40 +00:00
Pedro Algarvio
02c3b89e40
Merge 3006.x into master 2023-11-29 18:31:52 +00:00
Pedro Algarvio
28039bda69 Bump to cryptography==41.0.7 due to https://github.com/advisories/GHSA-jfhm-5ghh-2f97 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-11-29 10:57:19 -07:00
Pedro Algarvio
a420d94431
Merge 3006.x into master 2023-11-26 16:10:40 +00:00
Pedro Algarvio
e35033aebc Consolidate requirements into requirements/base.txt 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-11-08 16:56:36 +00:00
Pedro Algarvio
3843bdab93
Upgrade some dependencies which got downgraded on the merge-forward 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-10-29 22:44:56 +00:00
Pedro Algarvio
c8f5d589d2
Merge 3006.x into master 2023-10-29 22:25:59 +00:00
Pedro Algarvio
16dce0b4cc
Merge v3006.4 into 3006.x 2023-10-29 09:24:34 +00:00
Pedro Algarvio
e0bc1bd255 Upgrade to tornado>=6.3.3 due to https://github.com/advisories/GHSA-qppv-j76h-2rpx 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-10-12 19:07:46 +01:00
Megan Wilhite
d7b8fdf9d7 Bump urllib3 to 1.26.17 or 2.0.6 2023-10-09 13:22:08 +00:00
Pedro Algarvio
5a323034b4 Bump to cryptography==41.0.4 due to https://github.com/advisories/GHSA-v8gr-m533-ghj9 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-10-02 08:51:21 +01:00
Pedro Algarvio
6dff22e227 Properly constraint CI requirements from PKG requirements 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-09-29 16:12:59 +01:00
Pedro Algarvio
b85da8d8b0
Merge 3006.x into master 2023-09-26 07:01:03 +01:00
Pedro Algarvio
5241abd10a Bump to cryptography==41.0.4 due to https://github.com/advisories/GHSA-v8gr-m533-ghj9 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-09-25 21:03:45 +01:00
Pedro Algarvio
f1c619292f
Adjust a few requirements that got changed during the conflict solving 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-09-25 11:53:57 +01:00
Pedro Algarvio
5e093b3b8d
Merge 3006.x into master 2023-09-25 11:41:20 +01:00
Pedro Algarvio
c07f66261e
Merge 3006.x into master 2023-09-20 15:52:18 +01:00
Pedro Algarvio
623944d2a5
The master branch(Upcoming 3007.0 release) is already Python >= 3.8 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-09-13 16:36:35 +01:00
Pedro Algarvio
22107ebd32
Merge 3006.x into master 2023-08-15 22:29:25 +01:00
Pedro Algarvio
af59576d96
Merge 3006.x into master 2023-08-06 08:13:52 +01:00
Megan Wilhite
a46d846ab6 Update to cryptography==41.0.3 due to https://github.com/advisories/GHSA-jm77-qphf-c4w8 2023-08-06 07:31:13 +01:00
Megan Wilhite
b0dfa09544 [3006.2] Update cryptography to 41.0.3 2023-08-03 13:11:11 +00:00
David Murphy
80785185ac Remove cython and other pyyaml changes, now pyyaml 6.0.1 fixes cython 3.0 issue 2023-07-28 18:24:59 +01:00
David Murphy
af8d19061a Updated test to use importorskip, downgrade pyyaml to 5.3.1 to work around cython 3.0 issues 2023-07-28 18:24:59 +01:00
Pedro Algarvio
1decaf5711
Merge 3006.x into master 2023-07-28 11:20:24 +01:00
Pedro Algarvio
301df340e7 Bump to certifi==2023.07.22 due to https://github.com/advisories/GHSA-xqr8-7jwr-rhp7 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-28 10:51:00 +01:00
Pedro Algarvio
ad847f86c4 Bump to certifi==2023.07.22 due to https://github.com/advisories/GHSA-xqr8-7jwr-rhp7 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-27 19:19:26 +01:00
Megan Wilhite
18c7a1f8f1 [3006.2] update requests 2023-07-20 17:56:31 +01:00
Megan Wilhite
c069d99ea8 [3006.2] Update cryptography 2023-07-20 08:03:43 +01:00
Pedro Algarvio
bdb77bfee7 Bump to pyyaml==6.0.1 due to https://github.com/yaml/pyyaml/issues/601 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-19 08:49:10 +01:00
Pedro Algarvio
2450240d5c
Bump a few requirements that got downgraded in the merge forward 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-18 17:38:08 +01:00
Pedro Algarvio
df09fd980d
Merge 3006.x into master 2023-07-18 16:37:08 +01:00
Pedro Algarvio
48749b15bc Bump to pyyaml==6.0.1 due to https://github.com/yaml/pyyaml/issues/601 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-18 15:11:49 +01:00
Pedro Algarvio
53aafe7eba Bump to pyyaml==6.0.1 due to https://github.com/yaml/pyyaml/issues/601 
Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-18 14:21:40 +01:00
Pedro Algarvio
5b2e752d5e Bump to cryptography==41.0.2 to address GHSA-cf7p-gm2m-833m 
The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.
References:

https://nvd.nist.gov/vuln/detail/CVE-2023-38325
[https://github.com/pyca/cryptography/issues/9207](pyca/cryptography#9207)
[https://github.com/pyca/cryptography/issues/9208](pyca/cryptography#9208)
[https://github.com/pyca/cryptography/compare/41.0.1...41.0.2](pyca/cryptography@41.0.1...41.0.2)
https://pypi.org/project/cryptography/#history
[1ca7adc97b](pyca/cryptography@1ca7adc)

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-16 17:44:45 -07:00
Pedro Algarvio
3d097b8ed5 Upgrade to cryptography==41.0.1(and therefor pyopenssl==23.2.0 due to https://github.com/advisories/GHSA-5cpq-8wj7-hf2v 
This only really impacts pip installs of Salt and the windows onedir
since the linux and macos onedir build every package dependency from
source, not from pre-existing wheels.

Signed-off-by: Pedro Algarvio <palgarvio@vmware.com>
 2023-07-06 18:04:43 +01:00
Pedro Algarvio
fcfe059402 Updating test requirements for saltcheck junit output 2023-06-09 19:12:03 +00:00