hardening
hardening copied to clipboard
dev-sec
Update dependency inspec to v6
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| inspec | '~> 5' -> '~> 6' |
Release Notes
inspec/inspec (inspec)
v6.8.11
Merged Pull Requests
- Bump rexml from 3.3.2 to 3.3.3 in /omnibus #7116 (dependabot[bot])
- ci: resume habitat pipeline #7109 (ahasunos)
- enhance: improve fetch and persist to catch entitlement exception #7121 (ahasunos)
- ci: use latest local license server #7123 (ahasunos)
- added docs changes #7118 (vviveksharma)
- Editing for install script docs #7129 (IanMadd)
- CHEF-14881: Fix habitat pipeline for InSpec 6 #7127 (ahasunos)
- ci: introduce inspec-7 as part of release branches #7135 (ahasunos)
- Update install doc #7144 (IanMadd)
- CHEF-14805 Oracle db session resource fixes #7136 (Nik08)
- ci: improve hab pipeline for windows #7153 (ahasunos)
- Added fatal message check for postgres_session:query method #7154 (gokulks97)
- added the correct prod Url spellings #7166 (vviveksharma)
- Improved regex to load readme from inspec profiles #7198 (Nik08)
- chore: disable habitat package promotion in config #7197 (ahasunos)
- CHEF-12879 Test kitchen integration with InSpec 6 #7168 (Nik08)
v6.8.1
Merged Pull Requests
- Document where to look up the platform list #6857 (clintoncwolfe)
- CHEF-8416: Patch for broken reporter integration for compliance phase #6859 (ahasunos)
- InSpec docs reorganization #6844 (IanMadd)
- Bump omnibus-software from
4fef367tod357d5cin /omnibus #6897 (dependabot[bot]) - Bump omnibus-software from
d357d5ctof50a2adin /omnibus #6904 (dependabot[bot]) - Upgrade declared minimum ruby version in gemspec from 2.4.0 to 3.0.3 #6790 (Vasu1105)
- CI: Increase timeout for buildkite #6910 (ahasunos)
- Upgrades openssl version to 3.0.11 #6872 (Vasu1105)
- Reduce version pinning #6873 (Vasu1105)
- Fix CI test for windows #6913 (Nik08)
- Set GitHub labeler action version #6911 (IanMadd)
- CHEF-7276: Update package download URL to use https #6922 (Vasu1105)
- CHEF-8990 Remove dependency on active-support function
blank?#6914 (Nik08) - Temporary turn off pulling of chef-licensing gem from artifactory. #6945 (Vasu1105)
- CHEF-3962: Adds ability to verify ssh keys #6656 (Vasu1105)
- Turns off dependabot for inspec-4 branch #6944 (Vasu1105)
- Fix failing ssh_key test on Windows #6948 (Vasu1105)
- Reorganize reusable text files #6918 (IanMadd)
- CHEF-3166 Unit tests added for IAF file #6933 (Nik08)
- CHEF-4191 Waivers backward compatibility support with Chef Client #6919 (Nik08)
- CHEF-4442 Streaming reporter fix to capture progress correctly #6912 (Nik08)
- CHEF-6412: Fix for virutalization resource undefined method file_read #6947 (Vasu1105)
- Minor docs fix CHEF-4267 #6958 (IanMadd)
- CHEF-3160 Improve code coverage percentage - Exclude test files from code coverage #6953 (Vasu1105)
- CHEF-3162: Implement unit test for inspec-sign plugin #6959 (ahasunos)
- CHEF-3163 Adds unit test for progress bar streaming reporter #6970 (Vasu1105)
- Allow the negate formating for cmp #6862 (Taknok)
- CHEF-9848 - Exclude Warning "Unrecognized feature name" for Custom InSpec plugins. #6988 (Vasu1105)
- Fix: Update ruby base image to bullseye in CI tests #6998 (ahasunos)
- Update Netlify docs deployment #6994 (IanMadd)
- Update test with updated failure message for GCP authentication #7010 (ahasunos)
- CHEF-8598: Add support for curve25519 key exchange #6989 (ahasunos)
- Revert "CHEF-8598: Add support for curve25519 key exchange" #7026 (Vasu1105)
- CHEF-6000: Fix URL fetcher failure to work when current directory is not a Git repository #7023 (ahasunos)
- Fix uninitialized constant Parser::AST::Processor::Mixin #7030 (stanhu)
- CHEF-3833 Added delay for InSpec parallel status reporter #6993 (Nik08)
- Fix broken link for InSpec Profiles documentation page #7040 (williamtheaker)
- Bump omnibus-software from
f50a2adto88516f3in /omnibus #7037 (dependabot[bot]) - Update rspec requirement from >= 3.9, <= 3.12 to >= 3.9, <= 3.14 #6967 (dependabot[bot])
- CI: Update configuration to pick commercial license to be used during the buildkite test #7007 (ahasunos)
- Fix for failing verify pipeline due to ffi version update #7050 (Vasu1105)
- Pin the ffi version < 1.17.0 #7053 (Vasu1105)
- Remove Ruby 3.0 support #7057 (Vasu1105)
- Bump omnibus-software from
88516f3toa32e7eein /omnibus #7062 (dependabot[bot]) - Bump ffi-yajl from 2.4.0 to 2.6.0 in /omnibus #6648 (dependabot[bot])
- Bump omnibus-software from
a32e7eeto28c9c9fin /omnibus #7063 (dependabot[bot]) - Configurable backend for Chef Infra in Target Mode #7058 (thheinen)
- CHEF-12175: Remove use of
Kernel.openorIO.reador similar sinks with a non-constant value #7079 (ahasunos) - Fix gitignore file in docs dir #7082 (IanMadd)
- CHEF-12172: Incomplete string escaping or encoding #7078 (ahasunos)
- CHEF-12024 Adds C Shell support to sybase_session resource #7069 (Vasu1105)
- ci: change license server to point to local licensing server #7083 (ahasunos)
- Usage Telemetry v3 #6012 (clintoncwolfe)
- Bump omnibus-software from
28c9c9fto02fa677in /omnibus #7099 (dependabot[bot]) - Bump omnibus from
82dae89to41d5c3bin /omnibus #7089 (dependabot[bot]) - Update chef-licensing version pinning #7102 (Vasu1105)
- Increase buildkite verify pipeline timeout #7103 (Vasu1105)
- Update ssh_config resource to support returning the current sshd_config file in use. #7070 (aaronlippold)
- Telemetry log messages improved for clarity #7104 (Nik08)
- Bump omnibus-software from
02fa677tob73b772in /omnibus #7105 (dependabot[bot]) - Attempt to fix the random failure of depedency_loader unit test #7101 (Vasu1105)
- Bump omnibus from
41d5c3bto3efa84cin /omnibus #7106 (dependabot[bot])
v6.6.0
Merged Pull Requests
- CFINSPEC-452 Added Inspec parallel logging for warn/error #6245 (Nik08)
- CFINSPEC-246/CFINSPEC-247 Attestation changes for N/R outcomes #6222 (Nik08)
- Feature Config File and Logger Support #6260 (clintoncwolfe)
- Foreport 6238 to inspec-6 #6280 (Vasu1105)
- Foreport 6243 to inspec-6 #6275 (clintoncwolfe)
- Foreport 6043 to inspec-6 #6278 (clintoncwolfe)
- Foreport 6261 to InSpec 6 #6276 (ahasunos)
- Foreport 6229 to inspec 6 #6277 (Nik08)
- Foreport 6257 to inspec 6 #6279 (Nik08)
- Foreport #6267 to inspec-6 #6283 (Vasu1105)
- Added child-status reporter in features.yaml list #6288 (Nik08)
- CFINSPEC-479 Inspec parallel breaking fix #6272 (Nik08)
- Foreport #6329 to inspec-6 - Update readme for usage via Docker (CFINSPEC-516) #6333 (clintoncwolfe)
- Foreport 6304 RESOURCE-527 Add an inspec init template for alicloud #6432 (Vasu1105)
- Foreport #6239: Sync up the default branch as main #6455 (Vasu1105)
- Foreport - 6227 #6460 (Vasu1105)
- Foreport-6274 Bump omnibus-software from
1d540dcto7d0e0fein /omnibus #6462 (Vasu1105) - Foreport-6289: Fix for omnibus build failure on Windows #6463 (Vasu1105)
- Foreport #6324 Fix Ruby 2.7 Bundle Installs on CI Verify Pipeline #6446 (Vasu1105)
- Foreport #6298: CFINSPEC-493 update signing_identity #6448 (Vasu1105)
- Foreport-6330: Remove Windows Ruby 3.0 testing #6452 (Vasu1105)
- Foreport #6262 Prevent negative status from crashing launchctl service resource #6433 (Vasu1105)
- Foreport 6240: Update chefstyle from 2.0.x to 2.2.2 to use RuboCop 1.25.1 #6458 (Nik08)
- Foreport-6334: CFINSPEC-393 - Fix train-kubernetes plugin load issue #6464 (Vasu1105)
- Foreport 6340: Fix for habitat build failure #6461 (Nik08)
- Foreport-6344 Fixing typo in user_permissions #6465 (Vasu1105)
- Foreport 6342 Fix env smoke test by updating ERB.new in
inspec env; add additional test #6440 (Vasu1105) - Foreport #6337 Fix undefined method 'summary' for Gem::SourceFetchProblem (NoMethodError) when air gapped #6434 (Vasu1105)
- Foreport 6341: Use Ruby 3.1.2 in Omnibus build #6441 (Vasu1105)
- Foreport-6378 #6453 (ahasunos)
- Foreport-6381 #6451 (ahasunos)
- Foreport 6369 to inspec-6 Extended file format support for waivers: JSON & CSV only #6371 (Nik08)
- Foreport #6377 CFINSPEC-542 Bug fix for profiles with dependent profiles (#6377) #6435 (Vasu1105)
- Foreport-6385 #6447 (ahasunos)
- Foreport-6395 #6444 (ahasunos)
- Foreport #6367 CFINSPEC-522: Remove rake tasks which are no longer used #6436 (Vasu1105)
- Foreport #6384 RAKE TEST: Fix rake task for docs:cli #6437 (Vasu1105)
- Foreport-6384 #6466 (Vasu1105)
- Foreport 6401: Fix for mongodb_session resource prints debug level of information in profile run result. #6438 (Vasu1105)
- Foreport #6398: Updates release process docs as per current changes (#6398) #6439 (Vasu1105)
- Foreport-6408 Fix profile gem dependency loading issue when dependent gem is required inside profile libraries. #6467 (Vasu1105)
- Foreport-6410 #6468 (Vasu1105)
- Foreport 6386 #6469 (Vasu1105)
- Foreport 6403 #6470 (Vasu1105)
- Foreport 6442 #6473 (Vasu1105)
- Foreport-6423 #6474 (Vasu1105)
- Foreport 6360 #6476 (Vasu1105)
- Forport 6388 #6477 (Vasu1105)
- testing version bump #9 (sean-simmons-progress)
- CHEF-1267 Add omnibus release and adhoc pipelines #15 (clintoncwolfe)
- testing version bump and pipeline creation #16 (sean-simmons-progress)
- Update Gemfile to add artifactory as source for chef-licensing gem dependency #25 (Vasu1105)
- CI - Use License Key and API Key Secrets from Vault #26 (clintoncwolfe)
- Integration of chef licensing with inspec #12 (Nik08)
- Licensing - Integrates Software Entitlement #13 (Vasu1105)
- Add command to list license information #10 (ahasunos)
- CHEF-52: Add licensing information to help output #27 (ahasunos)
- Remove kitchen group from Gemfile #31 (ahasunos)
- CHEF-1957: Update chef-licesing api call
license_keystofetch_and_persist#30 (ahasunos) - CHEF-2994: Add license command to list of allowed commands #35 (ahasunos)
- CHEF-2743: Set chef executable name to display in help messages of chef-licensing #34 (ahasunos)
- CHEF-3105 Fix windows openssl issue #37 (clintoncwolfe)
- Foreport - Clarify key_rsa docs regarding SSH keys (#6507) #45 (clintoncwolfe)
- Foreport - CHEF-2438 Add train-kubernetes to inspec gemspec (#6512) #43 (clintoncwolfe)
- Foreport - fix: ensure Invoke-WebRequest headers can be configured (#6484) #41 (clintoncwolfe)
- Foreport - Bump rack from 2.2.6.2 to 2.2.6.4 in /omnibus (#6490) #42 (clintoncwolfe)
- Foreport - Update host resource to resolve all ipaddresses (#6481) #39 (clintoncwolfe)
- Foreport - Add nftables resources (#6499) #44 (clintoncwolfe)
- Foreports 6489 (CHEF-1458 Multiple values changes in SimpleConfig library) #28 (ahasunos)
- CHEF 83 Revert attestations changes #47 (sathish-progress)
- CHEF-3186: Remove fetching of bearer auth token from vault #48 (ahasunos)
- CHEF-3403: Default server URL to production value #50 (ahasunos)
- CHEF-3184 Error handling for inspec license add command - disabled in local mode #52 (Nik08)
- restrict license commands only to inspec distro #58 (sathish-progress)
- CHEF-3704 Modify help for local licensing service mode and other distros #59 (Nik08)
- Bump omnibus-software from
225e357to88169e3in /omnibus #61 (dependabot[bot]) - Bump omnibus from
cf97613to15122f2in /omnibus #62 (dependabot[bot]) - Foreport #6523: Update RSpec to 3.12 #65 (ahasunos)
- Bump berkshelf from 8.0.2 to 8.0.7 in /omnibus #63 (dependabot[bot])
- Bump omnibus from
15122f2to9c0643ain /omnibus #70 (dependabot[bot]) - Crossport Public 6545 Fix for InSpec Parallel hangs on certain CIS profiles #71 (clintoncwolfe)
- Foreports #6526 and #6541: Update Docker base image to be ubuntu 22.04 #64 (ahasunos)
- CHEF-3759 Crossport public 6540 Fix for inspec parallel on windows crashing due to error log rename #74 (clintoncwolfe)
- Bump omnibus-software from
88169e3to4b08f0bin /omnibus #73 (dependabot[bot]) - Foreport - Add postgres support for custom port with a socket connection #40 (clintoncwolfe)
- Case correction of product name in licensing config #78 (ahasunos)
- Crossport public 6549: Drop testing on EOL ruby 2.7, and run linter on Ruby 3.1 #76 (clintoncwolfe)
- Configure to use
Inspec::Login Chef Licensing #67 (ahasunos) - Adds test for licensing_config #57 (Vasu1105)
- Add chef-licensing, syncing from inspec-prime repo inspec-6 branch #6559 (clintoncwolfe)
- CHEF-3832: Fix for InSpec Parallel fails to fetch remote profiles due to cache contention. #6546 (Vasu1105)
- CHEF-4080: Point to latest EULA in GUI installers #6580 (ahasunos)
- Foreport 6568 #6579 (clintoncwolfe)
- Bump omnibus-software from
4b08f0bto3268356in /omnibus #6576 (dependabot[bot]) - CHEF-4559 Extended support to inspec parallel for reporters using config #6578 (Nik08)
- Disable git caching in omnibus builds #6584 (clintoncwolfe)
- Revert omnibus-software bump (6576) - ffi-yajl issue #6585 (clintoncwolfe)
- CHEF-3916 Add section on inspec license subcommand to online docs #6583 (ahasunos)
- CHEF-4818 revise inspec parallel docs content #6586 (IanMadd)
- CHEF-4010 make a clean exit for License list command #6552 (sathish-progress)
- Missing changes from main #6564 (sathish-progress)
- Bump omnibus-software from
4b08f0bto3268356in /omnibus #6587 (dependabot[bot]) - Adds missing release-rollup tag in CHANGELOG file #6639 (Vasu1105)
- Adds missing expeditor configuration for inspec 6 release #6624 (Vasu1105)
- Update podman.md #6502 (IanMadd)
- Fix for omnibus build failure on Windows due to ffi-yajl error #6628 (Vasu1105)
- CHEF-6123 Updated URL for chef licensing global service #6647 (Nik08)
- Fix liniting in omnibus/Gemfile #6649 (Vasu1105)
- Add license key error to troubleshooting page #6609 (IanMadd)
- Revert CLI docs page changes #6650 (IanMadd)
- CHEF-5898: Update latest EULA as used in MacOS installers #6652 (ahasunos)
- CHEF-3849: InSpec should exit quickly and clearly if waiver file is malformed/corrupt #6644 (Vasu1105)
- Move InSpec docs menu from chef-web-docs #6657 (IanMadd)
- Bump omnibus from
9c0643ato56015cbin /omnibus #6670 (dependabot[bot]) - Bump omnibus-software from
3268356toc44dea9in /omnibus #6665 (dependabot[bot]) - Bump omnibus from
56015cbto82dae89in /omnibus #6679 (dependabot[bot]) - Fix broken plugin search test #6674 (clintoncwolfe)
- Update json_schemer requirement from >= 0.2.1, < 0.2.19 to >= 0.2.1, < 2.0.1 #6693 (dependabot[bot])
- Update html-proofer requirement from ~> 3.19.4 to ~> 5.0.8 #6697 (dependabot[bot])
- Update hashie requirement from >= 3.4, < 5.0 to >= 3.4, < 6.0 #6696 (dependabot[bot])
- Revert "Update html-proofer requirement from ~> 3.19.4 to ~> 5.0.8" #6717 (Vasu1105)
- CHEF-6429: Update omnibus config to use updated signing method for msi packages #6658 (ahasunos)
- Fix Syntax #6483 (bryaend)
- CHEF-5899: Update latest EULA as used in Windows installers #6655 (ahasunos)
- Changed params usage in
inspec archiveto skip evaluation #6741 (Nik08) - Bump omnibus-software from
c44dea9to7723be6in /omnibus #6770 (dependabot[bot]) - Bump omnibus-software from
7723be6tob3d89a4in /omnibus #6787 (dependabot[bot]) - CHEF-2627 Clarify License Description on Rubygems #6630 (clintoncwolfe)
- Renames the project name in the SonarQube #6797 (Vasu1105)
- Update EULA for windows to fix formattings #6780 (ahasunos)
- Docs updates to install inspec 6 #6574 (IanMadd)
- OMNIBUS: Drop enterprise linux 6 support as it has reached EOL #6801 (ahasunos)
- Bump omnibus-software from
b3d89a4to4fef367in /omnibus #6805 (dependabot[bot]) - CI: Build on MacOS 11 intel, dropping EOL 10.15 #6789 (clintoncwolfe)
- Update links in docs #6788 (IanMadd)
- CHEF-3928 Fix in HTML2 reporter - unique ID usage for control HTML divisions #6645 (Nik08)
- CHEF-3917 Troubleshooting Page for Chef Licensing issues/errors #6612 (Nik08)
- Fixed
inspec jsonability to use cli options successfully #6796 (Nik08) - Pin Thor to < 1.3.0 to fix test failures related to aliases #6815 (Vasu1105)
- Openssl upgrade with version 1.1.1w #6748 (Nik08)
- Explicitly pin openssl to 1.0.2zi to avoid a CVE - inspec-6 #6825 (clintoncwolfe)
- Update runtime platform list #6826 (clintoncwolfe)
- Fix lint offense, TrailingWhitespace & EmptyLines #6830 (ahasunos)
- CHEF-7670 Ability to set feature preview flag using ENV #6833 (Nik08)
- Profile params usage changes - inspec compliance plugin #6832 (Nik08)
- Dev docs on profile evaluations and more #6813 (Nik08)
- CHEF-7281: Remove references to MacOS 10.15 in docs #6845 (ahasunos)
- CHEF-3745: Update supported platforms list to include RHEL 9 #6846 (ahasunos)
- CHEF-6437: Implement different version of
inspec export#6816 (ahasunos) - CHEF-7694 (CHEF-8271) : Fix security_policy resource returns array for non comma separated values #6838 (Vasu1105)
- CHEF-6439 Mandatory Profile Signing (Preview) #6705 (Nik08)
- Bump chef-licensing verison from ">= 0.4.44" to ">=0.7.5" #6856 (Vasu1105)
- CHEF-6440: Integrates audit logging feature #6809 (Vasu1105)
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}