Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 0.3.6 #1051

Merged
merged 10 commits into from
Apr 4, 2024
Merged

Release 0.3.6 #1051

merged 10 commits into from
Apr 4, 2024

Conversation

moreati
Copy link
Member

@moreati moreati commented Apr 4, 2024

  • Support Ansible 7
  • Raise TypeError in mitogen.util.cast() when casting a string subtype to bytes() or str() fails. This is
    potentially an API breaking change. Failures previously passed silently.
  • Add ansible_mitogen.util.cast(), to cast ansible.utils.unsafe_proxy.AnsibleUnsafe objects in Ansible 7+.

cc @dw

moreati and others added 10 commits March 17, 2024 16:00
@moreati
Start v0.3.6 development
fc24b3f
@moreati
Merge pull request mitogen-hq#1043 from moreati/rel-0.3.5
a9d32a7 
Prepare 0.3.5 release, start 0.3.6 development
@moreati
docs: Correct PEP 451 hyperlink
50efa53
@moreati
Merge pull request mitogen-hq#1047 from mitogen-hq/changlog-pep451
21e874e 
docs: Correct PEP 451 hyperlink
@opoplawski @moreati
ansible_mitogen: Add Ansible 7 support
dfc3c7d 
Co-authored-by: Orion Poplawski <orion@nwra.com>
@moreati
mitogen: Raise TypeError on mitogen.utils.cast(custom_str) failures
d7979c3 
If casting a string fails then raise a TypeError. This is potentially an API
breaking change; chosen as the lesser evil vs. allowing silent errors.

`cast()` relies on `bytes(obj)` & `str(obj)` returning the respective
supertype. That's no longer the case for `AnsibleUnsafeBytes` &
`AnsibleUnsafeText`; since fixes/mitigations for  CVE-2023-5764.

fixes mitogen-hq#1046, refs mitogen-hq#977

See also
- GHSA-7j69-qfc3-2fq9
- ansible/ansible#82293
@moreati
ansible_mitogen: Make ansible_mitogens.utils a package
813f253 
Prep work for ansible_mitogen.utils.unsafe
@moreati
ansible_mitogen: Handle AnsibleUnsafeText et al in Ansible >= 7
b822f20 
Follwing fixes in Ansible 7-9 for CVE-2023-5764 cating `AnsibleUnsafeBytes` &
`AnsibleUnsafeText` to `bytes()` or `str()` requires special handling. The
handling is Ansible specific, so it shouldn't go in the mitogen package but
rather the ansible_mitogen package.

`ansible_mitogen.utils.unsafe.cast()` is most like `mitogen.utils.cast()`.
During development it began as `ansible_mitogen.utils.unsafe.unwrap_var()`,
closer to an inverse of `ansible.utils.unsafe_procy.wrap_var()`. Future
enhancements may move in this direction.

refs mitogen-hq#977, refs mitogen-hq#1046

See also
- GHSA-7j69-qfc3-2fq9
- ansible/ansible#82293
- https://github.com/mitogen-hq/mitogen/wiki/AnsibleUnsafe-notes
@moreati
Prepare 0.3.6
5d789fa
@moreati
Merge v0.3.6 preperation
f60d6fe
@moreati moreati merged commit b488bae into mitogen-hq:stable Apr 4, 2024
44 checks passed
@moreati moreati deleted the rel-0.3.6 branch April 4, 2024 12:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@moreati @opoplawski