chef-apache-hardening
chef-apache-hardening copied to clipboard
dev-sec
Update dependency inspec to v7
This PR contains the following updates:
| Package | Change | Age | Confidence |
|---|---|---|---|
| inspec | '~> 5' → '~> 7' |
Release Notes
inspec/inspec (inspec)
v7.0.95: Chef InSpec v7.0.95
v7.0.95 (2025-10-16)
Merged Pull Requests
- CHEF-18694 Windows hab pipeline enabled for InSpec 7 #7270 (Nik08)
- CHEF-18694 windows hab package fix for in spec 7 #7327 (sa-progress)
- CHEF-19348-Update tomlrb version #7328 (balasubramanian-s)
- Foreport: CHEF-20111: Fix inspec check for a profile with only comments or empty file #7333 (ahasunos)
- Foreport - CHEF-15789 - Improve error handling for audit_policy resource #7335 (ahasunos)
- Sonar config for inspec-7 branch #7348 (Nik08)
- CHEF-19361 Removed Opa resources from Inspec #7314 (sa-progress)
- Foreport to InSpec 7: Waivers error handling fix #7344 (Nik08)
- CHEF-20736, CHEF-18371 bump up train kubernetes #7352 (sathish-progress)
- Fixes for external plugin testing #7363 (clintoncwolfe)
- CHEF-14327 support resource packs with vendor #7355 (sathish-progress)
- CHEF-21376 Disable licensing and telemetry from InSpec 7 #7377 (Nik08)
- CHEF-21513 Upgrading few tests and doc for min support of Ruby 3.1 - InSpec 7 #7382 (Nik08)
- CHEF-18371 Update/ruby upgrade 3.4.2 (exclusive of habitat upgrade) #7380 (Nik08)
- Habitat authentication token #7397 (borisicbs)
- CHEF-18373-Habitat package upgrade for Ruby 3.4.x - Linux #7400 (balasubramanian-s)
- Cleanup HAB env & Update HAB Promote channel to base-2025 #7410 (balasubramanian-s)
- Fixes for 'Package Not Found ' error in Habitat pipelines #7411 (balasubramanian-s)
- CHEF-18374 Habitat package upgrade for Ruby 3.4.x - Windows #7401 (sa-progress)
- CHEF-23231 Upgrade train and train-winrm to latest version - InSpec 7 #7476 (Nik08)
- Reverted testing change for chef-licensing upgrade on Ruby 3.4 #7479 (Nik08)
- Revert "CHEF-21376 Disable licensing and telemetry from InSpec 7" #7495 (balasubramanian-s)
- CHEF-23911 Revert "CHEF-18207 Removed SSH resources and tests" #7502 (sa-progress)
- CHEF-23438-Bypass entitlement checks for InSpec7 #7509 (balasubramanian-s)
- CHEF-23438-Disable Entitlement check for edge case #7520 (balasubramanian-s)
- CHEF-23442 Added support to use trace level with log level option #7513 (Nik08)
- CHEF-26493-Update Fallback Resource packs #7541 (balasubramanian-s)
- CHEF-26157-Revert "Bypass entitlement checks for InSpec7" #7533 (balasubramanian-s)
- CHEF-25173 Pull release notes from v7 wiki page for InSpec 7 #7540 (Nik08)
- CHEF-26495 Foreport -7448 Add socks kerberos cli options to inspec #7554 (Nik08)
- Fix inspec habitat tests #7558 (Nik08)
- Update rspec-its requirement from ~> 1.2 to >= 1.2, < 3.0 #7553 (dependabot[bot])
- Update parslet requirement from >= 1.5, < 2.0 to >= 1.5, < 3.0 #7552 (dependabot[bot])
- Update rubyzip requirement from >= 1.2.2, < 3.0 to >= 1.2.2, < 4.0 #7550 (dependabot[bot])
- Foreport-CHEF-18030- Fix GitFetcher to Clear Empty Cache Directory on Fetch #7498 (balasubramanian-s)
- CHEF-23547 use official distribution in hab plan #7507 (sathish-progress)
- Foreport-7154 Added fatal message check for postgres_session:query method #7564 (Vasu1105)
- Foreport-7198 Improved regex to load readme from inspec profiles (#7198) #7565 (Vasu1105)
- Foreport-7152 hab: fix hab pipeline for windows #7569 (Vasu1105)
- Update Artifact test Profiles (#7443) #7567 (Vasu1105)
- Forport 7277 Postgres session resource fix for special characters in password #7566 (Vasu1105)
- Update thor requirement from >= 0.20, < 1.3.0 to >= 0.20, < 1.5.0 #7551 (dependabot[bot])
- Attempt to fix windows verify pipeline failures #7576 (Vasu1105)
- Forport 7203 fix: Prioritize environment-set license server URL #7572 (Nik08)
- Foreport 7349 Issue with reading/writing signed and tar profiles #7571 (Nik08)
- Foreport 7261 Fix code scanning alert no. 63: Use of a broken or weak cryptographic hashing algorithm on sensitive data #7570 (Vasu1105)
- Update ruby version for windows artifact tests #7581 (balasubramanian-s)
- Foreport-7222 Update regular expression to fix warnings detected by CodeQL #7573 (Vasu1105)
- Update ostruct requirement from ~> 0.1.0 to >= 0.1, < 0.7 #7548 (dependabot[bot])
- Foreport-7168 Test kitchen integration #7568 (Vasu1105)
- Updated train dependency min version to use socks5h feature #7586 (Nik08)
- CHEF-26188-Foreport deprecation messages for InSpec-7 #7582 (balasubramanian-s)
- CHEF-26987 Prevent adding CHEF RUBYGEMS server if license key is empty #7588 (sathish-progress)
- Chef 26425 add notices text #7585 (sathish-progress)
- CHEF-26507 Adds copilot instructions file - InSpec 7 #7592 (Nik08)
- CHEF-27018 - Update copyright text in InSpec 7 source code #7593 (Nik08)
- Label updates changes for github and jira #7598 (Nik08)
- InSpec 7 Expeditor changes - uncommented #7599 (Nik08)
- Fix gemspec activation logic to check for alternate spec file #7597 (sathish-progress)
- CHEF-27163-Add github release pipeline #7603 (balasubramanian-s)
- Add notice.txt #7605 (sathish-progress)
- Allow all NOTICE changes to be bumped #7606 (sathish-progress)
v6.8.24
Merged Pull Requests
- Fix license server URL override issue by prioritizing environment-set value #7203 (ahasunos)
- CHEF-15651: Introduce
--legacyflag for compatibility ininspec automate uploadwith legacy checks and export options #7200 (ahasunos) - CHEF-11226: Upgrade Ruby and Ruby Dev Kit to 3.1.6 due to outdated embedded Perl version in 3.1.2 #7174 (ahasunos)
- CHEF-12173: Update regular expression to fix warnings detected by CodeQL #7222 (ahasunos)
- CHEF-16823: Introduce deprecation warning for core resources moving to resource packs in InSpec 7 #7219 (ahasunos)
- Improvements in error handling of plugin installation error #7161 (Nik08)
- Bump ffi from 1.17.0 to 1.17.1 in /omnibus #7251 (dependabot[bot])
- Bump rexml from 3.3.3 to 3.3.9 in /omnibus #7199 (dependabot[bot])
- To Fix OpenSSL 3.2.0 gem issue #7267 (poorndm)
- CHEF-18596 Fix code scanning alert no. 63: Use of a broken or weak cryptographic hashing algorithm on sensitive data #7261 (sathish-progress)
- CHEF-18596 Fix code scanning alert no. 62: Request without certificate validation #7260 (sathish-progress)
- CHEF-16676-Bug fix for spl character password #7277 (balasubramanian-s)
- Revert "CHEF-18596 Fix code scanning alert no. 62: Request without certificate validation" #7280 (Nik08)
v6.8.11
Merged Pull Requests
- Bump rexml from 3.3.2 to 3.3.3 in /omnibus #7116 (dependabot[bot])
- ci: resume habitat pipeline #7109 (ahasunos)
- enhance: improve fetch and persist to catch entitlement exception #7121 (ahasunos)
- ci: use latest local license server #7123 (ahasunos)
- added docs changes #7118 (vviveksharma)
- Editing for install script docs #7129 (IanMadd)
- CHEF-14881: Fix habitat pipeline for InSpec 6 #7127 (ahasunos)
- ci: introduce inspec-7 as part of release branches #7135 (ahasunos)
- Update install doc #7144 (IanMadd)
- CHEF-14805 Oracle db session resource fixes #7136 (Nik08)
- ci: improve hab pipeline for windows #7153 (ahasunos)
- Added fatal message check for postgres_session:query method #7154 (gokulks97)
- added the correct prod Url spellings #7166 (vviveksharma)
- Improved regex to load readme from inspec profiles #7198 (Nik08)
- chore: disable habitat package promotion in config #7197 (ahasunos)
- CHEF-12879 Test kitchen integration with InSpec 6 #7168 (Nik08)
v6.8.1
Merged Pull Requests
- Bump rexml from 3.3.2 to 3.3.3 in /omnibus #7116 (dependabot[bot])
- ci: resume habitat pipeline #7109 (ahasunos)
- enhance: improve fetch and persist to catch entitlement exception #7121 (ahasunos)
- ci: use latest local license server #7123 (ahasunos)
- added docs changes #7118 (vviveksharma)
- Editing for install script docs #7129 (IanMadd)
- CHEF-14881: Fix habitat pipeline for InSpec 6 #7127 (ahasunos)
- ci: introduce inspec-7 as part of release branches #7135 (ahasunos)
- Update install doc #7144 (IanMadd)
- CHEF-14805 Oracle db session resource fixes #7136 (Nik08)
- ci: improve hab pipeline for windows #7153 (ahasunos)
- Added fatal message check for postgres_session:query method #7154 (gokulks97)
- added the correct prod Url spellings #7166 (vviveksharma)
- Improved regex to load readme from inspec profiles #7198 (Nik08)
- chore: disable habitat package promotion in config #7197 (ahasunos)
- CHEF-12879 Test kitchen integration with InSpec 6 #7168 (Nik08)
v6.6.0
Merged Pull Requests
- CFINSPEC-452 Added Inspec parallel logging for warn/error #6245 (Nik08)
- CFINSPEC-246/CFINSPEC-247 Attestation changes for N/R outcomes #6222 (Nik08)
- Feature Config File and Logger Support #6260 (clintoncwolfe)
- Foreport 6238 to inspec-6 #6280 (Vasu1105)
- Foreport 6243 to inspec-6 #6275 (clintoncwolfe)
- Foreport 6043 to inspec-6 #6278 (clintoncwolfe)
- Foreport 6261 to InSpec 6 #6276 (ahasunos)
- Foreport 6229 to inspec 6 #6277 (Nik08)
- Foreport 6257 to inspec 6 #6279 (Nik08)
- Foreport #6267 to inspec-6 #6283 (Vasu1105)
- Added child-status reporter in features.yaml list #6288 (Nik08)
- CFINSPEC-479 Inspec parallel breaking fix #6272 (Nik08)
- Foreport #6329 to inspec-6 - Update readme for usage via Docker (CFINSPEC-516) #6333 (clintoncwolfe)
- Foreport 6304 RESOURCE-527 Add an inspec init template for alicloud #6432 (Vasu1105)
- Foreport #6239: Sync up the default branch as main #6455 (Vasu1105)
- Foreport - 6227 #6460 (Vasu1105)
- Foreport-6274 Bump omnibus-software from
1d540dcto7d0e0fein /omnibus #6462 (Vasu1105) - Foreport-6289: Fix for omnibus build failure on Windows #6463 (Vasu1105)
- Foreport #6324 Fix Ruby 2.7 Bundle Installs on CI Verify Pipeline #6446 (Vasu1105)
- Foreport #6298: CFINSPEC-493 update signing_identity #6448 (Vasu1105)
- Foreport-6330: Remove Windows Ruby 3.0 testing #6452 (Vasu1105)
- Foreport #6262 Prevent negative status from crashing launchctl service resource #6433 (Vasu1105)
- Foreport 6240: Update chefstyle from 2.0.x to 2.2.2 to use RuboCop 1.25.1 #6458 (Nik08)
- Foreport-6334: CFINSPEC-393 - Fix train-kubernetes plugin load issue #6464 (Vasu1105)
- Foreport 6340: Fix for habitat build failure #6461 (Nik08)
- Foreport-6344 Fixing typo in user_permissions #6465 (Vasu1105)
- Foreport 6342 Fix env smoke test by updating ERB.new in
inspec env; add additional test #6440 (Vasu1105) - Foreport #6337 Fix undefined method 'summary' for Gem::SourceFetchProblem (NoMethodError) when air gapped #6434 (Vasu1105)
- Foreport 6341: Use Ruby 3.1.2 in Omnibus build #6441 (Vasu1105)
- Foreport-6378 #6453 (ahasunos)
- Foreport-6381 #6451 (ahasunos)
- Foreport 6369 to inspec-6 Extended file format support for waivers: JSON & CSV only #6371 (Nik08)
- Foreport #6377 CFINSPEC-542 Bug fix for profiles with dependent profiles (#6377) #6435 (Vasu1105)
- Foreport-6385 #6447 (ahasunos)
- Foreport-6395 #6444 (ahasunos)
- Foreport #6367 CFINSPEC-522: Remove rake tasks which are no longer used #6436 (Vasu1105)
- Foreport #6384 RAKE TEST: Fix rake task for docs:cli #6437 (Vasu1105)
- Foreport-6384 #6466 (Vasu1105)
- Foreport 6401: Fix for mongodb_session resource prints debug level of information in profile run result. #6438 (Vasu1105)
- Foreport #6398: Updates release process docs as per current changes (#6398) #6439 (Vasu1105)
- Foreport-6408 Fix profile gem dependency loading issue when dependent gem is required inside profile libraries. #6467 (Vasu1105)
- Foreport-6410 #6468 (Vasu1105)
- Foreport 6386 #6469 (Vasu1105)
- Foreport 6403 #6470 (Vasu1105)
- Foreport 6442 #6473 (Vasu1105)
- Foreport-6423 #6474 (Vasu1105)
- Foreport 6360 #6476 (Vasu1105)
- Forport 6388 #6477 (Vasu1105)
- testing version bump #9 (sean-simmons-progress)
- CHEF-1267 Add omnibus release and adhoc pipelines #15 (clintoncwolfe)
- testing version bump and pipeline creation #16 (sean-simmons-progress)
- Update Gemfile to add artifactory as source for chef-licensing gem dependency #25 (Vasu1105)
- CI - Use License Key and API Key Secrets from Vault #26 (clintoncwolfe)
- Integration of chef licensing with inspec #12 (Nik08)
- Licensing - Integrates Software Entitlement #13 (Vasu1105)
- Add command to list license information #10 (ahasunos)
- CHEF-52: Add licensing information to help output #27 (ahasunos)
- Remove kitchen group from Gemfile #31 (ahasunos)
- CHEF-1957: Update chef-licesing api call
license_keystofetch_and_persist#30 (ahasunos) - CHEF-2994: Add license command to list of allowed commands #35 (ahasunos)
- CHEF-2743: Set chef executable name to display in help messages of chef-licensing #34 (ahasunos)
- CHEF-3105 Fix windows openssl issue #37 (clintoncwolfe)
- Foreport - Clarify key_rsa docs regarding SSH keys (#6507) #45 (clintoncwolfe)
- Foreport - CHEF-2438 Add train-kubernetes to inspec gemspec (#6512) #43 (clintoncwolfe)
- Foreport - fix: ensure Invoke-WebRequest headers can be configured (#6484) #41 (clintoncwolfe)
- Foreport - Bump rack from 2.2.6.2 to 2.2.6.4 in /omnibus (#6490) #42 (clintoncwolfe)
- Foreport - Update host resource to resolve all ipaddresses (#6481) #39 (clintoncwolfe)
- Foreport - Add nftables resources (#6499) #44 (clintoncwolfe)
- Foreports 6489 (CHEF-1458 Multiple values changes in SimpleConfig library) #28 (ahasunos)
- CHEF 83 Revert attestations changes #47 (sathish-progress)
- CHEF-3186: Remove fetching of bearer auth token from vault #48 (ahasunos)
- CHEF-3403: Default server URL to production value #50 (ahasunos)
- CHEF-3184 Error handling for inspec license add command - disabled in local mode #52 (Nik08)
- restrict license commands only to inspec distro #58 (sathish-progress)
- CHEF-3704 Modify help for local licensing service mode and other distros #59 (Nik08)
- Bump omnibus-software from
225e357to88169e3in /omnibus #61 (dependabot[bot]) - Bump omnibus from
cf97613to15122f2in /omnibus #62 (dependabot[bot]) - Foreport #6523: Update RSpec to 3.12 #65 (ahasunos)
- Bump berkshelf from 8.0.2 to 8.0.7 in /omnibus #63 (dependabot[bot])
- Bump omnibus from
15122f2to9c0643ain /omnibus #70 (dependabot[bot]) - Crossport Public 6545 Fix for InSpec Parallel hangs on certain CIS profiles #71 (clintoncwolfe)
- Foreports #6526 and #6541: Update Docker base image to be ubuntu 22.04 #64 (ahasunos)
- CHEF-3759 Crossport public 6540 Fix for inspec parallel on windows crashing due to error log rename #74 (clintoncwolfe)
- Bump omnibus-software from
88169e3to4b08f0bin /omnibus #73 (dependabot[bot]) - Foreport - Add postgres support for custom port with a socket connection #40 (clintoncwolfe)
- Case correction of product name in licensing config #78 (ahasunos)
- Crossport public 6549: Drop testing on EOL ruby 2.7, and run linter on Ruby 3.1 #76 (clintoncwolfe)
- Configure to use
Inspec::Login Chef Licensing #67 (ahasunos) - Adds test for licensing_config #57 (Vasu1105)
- Add chef-licensing, syncing from inspec-prime repo inspec-6 branch #6559 (clintoncwolfe)
- CHEF-3832: Fix for InSpec Parallel fails to fetch remote profiles due to cache contention. #6546 (Vasu1105)
- CHEF-4080: Point to latest EULA in GUI installers #6580 (ahasunos)
- Foreport 6568 #6579 (clintoncwolfe)
- Bump omnibus-software from
4b08f0bto3268356in /omnibus #6576 (dependabot[bot]) - CHEF-4559 Extended support to inspec parallel for reporters using config #6578 (Nik08)
- Disable git caching in omnibus builds #6584 (clintoncwolfe)
- Revert omnibus-software bump (6576) - ffi-yajl issue #6585 (clintoncwolfe)
- CHEF-3916 Add section on inspec license subcommand to online docs #6583 (ahasunos)
- CHEF-4818 revise inspec parallel docs content #6586 (IanMadd)
- CHEF-4010 make a clean exit for License list command #6552 (sathish-progress)
- Missing changes from main #6564 (sathish-progress)
- Bump omnibus-software from
4b08f0bto3268356in /omnibus #6587 (dependabot[bot]) - Adds missing release-rollup tag in CHANGELOG file #6639 (Vasu1105)
- Adds missing expeditor configuration for inspec 6 release #6624 (Vasu1105)
- Update podman.md #6502 (IanMadd)
- Fix for omnibus build failure on Windows due to ffi-yajl error #6628 (Vasu1105)
- CHEF-6123 Updated URL for chef licensing global service #6647 (Nik08)
- Fix liniting in omnibus/Gemfile #6649 (Vasu1105)
- Add license key error to troubleshooting page #6609 (IanMadd)
- Revert CLI docs page changes #6650 (IanMadd)
- CHEF-5898: Update latest EULA as used in MacOS installers #6652 (ahasunos)
- CHEF-3849: InSpec should exit quickly and clearly if waiver file is malformed/corrupt #6644 (Vasu1105)
- Move InSpec docs menu from chef-web-docs #6657 (IanMadd)
- Bump omnibus from
9c0643ato56015cbin /omnibus #6670 (dependabot[bot]) - Bump omnibus-software from
3268356toc44dea9in /omnibus #6665 (dependabot[bot]) - Bump omnibus from
56015cbto82dae89in /omnibus #6679 (dependabot[bot]) - Fix broken plugin search test #6674 (clintoncwolfe)
- Update json_schemer requirement from >= 0.2.1, < 0.2.19 to >= 0.2.1, < 2.0.1 #6693 (dependabot[bot])
- Update html-proofer requirement from ~> 3.19.4 to ~> 5.0.8 #6697 (dependabot[bot])
- Update hashie requirement from >= 3.4, < 5.0 to >= 3.4, < 6.0 #6696 (dependabot[bot])
- Revert "Update html-proofer requirement from ~> 3.19.4 to ~> 5.0.8" #6717 (Vasu1105)
- CHEF-6429: Update omnibus config to use updated signing method for msi packages #6658 (ahasunos)
- Fix Syntax #6483 (bryaend)
- CHEF-5899: Update latest EULA as used in Windows installers #6655 (ahasunos)
- Changed params usage in
inspec archiveto skip evaluation #6741 (Nik08) - Bump omnibus-software from
c44dea9to7723be6in /omnibus #6770 (dependabot[bot]) - Bump omnibus-software from
7723be6tob3d89a4in /omnibus #6787 (dependabot[bot]) - CHEF-2627 Clarify License Description on Rubygems #6630 (clintoncwolfe)
- Renames the project name in the SonarQube #6797 (Vasu1105)
- Update EULA for windows to fix formattings #6780 (ahasunos)
- Docs updates to install inspec 6 #6574 (IanMadd)
- OMNIBUS: Drop enterprise linux 6 support as it has reached EOL #6801 (ahasunos)
- Bump omnibus-software from
b3d89a4to4fef367in /omnibus #6805 (dependabot[bot]) - CI: Build on MacOS 11 intel, dropping EOL 10.15 #6789 (clintoncwolfe)
- Update links in docs #6788 (IanMadd)
- CHEF-3928 Fix in HTML2 reporter - unique ID usage for control HTML divisions #6645 (Nik08)
- CHEF-3917 Troubleshooting Page for Chef Licensing issues/errors #6612 (Nik08)
- Fixed
inspec jsonability to use cli options successfully #6796 (Nik08) - Pin Thor to < 1.3.0 to fix test failures related to aliases #6815 (Vasu1105)
- Openssl upgrade with version 1.1.1w #6748 (Nik08)
- Explicitly pin openssl to 1.0.2zi to avoid a CVE - inspec-6 #6825 (clintoncwolfe)
- Update runtime platform list #6826 (clintoncwolfe)
- Fix lint offense, TrailingWhitespace & EmptyLines #6830 (ahasunos)
- CHEF-7670 Ability to set feature preview flag using ENV #6833 (Nik08)
- Profile params usage changes - inspec compliance plugin #6832 (Nik08)
- Dev docs on profile evaluations and more #6813 (Nik08)
- CHEF-7281: Remove references to MacOS 10.15 in docs #6845 (ahasunos)
- CHEF-3745: Update supported platforms list to include RHEL 9 #6846 (ahasunos)
- CHEF-6437: Implement different version of
inspec export#6816 (ahasunos) - CHEF-7694 (CHEF-8271) : Fix security_policy resource returns array for non comma separated values #6838 (Vasu1105)
- CHEF-6439 Mandatory Profile Signing (Preview) #6705 (Nik08)
- Bump chef-licensing verison from ">= 0.4.44" to ">=0.7.5" #6856 (Vasu1105)
- CHEF-6440: Integrates audit logging feature #6809 (Vasu1105)
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}