Comparing changes
Open a pull request
- 12 commits
- 15 files changed
- 6 contributors
Commits on Aug 4, 2022
Commits on Aug 9, 2022
-
Merge pull request #1046 from puppetlabs/pdksync_GH-cat-11/main/add_u…
…buntu_22.04_support pdksync - (GH-cat-11) Certify Support for Ubuntu 22.04
Commits on Aug 10, 2022
-
Deal with net-ftp being unavailable
In Ruby 3.0 net-ftp changed from a bundled gem to a default gem. This means it may not be available, such as when running unit tests. Since ftp is becoming less and less common, this changes net-ftp to be an optional dependency. Users who do need ftp support should ensure the gem is installed.
Commits on Aug 12, 2022
-
Prior to this commit the title parameter of this defined type was not properly validated. This means that it could have been possible to use a resource title outside of the normal bounds of a package name. Additionally the `onlyif` and `command` parameter values were interpolated strings meaning that it may have been possible to execute unsafe code on the remote system. This commit fixes the above issues by adding a regex to check that the resource title is a valid apt package name and also breaks out the `onlyif` and `command` parameter values in to arrays of args ensuring that the commands executed in a safe manor on the remote system. The exception in this commit is the `unless_cmd`. This has not been broken out in to an array of args due to the requirement of the command. This is a reasonable trade of however due to the fact that action is created from known enum values and title would be pre-validated. This is also explained in mark.pp:20.
-
This commit adds additional spec tests for mark.pp. The tests validate the new resource name requirements introduced in the previous commit.
Commits on Aug 17, 2022
-
Merge pull request #1051 from puppetlabs/maint-move_apt_mark_to_provider
Harden apt-mark defined type
-
Merge pull request #1050 from ekohl/deal-with-net-ftp-as-default-gem
Deal with net-ftp being unavailable
Commits on Aug 18, 2022
-
Prior to this commit there was a possibility that malformed strings could be passed as the resources name. This could lead to unsafe executions on a remote system. This was also a possibility for the options parameter as it was constrained to a string. In addition, commands were not properly broken out in to arrays of arguments when passed to the exec resource. This commit fixes the above by adding validation to the resource name ensuring that the given ppa name conforms to expectation. Also, commands are now broken down in to arrays of arguments appropriately. This ensures safer execution on the remote system. Given that the options parameter, passed as a raw string, could lead to unsafe code execution it was reasonable to change the accepted type to an `Optional[Array[String]]. This means that an array of options can now be passed to the exec resource inside the original command.
-
Add spec test for add-apt-repository
This commit adds spec tests that validate the changes made in the previous commit.
-
Merge pull request #1052 from puppetlabs/maint-harden_ppa
Harden PPA defined type
-
Merge pull request #1054 from puppetlabs/release-prep
Release prep v9.0.0
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v8.5.0...v9.0.0