Updating Inspec and its dependencies

[johnmccrae]

Description

Updating Chef-17 to get past CVE's in Inspec and update selected gems to get past failures in the testers.

Related Issue

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Chore (non-breaking change that does not add functionality or fix an issue)

Checklist:

• I have read the CONTRIBUTING document.
• I have run the pre-merge tests locally and they pass.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• If Gemfile.lock has changed, I have used --conservative to do it and included the full output in the Description above.
• All new and existing tests passed.
• All commits have been signed-off for the Developer Certificate of Origin.

[johnmccrae]

Output from Bundle Update

[Admin] PS C:\localrepo\chef3 (jfm/chef17-inspec-upgrade-7) bundle update --conservative inspec-core
Warning: the running version of Bundler (2.2.33) is older than the version that created the lockfile (2.3.18). We suggest you to upgrade to the version that created the lockfile by running `gem install bundler:2.3.18`.
Fetching gem metadata from https://rubygems.org/.......
Resolving dependencies......
Using rake 13.0.6
Using public_suffix 5.0.1
Using mixlib-cli 2.1.8
Using concurrent-ruby 1.2.2
Using ffi 1.15.5 (x64-mingw32)
Using wmi-lite 1.0.7
Using ast 2.4.2
Using jmespath 1.6.2
Fetching aws-eventstream 1.2.0
Fetching aws-partitions 1.809.0
Using debug_inspector 1.1.0
Using builder 3.2.4
Using bundler 2.2.33
Using byebug 11.1.3
Using fuzzyurl 0.9.0
Using tomlrb 1.3.0
Using libyajl2 2.1.0
Using chef-vault 4.1.11
Using hashie 4.1.0
Using mixlib-log 3.0.9
Using rack 2.2.7
Using uuidtools 2.2.0
Using webrick 1.8.1
Using diff-lcs 1.5.0
Using erubis 2.7.0
Using iniparse 1.5.0
Using faraday-net_http 3.0.2
Using ruby2_keywords 0.0.5
Using tty-color 0.6.0
Using strings-ansi 0.2.0
Using unicode-display_width 2.4.2
Using unicode_utils 1.4.0
Using tty-cursor 0.7.1
Using tty-screen 0.8.1
Using wisper 2.0.1
Using method_source 1.0.0
Using multipart-post 2.3.0
Using parallel 1.23.0
Using parslet 1.8.2
Using coderay 1.1.3
Using rspec-support 3.11.1
Using rubyzip 2.3.2
Using semverse 3.0.2
Using sslshake 1.3.1
Using thor 1.2.2
Using json 2.6.3
Using net-ssh 7.1.0
Using iso8601 0.13.0
Using mixlib-authentication 3.0.10
Using ipaddress 0.8.3
Using plist 3.7.0
Using proxifier 1.0.3
Using syslog-logger 1.6.8
Using erubi 1.12.0
Using rexml 3.2.5
Using httpclient 2.8.3
Using little-plugger 1.1.4
Using multi_json 1.15.0
Using nori 2.6.0
Using rubyntlm 0.6.3
Using win32-api 1.5.3 (universal-mingw32)
Using structured_warnings 0.4.0
Using racc 1.7.1
Using rainbow 3.1.1
Using regexp_parser 2.8.1
Using ruby-progressbar 1.13.0
Using ed25519 1.3.0
Using hashdiff 1.0.1
Using rb-readline 0.5.5
Using addressable 2.8.4
Using chef-utils 17.10.101 from source at `chef-utils`
Installing aws-eventstream 1.2.0
Installing aws-partitions 1.809.0
Using ffi-win32-extensions 1.0.4
Using win32-process 0.10.0
Using corefoundation 0.3.13
Fetching ffi-libarchive 1.1.3
Using gssapi 1.3.1
Using win32-ipc 0.7.0
Using win32-eventlog 0.6.3
Using win32-mmap 0.4.2
Using binding_of_caller 1.0.0
Using mixlib-config 3.0.27
Using ffi-yajl 2.4.0
Using mixlib-archive 1.1.7 (universal-mingw32)
Using faraday 2.7.7
Using pastel 0.8.0
Using strings 0.2.1
Using tty-reader 0.9.0
Using pry 0.14.2 (was 0.13.0)
Using rspec-core 3.11.0
Using rspec-expectations 3.11.1
Using rspec-mocks 3.11.2
Using net-scp 4.0.0
Using net-sftp 4.0.0
Using fauxhai-ng 9.3.0
Using gyoku 1.4.0
Using crack 0.4.5
Using logging 2.3.1
Using win32-taskscheduler 2.0.4
Using parser 3.2.2.3
Using win32-service 2.3.2
Using mixlib-shellout 3.2.7 (universal-mingw32)
Using win32-event 0.6.3
Fetching aws-sigv4 1.6.0
Using win32-mutex 0.4.3
Using chef-powershell 1.0.13
Using chef-zero 15.0.11
Using faraday-follow_redirects 0.3.0
Using tty-box 0.7.0
Using tty-prompt 0.23.1
Using tty-table 0.12.0
Using pry-byebug 3.10.1
Using pry-stack_explorer 0.6.1
Using rspec 3.11.0
Using rspec-its 1.3.0
Using winrm 2.3.6
Using webmock 3.19.1
Using rubocop-ast 1.30.0 (was 1.29.0)
Using appbundler 0.13.4
Using chef-config 17.10.101 from source at `chef-config`
Using train-core 3.10.8
Using win32-certstore 0.6.15
Using cheffish 17.0.0
Using license-acceptance 2.1.13
Using winrm-fs 1.3.5
Using chef-telemetry 1.1.1
Using rubocop 1.25.1
Using ohai 17.9.5 from https://github.com/chef/ohai.git (at 17-stable@af56578)
Installing ffi-libarchive 1.1.3
Using winrm-elevated 1.2.3
Using inspec-core 5.22.36 (was 5.22.3)
Using chefstyle 2.2.2 from https://github.com/chef/chefstyle.git (at main@71ae977)
Installing aws-sigv4 1.6.0
Using train-winrm 0.2.13
Using inspec-core-bin 5.22.36 (was 5.22.3)
Fetching aws-sdk-core 3.181.0
Fetching vault 0.17.0
Installing vault 0.17.0
Installing aws-sdk-core 3.181.0
Fetching aws-sdk-kms 1.71.0
Fetching aws-sdk-secretsmanager 1.82.0
Installing aws-sdk-secretsmanager 1.82.0
Installing aws-sdk-kms 1.71.0
Fetching aws-sdk-s3 1.133.0
Installing aws-sdk-s3 1.133.0
Using chef 17.10.101 (universal-mingw32) from source at `.`
Using chef-bin 17.10.101 from source at `chef-bin` and installing its executables
Bundle updated!

[johnmccrae]

A second bundle update --conservative

[Admin] PS C:\localrepo\chef3 (jfm/chef17-inspec-upgrade-7) bundle update --conservative
Warning: the running version of Bundler (2.2.33) is older than the version that created the lockfile (2.3.18). We suggest you to upgrade to the version that created the lockfile by running `gem install bundler:2.3.18`.
Fetching https://github.com/chef/chefstyle.git
Fetching https://github.com/chef/ruby-shadow
Fetching https://github.com/chef/ohai.git
Fetching gem metadata from https://rubygems.org/.......
Resolving dependencies........
Using rake 13.1.0 (was 13.0.6)
Using public_suffix 5.0.1
Using mixlib-cli 2.1.8
Using concurrent-ruby 1.2.2
Using ffi 1.15.5 (x64-mingw32)
Using aws-eventstream 1.2.0
Using wmi-lite 1.0.7
Using ast 2.4.2
Using aws-partitions 1.809.0
Using jmespath 1.6.2
Using bundler 2.2.33
Using debug_inspector 1.1.0
Using builder 3.2.4
Using byebug 11.1.3
Using fuzzyurl 0.9.0
Using tomlrb 1.3.0
Using libyajl2 2.1.0
Using chef-vault 4.1.11
Using rack 2.2.7
Using hashie 4.1.0
Using mixlib-log 3.0.9
Using uuidtools 2.2.0
Using webrick 1.8.1
Using diff-lcs 1.5.0
Using erubis 2.7.0
Using ruby2_keywords 0.0.5
Using iniparse 1.5.0
Using faraday-net_http 3.0.2
Using tty-color 0.6.0
Using strings-ansi 0.2.0
Using unicode-display_width 2.4.2
Using tty-screen 0.8.1
Using unicode_utils 1.4.0
Using tty-cursor 0.7.1
Using wisper 2.0.1
Using method_source 1.0.0
Using multipart-post 2.3.0
Using parallel 1.23.0
Using parslet 1.8.2
Using coderay 1.1.3
Using rspec-support 3.11.1
Using rubyzip 2.3.2
Using semverse 3.0.2
Using sslshake 1.3.1
Using thor 1.2.2
Using json 2.6.3
Using net-ssh 7.1.0
Using iso8601 0.13.0
Using mixlib-authentication 3.0.10
Using ipaddress 0.8.3
Using plist 3.7.0
Using proxifier 1.0.3
Using syslog-logger 1.6.8
Using erubi 1.12.0
Using rexml 3.2.5
Using httpclient 2.8.3
Using little-plugger 1.1.4
Using multi_json 1.15.0
Using nori 2.6.0
Using rubyntlm 0.6.3
Using win32-api 1.5.3 (universal-mingw32)
Using structured_warnings 0.4.0
Using racc 1.7.1
Using rainbow 3.1.1
Using regexp_parser 2.8.1
Using ruby-progressbar 1.13.0
Using ed25519 1.3.0
Using hashdiff 1.0.1
Using chef-utils 17.10.101 from source at `chef-utils`
Using rb-readline 0.5.5
Using addressable 2.8.4
Using ffi-win32-extensions 1.0.4
Using win32-process 0.10.0
Using aws-sigv4 1.6.0
Using corefoundation 0.3.13
Using ffi-libarchive 1.1.3
Using gssapi 1.3.1
Using win32-ipc 0.7.0
Using win32-eventlog 0.6.3
Using binding_of_caller 1.0.0
Using win32-mmap 0.4.2
Using mixlib-config 3.0.27
Using ffi-yajl 2.4.0
Using mixlib-archive 1.1.7 (universal-mingw32)
Using faraday 2.7.7
Using pastel 0.8.0
Using strings 0.2.1
Using tty-reader 0.9.0
Using pry 0.14.2
Using rspec-core 3.11.0
Using rspec-expectations 3.11.1
Using rspec-mocks 3.11.2
Using net-scp 4.0.0
Using net-sftp 4.0.0
Using fauxhai-ng 9.3.0
Using gyoku 1.4.0
Using crack 0.4.5
Using win32-taskscheduler 2.0.4
Using logging 2.3.1
Using parser 3.2.2.3
Using win32-service 2.3.2
Using aws-sdk-core 3.181.0
Using vault 0.17.0
Using win32-event 0.6.3
Using win32-mutex 0.4.3
Using chef-powershell 1.0.13
Using chef-zero 15.0.11
Using faraday-follow_redirects 0.3.0
Using tty-box 0.7.0
Using tty-table 0.12.0
Using tty-prompt 0.23.1
Using pry-byebug 3.10.1
Using pry-stack_explorer 0.6.1
Using rspec 3.11.0
Using rspec-its 1.3.0
Using winrm 2.3.6
Using webmock 3.19.1
Using rubocop-ast 1.30.0
Using aws-sdk-secretsmanager 1.82.0
Using aws-sdk-kms 1.71.0
Using win32-certstore 0.6.15
Using license-acceptance 2.1.13
Using winrm-fs 1.3.5
Using rubocop 1.25.1
Using aws-sdk-s3 1.133.0
Using winrm-elevated 1.2.3
Using chefstyle 2.2.3 (was 2.2.2) from https://github.com/chef/chefstyle.git (at main@1293442)
Using train-winrm 0.2.13
Using mixlib-shellout 3.2.7 (universal-mingw32)
Using cheffish 17.0.0
Using chef-config 17.10.101 from source at `chef-config`
Using appbundler 0.13.4
Using train-core 3.10.8
Using ohai 17.9.5 from https://github.com/chef/ohai.git (at 17-stable@af56578)
Using chef-telemetry 1.1.1
Using inspec-core 5.22.36
Using inspec-core-bin 5.22.36
Using chef 17.10.101 (universal-mingw32) from source at `.`
Using chef-bin 17.10.101 from source at `chef-bin` and installing its executables
Bundle updated!

[sonarcloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud