External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-01 01:28:09 -03:30
Code Issues Packages Projects Releases Wiki Activity
34,098 Commits 55 Branches 102 Tags
feature_ui_development
Commit Graph

232 Commits

Author SHA1 Message Date
Jake Jackson
bfd811f408 Upgrade aiohttp for cve 2024-23829 (#15257) 2024-06-12 19:20:40 +00:00
Jake Jackson
6dc4a4508d fix cve 2024-24680 (#15250) 2024-06-04 15:44:09 -04:00
Hao Liu
cf09a4220d Repin cython due to https://github.com/yaml/pyyaml/pull/702 (#15248) 
* Revert "Unpin cypthon (#15246)"

This reverts commit 659c3b64de.

* Pin grpcio

Avoid cython 3 due to https://github.com/yaml/pyyaml/pull/702

* Delete asyncpg.txt
 2024-06-03 19:42:20 +00:00
Hao Liu
659c3b64de Unpin cypthon (#15246) 
* Unpin cython

* Remove unused asyncpg

* Remove asyncpg license file
 2024-06-03 11:41:56 -04:00
Chris Meyers
a15bcf1d55 Add requirements comment 2024-05-31 13:55:17 -04:00
Chris Meyers
cae42653bf Add recording 
* Always output awx logs to a file via otel
* That log file can always be later replayed into a product that
  supports otlp at a later date.
* Useful when you find a problem that you need a time series DB to help
  find and solve.
* Useful if a community member or customer has a problem where a time
  series db would be helpful. You can take a "remote" users log and
  replay it locally for analysis.
 2024-05-31 13:55:17 -04:00
Chris Meyers
da46a29f40 Move requirements out of dev and into mainline 
* Add new package license files
 2024-05-31 13:55:17 -04:00
Alan Rominger
014534bfa5 Upgrade DRF (#15144) 
* Upgrade DRF

* Fix failures caused by DRF upgrade
 2024-04-25 15:37:08 -04:00
Alan Rominger
e3af658f82 Use released version of django-radius (#15103) 2024-04-12 16:34:23 -04:00
Cesar Francisco San Nicolas Martinez
393d9c39c6 Mismatch dependencies version (#14986) 
* Fixed mismatch between setuptools version in the makefile and requirements file

* Fix mismatch of versions in makefile and requirements

* Added maturin license
 2024-03-14 13:32:56 +01:00
Dave
12843eccf7 AAP-13369 Python 3.9 -> 3.11 upgrade (#14771) 
* Python 3.9 -> 3.11 upgrade

* Test: updating azure-keyvault to 4.2.0

* Revert "Test: updating azure-keyvault to 4.2.0"

This reverts commit cf0b83699442e0c0de4a1152d4af8543a5e05b88.

* Test: updating azure-keyvault to latest and adding azure-identity

* Fix licenses

* Adding new licenses

* Revert "Fix licenses"

This reverts commit da3876911ef5ebbe7a8adbddd336ced3039b6228.

* Fixing dependencies

* Test: updating azure-keyvault to 4.2.0

* Fix licenses

* Revert "Fix licenses"

This reverts commit da3876911ef5ebbe7a8adbddd336ced3039b6228.

* Fixing dependencies

---------

Co-authored-by: César Francisco San Nicolás Martínez <csannico@redhat.com>
 2024-03-13 14:41:40 +01:00
Hao Liu
88e406e121 Fix CVEs and bump receptorctl (#14925) 
CVE-2023-47627
CVE-2023-49083
CVE-2023-41040
CVE-2024-22195
CVE-2023-46137
 2024-02-26 15:48:38 +00:00
Alan Rominger
4d80f886e0 Revert "Drop cython dep" (#14884) 
* Revert "Remove cython lib"

This reverts commit 46f816e7a4.

* Revert "WIP consider droping cython dep"

This reverts commit 54b32c10f0.

* Update Cython comment
 2024-02-15 11:58:17 -05:00
Alan Rominger
54b32c10f0 WIP consider droping cython dep 2024-02-13 14:45:28 +00:00
jessicamack
b091f6cf79 Add django-ansible-base (#14705) 
* add django-ansible-base

Signed-off-by: jessicamack <jmack@redhat.com>

* add licenses

* add django-ansible-base

Signed-off-by: jessicamack <jmack@redhat.com>

* add licenses

* apply patch to fix permissions issue

---------

Signed-off-by: jessicamack <jmack@redhat.com>
 2023-12-07 11:45:44 -05:00
Hao Liu
bcefcd8cf8 Remove specific version for receptorctl (#14593) 2023-10-19 22:49:42 -04:00
Hao Liu
e9bd99c1ff Fix CVE-2023-43665 (#14561) 2023-10-12 14:00:32 -04:00
Alan Rominger
19ca480078 Upgrade client library for dsv since tss already landed (#14362) 2023-10-11 16:01:22 -04:00
Hao Liu
a88e47930c Update django version to address CVE-2023-41164 (#14460) 2023-09-27 09:36:02 -04:00
Hao Liu
ffa59864ee Fix CVE-2023-40267 (#14388) 
CVE-2023-40267 GitPython: Insecure non-multi options in clone and clone_from is not blocked https://bugzilla.redhat.com/show_bug.cgi?id=2231474

GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.

References:
gitpython-developers/GitPython@ca965ec gitpython-developers/GitPython#1609
 2023-08-28 15:35:32 -04:00
Rick Elrod
4dd823121a Update cryptography for CVE-2023-38325 (#14358) 
Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-08-23 10:54:20 -05:00
delinea-sagar
c75757bf22 Update python-tss-sdk dependency (#14207) 
Signed-off-by: delinea-sagar <sagar.wani@c.delinea.com>
 2023-08-16 20:07:35 +00:00
Alan Rominger
284bd8377a Integrate scheduler into dispatcher main loop (#14067) 
Dispatcher refactoring to get pg_notify publish payload
  as separate method

Refactor periodic module under dispatcher entirely
  Use real numbers for schedule reference time
  Run based on due_to_run method

Review comments about naming and code comments
 2023-08-10 14:43:07 -04:00
Seth Foster
601b62deef bump python-daemon package (#14301) 2023-08-01 01:39:17 +00:00
Rick Elrod
445d892050 Drop unused django-taggit dependency (#14241) 
This drops the django-taggit dependency and drops the relevant fields
from old migrations.

Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-07-31 10:05:27 -05:00
Satoe Imaishi
8e2a5ed8ae Require pyyaml >= 6.0.1 (#14262) 2023-07-18 16:25:14 -05:00
Rick Elrod
8cfb704f86 Migrate from django-redis to Django's built-in Redis caching support (#14210) 
Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-07-13 12:16:16 -05:00
John Westcott IV
efcac860de Upgrade django to 4.2.3 (#14228) 2023-07-13 08:52:50 -04:00
Gabriel Muniz
9676a95e05 Add AWS Secretsmanager plugin (#13778) 
Co-authored-by: Jessica Steurer <70719005+jay-steurer@users.noreply.github.com>
 2023-06-15 10:12:02 -04:00
John Westcott IV
dfe8b3b16b Removes psycopg2 in favor of psycopg3 2023-06-14 17:40:15 -04:00
John Westcott IV
098861d906 Updated sqlparse library (#13962) 
Co-authored-by: Jessica Steurer <70719005+jay-steurer@users.noreply.github.com>
 2023-05-24 08:09:29 -03:00
John Westcott IV
8d6f50fae8 Upgrading djgno to 4.2 LTS 2023-05-11 11:45:15 -04:00
John Westcott IV
ecfbcb641e Adding upgrade to django-oauth-toolkit pre-migraiton 2023-05-11 11:43:33 -04:00
John Westcott IV
7e4da7efa2 Updated pycryptography (#13964) 
Co-authored-by: Jessica Steurer <70719005+jay-steurer@users.noreply.github.com>
 2023-05-11 09:25:56 -03:00
Rick Elrod
74c46568c1 [wsrelay] switch from psycopg 3 to asyncpg (#13965) 
Due to dependency issues specifically around upgrading to Django 4.2, we
cannot feasibly have a dependency on psycopg2 and psycopg3. The only
place that was currently using psycopg3 was wsrelay.

Change wsrelay to use the asyncpg library and psycopg2 instead.

Tested locally on kind with a dev build of awx.

Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-05-10 09:10:35 -05:00
Rick Elrod
513f433f17 Add comment for new psycopg dep 
Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-03-29 22:09:18 -04:00
Rick Elrod
a9e7508e92 WIP: Make wsrelay listen for pg_notify heartbeat 
Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-03-29 22:09:18 -04:00
Satoe Imaishi
bda806fd03 Merge pull request #6276 from simaishi/43_bump_deps 
[4.3] Bump python dependencies for security fixes
 2023-01-23 11:43:20 -05:00
Seth Foster
0c980fa7d5 Merge pull request #13366 from fosterseth/bump_receptorctl_1.3.0 
bump receptorctl version to 1.3.0
 2022-12-21 16:27:25 -05:00
Seth Foster
3543644e0e bump receptorctl version to 1.3.0 2022-12-21 13:36:11 -05:00
Dimitri Savineau
239827a9cf Pin hiredis to 2.0.0 
The hiredis 2.1.0 release doesn't provide source distribution on PyPi so
users can't build that python package from sources.

Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
 2022-12-21 11:57:41 -05:00
Rick Elrod
5dd0eab806 Pin channels-redis to 4.3.1 to fix an async issue (#13348) 
Refs django/channels_redis#332
Refs #13313

Signed-off-by: Rick Elrod <rick@elrod.me>
 2022-12-20 17:05:44 -06:00
Satoe Imaishi
e363ddf470 Add back pkgconfig for offline build 2022-12-15 20:49:28 -05:00
John Westcott IV
7129f3e8cd Updating python3-saml (#13263) 
Moved to forked version to get latest lxml to allow other pacakges to update
 2022-12-15 12:15:09 -03:00
John Westcott IV
ec7e2284df Pinning django-split-settings per build issue 2022-12-02 08:27:32 -05:00
John Westcott IV
fe48dc412f Cleaning up requirements.in 
Removing all >= dependencies as these were upgraded past the >= version with the last update.

The following libraries were secondary imports and were removed from the requirements.in as we are past the version required to fix their CVEs:
    * autobhan
    * kubernetes
    * pyjwt
    * sqlparse
 2022-11-28 15:23:50 -05:00
John Westcott IV
3a25c4221f Pinning xmlsec to allow for lxml 4.7.0 2022-11-28 15:23:50 -05:00
John Westcott IV
c7692f5c56 Pinning pyparsing due to testing issues 2022-11-28 15:23:50 -05:00
John Westcott IV
a1edc75c11 General lib upgrades 2022-11-28 15:23:50 -05:00
Lila Yasin
a3b21b261c Merge pull request #13178 from john-westcott-iv/update_django_patch 
Updating the patch release of django per dependabot alerts
 2022-11-16 10:58:38 -05:00