{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":633951630,"defaultBranch":"main","name":"openssl-fips","ownerLogin":"puppetlabs","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2023-04-28T16:54:39.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/234268?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1716570035.0","currentOid":""},"activityList":{"items":[{"before":"6f2389d4480844b2b561ce40da0ea2ea5d1ee38b","after":null,"ref":"refs/heads/3.0.9","pushedAt":"2024-05-23T21:24:57.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"mhashizume","name":"Michael Hashizume","path":"/mhashizume","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13651593?s=80&v=4"}},{"before":"8d77171c6bf41896fa6054b80d000f19e3adab90","after":"73665acb7ee8e26e986dce58f4ab49328058c2b0","ref":"refs/heads/main","pushedAt":"2024-05-23T21:20:21.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"mhashizume","name":"Michael Hashizume","path":"/mhashizume","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13651593?s=80&v=4"},"commit":{"message":"Merge pull request #8 from puppetlabs/3.0.9\n\n(PA-6480) Bump openssl fips provider to 3.0.9","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2311947248\" data-permission-text=\"Title is private\" data-url=\"https://github.com/puppetlabs/openssl-fips/issues/8\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/puppetlabs/openssl-fips/pull/8/hovercard\" href=\"https://github.com/puppetlabs/openssl-fips/pull/8\">#8</a> from puppetlabs/3.0.9"}},{"before":"cdd6e93d5ea140e088fb464476da47806f8cfc7f","after":"6f2389d4480844b2b561ce40da0ea2ea5d1ee38b","ref":"refs/heads/3.0.9","pushedAt":"2024-05-23T19:17:26.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PA-6480) Bump openssl fips provider to 3.0.9\n\nVersion 3.0.0 of the fips provider is considered \"historic\" according to\nhttps://openssl.org/source/index.html. The most current validated version\nis 3.0.9, so use that.\n\nhttps://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4282\nhttps://openssl.org/source/fips-doc/openssl-3.0.9-security-policy-2024-01-12.pdf","shortMessageHtmlLink":"(PA-6480) Bump openssl fips provider to 3.0.9"}},{"before":null,"after":"cdd6e93d5ea140e088fb464476da47806f8cfc7f","ref":"refs/heads/3.0.9","pushedAt":"2024-05-23T04:17:25.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PA-6480) Bump openssl fips provider to 3.0.9\n\nVersion 3.0.0 of the fips provider is considered \"historic\" according to\nhttps://openssl.org/source/index.html. The most current validated version\nis 3.0.9, so use that.\n\nhttps://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4282\nhttps://openssl.org/source/fips-doc/openssl-3.0.9-security-policy-2024-01-12.pdf","shortMessageHtmlLink":"(PA-6480) Bump openssl fips provider to 3.0.9"}},{"before":"f86310fd1ed72f6973ceb2498715922726281308","after":null,"ref":"refs/heads/revert-6-PA-6066","pushedAt":"2024-02-22T04:38:36.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"skyamgarp","name":null,"path":"/skyamgarp","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/130442619?s=80&v=4"}},{"before":null,"after":"f86310fd1ed72f6973ceb2498715922726281308","ref":"refs/heads/revert-6-PA-6066","pushedAt":"2024-02-21T12:58:38.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"skyamgarp","name":null,"path":"/skyamgarp","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/130442619?s=80&v=4"},"commit":{"message":"Revert \"(PA-6066) Add Red Hat 9 FIPS (Intel) platform definition to openssl-fips\"","shortMessageHtmlLink":"Revert \"(PA-6066) Add Red Hat 9 FIPS (Intel) platform definition to o…"}},{"before":"ae79b153dc906e5794b320a83906d53b452e4dff","after":"8d77171c6bf41896fa6054b80d000f19e3adab90","ref":"refs/heads/main","pushedAt":"2024-02-21T11:09:29.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"skyamgarp","name":null,"path":"/skyamgarp","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/130442619?s=80&v=4"},"commit":{"message":"Merge pull request #6 from skyamgarp/PA-6066\n\n(PA-6066) Add Red Hat 9 FIPS (Intel) platform definition to openssl-fips","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2146006702\" data-permission-text=\"Title is private\" data-url=\"https://github.com/puppetlabs/openssl-fips/issues/6\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/puppetlabs/openssl-fips/pull/6/hovercard\" href=\"https://github.com/puppetlabs/openssl-fips/pull/6\">#6</a> from skyamgarp/PA-6066"}},{"before":"81a1cdbcb8b94b3a8be701b5c1e35e9d0c17ea02","after":"ae79b153dc906e5794b320a83906d53b452e4dff","ref":"refs/heads/main","pushedAt":"2023-08-30T20:08:37.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"Merge pull request #5 from amitkarsale/PE-36727-pe-client-tools-openssl\n\n(PE-36727) Adding openssl-fips-client-tools project","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1873597158\" data-permission-text=\"Title is private\" data-url=\"https://github.com/puppetlabs/openssl-fips/issues/5\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/puppetlabs/openssl-fips/pull/5/hovercard\" href=\"https://github.com/puppetlabs/openssl-fips/pull/5\">#5</a> from amitkarsale/PE-36727-pe-client-tools-openssl"}},{"before":null,"after":"7038790fe7dde32ea8529b6becc5ab2068d960b2","ref":"refs/heads/PE-36727-pe-client-tools-openssl","pushedAt":"2023-08-30T18:46:16.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PE-36727) Adding openssl-fips-client-tools project","shortMessageHtmlLink":"(PE-36727) Adding openssl-fips-client-tools project"}},{"before":"1eecb7170490ac8da19062f032aadff384acded0","after":null,"ref":"refs/heads/choco-1.4","pushedAt":"2023-08-28T22:59:57.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"AriaXLi","name":"Aria Li (she/her)","path":"/AriaXLi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/53382941?s=80&v=4"}},{"before":"e5684fdc4391e9d5cd73a65eae8100ce908468d6","after":"81a1cdbcb8b94b3a8be701b5c1e35e9d0c17ea02","ref":"refs/heads/main","pushedAt":"2023-08-28T22:59:54.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"AriaXLi","name":"Aria Li (she/her)","path":"/AriaXLi","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/53382941?s=80&v=4"},"commit":{"message":"Merge pull request #3 from puppetlabs/choco-1.4\n\n(maint) Pin to chocolatey 1.4","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1870589496\" data-permission-text=\"Title is private\" data-url=\"https://github.com/puppetlabs/openssl-fips/issues/3\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/puppetlabs/openssl-fips/pull/3/hovercard\" href=\"https://github.com/puppetlabs/openssl-fips/pull/3\">#3</a> from puppetlabs/choco-1.4"}},{"before":"ef068bc6142606a6e98ebc4f9e13308ede23b879","after":"1eecb7170490ac8da19062f032aadff384acded0","ref":"refs/heads/choco-1.4","pushedAt":"2023-08-28T22:22:55.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(maint) Pin to chocolatey 1.4\n\nChocolatey 2.0 dropped the deprecated Get-BinRoot script which mingw-w64 relies\non, so pin back to 1.4.0 for now. We also have to disable upgrades so we don't\nupgrade to 2.0.\n\nSee also puppetlabs/puppet-runtime@5a342f27844fb92a275bb37ba44e61a22c1df7af","shortMessageHtmlLink":"(maint) Pin to chocolatey 1.4"}},{"before":null,"after":"ef068bc6142606a6e98ebc4f9e13308ede23b879","ref":"refs/heads/choco-1.4","pushedAt":"2023-08-28T22:21:31.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(maint) Pin to chocolatey 1.4\n\nThe mingw 5.2 choco package relies on `Get-BinRoot` which is no longer supported in choco v2.\nPin to 1.4 as was done in puppetlabs/puppet-runtime@5a342f27844fb92a275bb37ba44e61a22c1df7af","shortMessageHtmlLink":"(maint) Pin to chocolatey 1.4"}},{"before":"3d5bc63ceda1b9c1b77d31885edd6b1658678040","after":"e5684fdc4391e9d5cd73a65eae8100ce908468d6","ref":"refs/heads/main","pushedAt":"2023-08-24T21:35:19.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"tvpartytonight","name":"Tony Vu","path":"/tvpartytonight","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5789610?s=80&v=4"},"commit":{"message":"Merge pull request #2 from donoghuc/PE-36616-bugfix\n\n(PE-36616) Fix bug introduced refactoring to use shared settings","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1865883034\" data-permission-text=\"Title is private\" data-url=\"https://github.com/puppetlabs/openssl-fips/issues/2\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/puppetlabs/openssl-fips/pull/2/hovercard\" href=\"https://github.com/puppetlabs/openssl-fips/pull/2\">#2</a> from donoghuc/PE-36616-bugfix"}},{"before":"084a053c9931310c9177925f7c0d9a87fef8253a","after":"3d5bc63ceda1b9c1b77d31885edd6b1658678040","ref":"refs/heads/main","pushedAt":"2023-08-24T20:24:07.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"tvpartytonight","name":"Tony Vu","path":"/tvpartytonight","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/5789610?s=80&v=4"},"commit":{"message":"Merge pull request #1 from donoghuc/PE-36616\n\n(PE-36616) Compile openssl-fips module for bolt-server","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"1862020545\" data-permission-text=\"Title is private\" data-url=\"https://github.com/puppetlabs/openssl-fips/issues/1\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/puppetlabs/openssl-fips/pull/1/hovercard\" href=\"https://github.com/puppetlabs/openssl-fips/pull/1\">#1</a> from donoghuc/PE-36616"}},{"before":"6e94106d4e0796d881e294ca494c2c0a6d678ddf","after":"084a053c9931310c9177925f7c0d9a87fef8253a","ref":"refs/heads/main","pushedAt":"2023-05-09T23:38:18.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PA-4877) Add Windows FIPS\n\nThis is mostly copied from the runtime, but we don't need to install\nMSVC (that's only used for pxp-agent).","shortMessageHtmlLink":"(PA-4877) Add Windows FIPS"}},{"before":"a27f7161b2082cfe21d07c3194277ab12f46c56b","after":"6e94106d4e0796d881e294ca494c2c0a6d678ddf","ref":"refs/heads/main","pushedAt":"2023-05-09T18:25:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(maint) Delete fipsmodule.conf from tarball\n\nThe fipsmodule.conf must be generated on the host at install time (and not\ncopied from the build host). Otherwise, the fips provider will fail to load.\n\nTo prevent fipsmodule.conf accidentally leaking into puppet-agent packages,\nremove the footgun from the openssl-fips tarball.","shortMessageHtmlLink":"(maint) Delete fipsmodule.conf from tarball"}},{"before":"21d5a05ce677b3acc35f504ce0e4825288bd9a8c","after":"a27f7161b2082cfe21d07c3194277ab12f46c56b","ref":"refs/heads/main","pushedAt":"2023-05-04T15:36:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PA-5407) Generate version string based on git ref\n\nThis produces a tarball of the form:\n\n    openssl-fips-202305030.redhatfips-7-x86_64.tar.gz\n\nAlso update typo.","shortMessageHtmlLink":"(PA-5407) Generate version string based on git ref"}},{"before":"691693d36bb9b83a4f68f602fb4fde2996e45fb0","after":"21d5a05ce677b3acc35f504ce0e4825288bd9a8c","ref":"refs/heads/main","pushedAt":"2023-05-04T03:55:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PA-5407) Simplify configure script\n\nRemove most of the configure options in keeping with the OpenSSL 3 FIPS 140-2\nSecurity Policy, Appendix A[1]. The options do affect which source files are\ncompiled, but not which algorithms are added to the fips module, which is the\nonly thing we install.\n\nMost of the options will be applied to the `openssl-3.0` component in the\npuppet-runtime project in PA-5409 (since that's where it matters).\n\nRemoved the `make depend` target, since it hasn't been necessary since OpenSSL 1.1.0[2]\n\n[1] https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4282.pdf\n[2] https://github.com/openssl/openssl/blob/openssl-3.0.0/INSTALL.md#makefile-targets","shortMessageHtmlLink":"(PA-5407) Simplify configure script"}},{"before":"60c8fbb451469d68e86f8190f0fc404074ed12e4","after":"691693d36bb9b83a4f68f602fb4fde2996e45fb0","ref":"refs/heads/main","pushedAt":"2023-05-03T20:20:43.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PA-4863) Add README","shortMessageHtmlLink":"(PA-4863) Add README"}},{"before":"bdcf9e796c118dd6677657e324c77ab72a9725b8","after":"60c8fbb451469d68e86f8190f0fc404074ed12e4","ref":"refs/heads/main","pushedAt":"2023-04-28T22:33:03.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PA-4863) Add packaging metadata\n\nThis is necessary for packaging to ship the tarball.","shortMessageHtmlLink":"(PA-4863) Add packaging metadata"}},{"before":"4e1fc4b543902e1f000d50eea194c10197835862","after":"bdcf9e796c118dd6677657e324c77ab72a9725b8","ref":"refs/heads/main","pushedAt":"2023-04-28T21:11:57.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"joshcooper","name":"Josh Cooper","path":"/joshcooper","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/737664?s=80&v=4"},"commit":{"message":"(PA-4863) Build openssl fips provider for RHEL 7 & 8\n\n* We must use openssl 3.0.0 to build the fips provider, though\n  it can be installed in newer openssl distributions.\n\n* OpenSSL 3.0 now accepts CFLAGS, etc environment variables\n\n* Disable unneeded algorithms, etc including legacy provider\n\nThis makes it possible to build the fips provider in the form of a fips.so\nshared library. In order to use the provider:\n\n* it must be installed during the puppet-agent build\n\n* fipsmodule.cnf must be generated using `openssl fipsinstall`. This adds\n  checksums to fipsmodule.cnf and runs FIPS self tests.\n\n* openssl.cnf must be updated to include fipsmodule.cnf and enable the fips\n  provider. The fips provider doesn't include algorithms for read/writing keys,\n  e.g. PEM, so either the default or base provider must also be enabled.","shortMessageHtmlLink":"(PA-4863) Build openssl fips provider for RHEL 7 &amp; 8"}},{"before":"1f2626b20e169b24e70e9da61d870a09ab72dc8f","after":"4e1fc4b543902e1f000d50eea194c10197835862","ref":"refs/heads/main","pushedAt":"2023-04-28T16:54:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"puppet-sec-bot","name":"Puppet Security Bot","path":"/puppet-sec-bot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/85572660?s=80&v=4"},"commit":{"message":"CODEOWNERS by slack-gitbot","shortMessageHtmlLink":"CODEOWNERS by slack-gitbot"}},{"before":null,"after":"1f2626b20e169b24e70e9da61d870a09ab72dc8f","ref":"refs/heads/main","pushedAt":"2023-04-28T16:54:40.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"puppet-sec-bot","name":"Puppet Security Bot","path":"/puppet-sec-bot","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/85572660?s=80&v=4"},"commit":{"message":"Initial commit","shortMessageHtmlLink":"Initial commit"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEUnYV4AA","startCursor":null,"endCursor":null}},"title":"Activity · puppetlabs/openssl-fips"}