Update dependency community.crypto to v2 #54
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.9.5
->2.2.1
Release Notes
ansible-collections/community.crypto
v2.2.1
Compare Source
======
Release Summary
Bugfix release.
Bugfixes
changed
status forhost
certificates when usingfull_idempotence
(community.crypto.openssh_cert regenerate: full_idempotence acts the same as regenerate: always ansible-collections/community.crypto#395, openssh_cert - fix full_idempotence for host certificates ansible-collections/community.crypto#396).v2.2.0
Compare Source
======
Release Summary
Regular bugfix and feature release.
Minor Changes
ignore_timestamps
parameter so it can be used semi-idempotent with relative timestamps invalid_to
/valid_from
(openssh_cert: valid_at has no effect (will always be regenerated) ansible-collections/community.crypto#379).Bugfixes
LANG
and similar environment variables to avoid translated output, which can break some of the module's functionality like key management (luks_device: set LANG and similar env variables to prevent translated cryptsetup output ansible-collections/community.crypto#388, Module luks_device: adding a key not possible on other Linux locales ansible-collections/community.crypto#385).v2.1.0
Compare Source
======
Release Summary
Feature and bugfix release.
Minor Changes
cryptography
is not installed fromCan't
toCannot
(Small docs improvements ansible-collections/community.crypto#374).Bugfixes
distutils.version
instead of the deprecated Python standard librarydistutils
(Prepare for distutils.version being removed in Python 3.12 ansible-collections/community.crypto#353).New Modules
v2.0.2
Compare Source
======
Release Summary
Documentation fix release. No actual code changes.
v2.0.1
Compare Source
======
Release Summary
Bugfix release with extra forward compatibility for newer versions of cryptography.
Minor Changes
fetch_url
with changes in latest ansible-coredevel
branch (Fix compatibility to fetch_url change in ansible-core devel ansible-collections/community.crypto#339).Bugfixes
cryptography
's X.509 certificate loader whenfullchain_dest
is used (acme_certificate: fix crash when using fullchain_dest ansible-collections/community.crypto#324).state=absent
to make sure that also the secondary LUKS2 header is wiped when older versions of wipefs are used (luks_device state=absent no longer works on some RHEL 7.9 VMs in CI ansible-collections/community.crypto#326, luks_device: add built-in signature wiper to work around older wipefs versions with LUKS2 containers ansible-collections/community.crypto#327).v2.0.0
Compare Source
======
Release Summary
A new major release of the
community.crypto
collection. The main changes are removal of the PyOpenSSL backends for almost all modules (openssl_pkcs12
being the only exception), and removal of theassertonly
provider in thex509_certificate
provider. There are also some other breaking changes which should improve the user interface/experience of this collection long-term.Minor Changes
subject
andissuer
fields in in theselect_chain
entries are now more strictly validated (Allow to specify subject (for CSRs) and issuer (for CRLs) ordered ansible-collections/community.crypto#316).subject_ordered
option if the order of the components in the subject is of importance (Problems with CRL issuer matching Cert issuer. ansible-collections/community.crypto#291, Allow to specify subject (for CSRs) and issuer (for CRLs) ordered ansible-collections/community.crypto#316).subject
option (Allow to specify subject (for CSRs) and issuer (for CRLs) ordered ansible-collections/community.crypto#316).check_consistency
option to request private key consistency checks to be done (openssl_privatekey_info: disable private key consistency checks by default ansible-collections/community.crypto#309).ignore_timestamps
option which allows to enable idempotency for 'not before' and 'not after' options (x509_certificate does not recreate certificate if ownca_not_after was changed ansible-collections/community.crypto#295, x509_certificate: add ignore_timestamps option ansible-collections/community.crypto#317).issuer_ordered
option if the order of the components in the issuer is of importance (Problems with CRL issuer matching Cert issuer. ansible-collections/community.crypto#291, Allow to specify subject (for CSRs) and issuer (for CRLs) ordered ansible-collections/community.crypto#316).issuer
option (Allow to specify subject (for CSRs) and issuer (for CRLs) ordered ansible-collections/community.crypto#316).Breaking Changes / Porting Guide
dirName
text parsing and to text converting code to conform toSections 2 and 3 of RFC 4514 <https://datatracker.ietf.org/doc/html/rfc4514.html>
. This is similar to howcryptography handles this <https://cryptography.io/en/latest/x509/reference/#cryptography.x509.Name.rfc4514_string>
(Make Dirname (de)serialization conformant to RFC 4514 ansible-collections/community.crypto#274).ipaddress
. If you are using Python 2.x, please make sure to install the library (Remove vendored copy of ipaddress ansible-collections/community.crypto#287).ipaddress
(Remove vendored copy of ipaddress ansible-collections/community.crypto#287).cryptography
version used, the modules might not return the ASN.1 value for an extension as contained in the certificate respectively CSR, but a re-encoded version of it. This should usually be identical to the value contained in the source file, unless the value was malformed. For extensions not handled by C(cryptography) the value contained in the source file is always returned unaltered (Add warning for ASN.1 encoded extension values returned by some modules ansible-collections/community.crypto#318).subject
respectivelyissuer
fields no longer ignore empty values, but instead fail when encountering them (Allow to specify subject (for CSRs) and issuer (for CRLs) ordered ansible-collections/community.crypto#316).check_consistency=true
(openssl_privatekey_info: disable private key consistency checks by default ansible-collections/community.crypto#309).issuer
order is ignored. If order is important, use the newissuer_ordered
option (Allow to specify subject (for CSRs) and issuer (for CRLs) ordered ansible-collections/community.crypto#316).Deprecated Features
Removed Features (previously deprecated)
acme_directory
option is now required (Remove other deprecations ansible-collections/community.crypto#290).acme_version
option is now required (Remove other deprecations ansible-collections/community.crypto#290).retrieve_orders=url_list
no longer returns the return valueorders
. Use theorder_uris
return value instead (Remove other deprecations ansible-collections/community.crypto#290).crypto.pem
instead (Remove other deprecations ansible-collections/community.crypto#290).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).version
now only accepts the (default) value 1 (Remove other deprecations ansible-collections/community.crypto#290).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).assertonly
provider (Remove assertonly ansible-collections/community.crypto#289).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).pyopenssl
backend (Remove PyOpenSSL backends (except for openssl_pkcs12) ansible-collections/community.crypto#273).Bugfixes
v1.9.11
Compare Source
See https://github.com/ansible-collections/community.crypto/blob/stable-1/CHANGELOG.rst for all changes.
v1.9.10
Compare Source
See https://github.com/ansible-collections/community.crypto/blob/stable-1/CHANGELOG.rst for all changes.
v1.9.9
Compare Source
See https://github.com/ansible-collections/community.crypto/blob/stable-1/CHANGELOG.rst for all changes.
Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.