mirror of
https://github.com/saltstack/salt.git
synced 2025-04-16 09:40:20 +00:00
422302312a
* Redirect imports of ``salt.ext.six`` to ``six``
Fixes #60966
* Latest changelog update for 3004
* Handle signals and properly exit, instead of raising exceptions.
This was introduced in 26fcda5074
Fixes #60391
Fixes #60963
* Add test for #61003
* Fix #61003
Restored the previously shifted check for version_to_remove in
old[target]. This had been extracted along with the correctly extracted
double pkg_params[target] lookup, but that lost the `target in old`
guard.
Putting the check back here prevents KeyError when looking for a
non-existent target in `old`.
* Handle various architecture formats in aptpkg module
* Write file even if does not exist
* only run test on debian based platforms
* remove extra space for arch
* convert pathlib to string for pkgrepo test
* Use temporary files first then copy to sources files
* fixes saltstack/salt#59182 fix handling of duplicate keys in rest_cherrypy data
* added changelog
* remove log messages to prevent leaks of sensitive info
* Reverting changes in PR #60150. Updating installed and removed functions to return changes when test=True.
* Adding changelog.
* Add a test and fix for extra-filerefs
* Do not break master_tops for minion with version lower to 3003
* Add changelog file
* Add extra comment to clarify discussion
* Update changelog file
* Add deprecated changelog
* Assert that the command didn't finish
Refs https://github.com/saltstack/salt/pull/60972
* Always restore signals, even when exceptions occur
* Reset signal handlers before starting the process
* Make sure that the `ProcessManager` doesn't always ignore signals
* Provide valid default value for bootstrap_delay
* Update changelog for 3004
* Update changelog and release notes for 3004
* Add PR 61020 to changelog
* Change MD5 to SHA256 fingerprint for new github.com fingerprint
* Check only ssh-rsa encyption for set_known_host
* Use main branch for kitchen-docker project
* Add tests for validate_tgt
This function evolved over the years, but never had any tests. We're
adding tests now to cover the various cases:
- there are no valid minions (currently fails, should return False)
- there are target minions that aren't in valid minions (correctly
fails)
- target minions are a subset of valid minions (i.e. all of the target
minions are found in the valid minions -- there are no extras)
(correctly passes)
* Refactor
minions should be a subset of v_minions - the extra code was just
getting in the way. Also, this function evolved over time but the
docstring never kept up. Updated the docstring to more accurately
describe the function's behavior.
* Fix #60413
When using a syndic and user auth, it was possible for v_minions and
minions to be two empty sets, which returned True. This allowed the user
to still publish the function. The Syndic would get the published event
and apply it, even though it should have been rejected.
However, if there are no valid minions, then it doesn't matter what the
targets are -- there are not valid targets, so there's no reason to do
any further checks.
* Rename changelog to security
* add cve# to changelog
* Sign pillar data
* Add regression tests for CVE-2022-22934
* Add changelog for cve-2022-22934
* Provide users with a nice warning when something goes wrong
* Rename changelog file
* Fix wart in tests
* Return bool when using m2crypo
* Limit the amount of empty space while searching ifconfig output
* Update changelog/cve-2020-22937.security
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
* Prevent auth replays and sign replies
* Add tests for cve-2022-22935
* Add changelog for cve-2020-22935
* Fix typo
* Prevent replays of file server requests
* Add regresion tests for fileserver nonce
* Add changelog for cve-2022-22936
* Job replay mitigation
* Fix merge warts
* more test fixes
* Fix auth tests on windows
* Remove unwanted requirements change
* Clean up cruft
* update docs for 3004.1 release
* Fix warts in new minion auth
* Test fix
* Update release notes
* Remove cve from non cve worty issue
* Add serial to payload in publisher process
* Fix channel tests
Fix broken channel tests by populating an AES key and serial.
* Windows test fix
* windows tests plz work
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: ScriptAutomate <derek@icanteven.io>
Co-authored-by: Wayne Werner <wwerner@vmware.com>
Co-authored-by: Megan Wilhite <mwilhite@vmware.com>
Co-authored-by: nicholasmhughes <nicholasmhughes@gmail.com>
Co-authored-by: Gareth J. Greenaway <gareth@saltstack.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alyssa Rock <arock@saltstack.com>
Co-authored-by: krionbsd <krion@FreeBSD.org>
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
Co-authored-by: Frode Gundersen <frogunder@gmail.com>
Co-authored-by: MKLeb <calebb@vmware.com>
14 MiB
14 MiB
| The file is too large to be shown. |