External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-15 10:10:01 -03:30
Code Issues Packages Projects Releases Wiki Activity
34,204 Commits 56 Branches 102 Tags
48ee5b05ee7fd07d897cb9423ec4e12aa77a202d
Commit Graph

251 Commits

Author SHA1 Message Date
Rodrigo Toshiaki Horie
2e8114394b [4.6][dependency] update django for CVE-2024-56374 (#6784) 2025-01-20 18:58:30 -03:00
Jake Jackson
a209751f22 Fix CVE-2024-56201 update jinja2 (#6778) 2025-01-08 13:42:42 -05:00
Pablo H.
b361aef0fb chore: addressing CVE 2024-53908 (#6768) 2024-12-16 14:16:00 -05:00
Seth Foster
df79fa4ae1 bump grpcio CVE-2024-11407 (#6766) 
Signed-off-by: Seth Foster <fosterbseth@gmail.com>
 2024-12-16 13:23:24 -05:00
Peter Braun
56d3933154 feat: enable django flags support (#15660) (#6755) 
* feat: enable django flags support

* add django flags license

* re-run updater script
 2024-12-09 09:40:28 +01:00
Peter Braun
148afce455 deps: receptorctl v1.5.1 (#6760) 2024-12-06 16:12:58 +01:00
Peter Braun
8174a28716 update receptorctl to v1.5.0 (#6749) 2024-11-25 15:37:01 +01:00
Satoe Imaishi
71a18c0d61 Bump uwsgi to 2.0.28 (#6736) 2024-11-22 10:54:52 -05:00
Hao Liu
c55fb369fa Update receptorctl to 1.4.11 (#6746) 2024-11-21 16:31:09 -05:00
Jake Jackson
2c3b4ff5d7 [4.6][dependency] update aiohttp to address vuln CVE-2024-52304 (#6740) 
* update aiohttp to address vuln CVE-2024-52304

* add licenses for new deps
 2024-11-21 16:21:34 -05:00
Hao Liu
7972486594 Update receptorctl to 1.4.9 (#6718) 2024-10-17 11:27:21 -04:00
Tomas Z
d1c85dae4d Upgrade django and sqlparse to pickup CVE fixes (#6709) 2024-10-04 15:51:12 -04:00
Hao Liu
6574cfe3a9 Pin dependencies to prepare for release_4.6 release tag (#6707) 
* Pin deps to release prep
- ansible-runner@2.4.0
- receptorctl@1.4.8
- django-ansible-base@c8fbc1e345d4908cc97eaae20771238a5dd35aad
 2024-09-19 16:22:18 +00:00
Jake Jackson
fafed924e3 rebase and merge conflict resolution (#6692) 2024-09-17 16:46:12 +00:00
Jake Jackson
eb4f3c2864 update urllib to fix CVE-2024-37891 (#6700) 2024-09-17 12:14:28 -04:00
Jake Jackson
bcd18e161c fix CVE-2024-21520 (#6687) 2024-09-16 16:04:11 -04:00
Jake Jackson
8b293e7046 update django to 4.2.15 to address multiple CVEs (#6636) 2024-08-15 13:32:26 -04:00
Jake Jackson
467024bc54 fix CVE-2024-33663 and bring in updates for social-auth-app-django (#6634) 2024-08-15 13:32:09 -04:00
jessicamack
bdf3f81016 Unpin channels-redis (#15329) (#6647) 
* unpin channels-redis

The bug that initially caused the upgrade block has been resolved https://github.com/django/channels_redis/issues/332

* replace aioredis Exception with a redis Exception

Version 4.0.0 of channel-redis migrated the underlying Redis library from aioredis to redis-py. The Exception has been changed to an equivalent

* remove unused license

* remove UPGRADE BLOCKER in README

* remove hiredis

it was an indirect dependency from aioredis which was removed

* remove unused license

* add back hiredis

it's potentially providing a performance boost. install explicitly as a part of redis. upgrade to more recent version

* remove UPGRADE BLOCKER for hiredis

it was also addressed as a part of this PR
 2024-08-12 15:03:46 -04:00
Jake Jackson
bfd811f408 Upgrade aiohttp for cve 2024-23829 (#15257) 2024-06-12 19:20:40 +00:00
Jake Jackson
6dc4a4508d fix cve 2024-24680 (#15250) 2024-06-04 15:44:09 -04:00
Hao Liu
cf09a4220d Repin cython due to https://github.com/yaml/pyyaml/pull/702 (#15248) 
* Revert "Unpin cypthon (#15246)"

This reverts commit 659c3b64de.

* Pin grpcio

Avoid cython 3 due to https://github.com/yaml/pyyaml/pull/702

* Delete asyncpg.txt
 2024-06-03 19:42:20 +00:00
Hao Liu
659c3b64de Unpin cypthon (#15246) 
* Unpin cython

* Remove unused asyncpg

* Remove asyncpg license file
 2024-06-03 11:41:56 -04:00
Chris Meyers
a15bcf1d55 Add requirements comment 2024-05-31 13:55:17 -04:00
Chris Meyers
cae42653bf Add recording 
* Always output awx logs to a file via otel
* That log file can always be later replayed into a product that
  supports otlp at a later date.
* Useful when you find a problem that you need a time series DB to help
  find and solve.
* Useful if a community member or customer has a problem where a time
  series db would be helpful. You can take a "remote" users log and
  replay it locally for analysis.
 2024-05-31 13:55:17 -04:00
Chris Meyers
da46a29f40 Move requirements out of dev and into mainline 
* Add new package license files
 2024-05-31 13:55:17 -04:00
Alan Rominger
014534bfa5 Upgrade DRF (#15144) 
* Upgrade DRF

* Fix failures caused by DRF upgrade
 2024-04-25 15:37:08 -04:00
Alan Rominger
e3af658f82 Use released version of django-radius (#15103) 2024-04-12 16:34:23 -04:00
Cesar Francisco San Nicolas Martinez
393d9c39c6 Mismatch dependencies version (#14986) 
* Fixed mismatch between setuptools version in the makefile and requirements file

* Fix mismatch of versions in makefile and requirements

* Added maturin license
 2024-03-14 13:32:56 +01:00
Dave
12843eccf7 AAP-13369 Python 3.9 -> 3.11 upgrade (#14771) 
* Python 3.9 -> 3.11 upgrade

* Test: updating azure-keyvault to 4.2.0

* Revert "Test: updating azure-keyvault to 4.2.0"

This reverts commit cf0b83699442e0c0de4a1152d4af8543a5e05b88.

* Test: updating azure-keyvault to latest and adding azure-identity

* Fix licenses

* Adding new licenses

* Revert "Fix licenses"

This reverts commit da3876911ef5ebbe7a8adbddd336ced3039b6228.

* Fixing dependencies

* Test: updating azure-keyvault to 4.2.0

* Fix licenses

* Revert "Fix licenses"

This reverts commit da3876911ef5ebbe7a8adbddd336ced3039b6228.

* Fixing dependencies

---------

Co-authored-by: César Francisco San Nicolás Martínez <csannico@redhat.com>
 2024-03-13 14:41:40 +01:00
Hao Liu
88e406e121 Fix CVEs and bump receptorctl (#14925) 
CVE-2023-47627
CVE-2023-49083
CVE-2023-41040
CVE-2024-22195
CVE-2023-46137
 2024-02-26 15:48:38 +00:00
Alan Rominger
4d80f886e0 Revert "Drop cython dep" (#14884) 
* Revert "Remove cython lib"

This reverts commit 46f816e7a4.

* Revert "WIP consider droping cython dep"

This reverts commit 54b32c10f0.

* Update Cython comment
 2024-02-15 11:58:17 -05:00
Alan Rominger
54b32c10f0 WIP consider droping cython dep 2024-02-13 14:45:28 +00:00
jessicamack
b091f6cf79 Add django-ansible-base (#14705) 
* add django-ansible-base

Signed-off-by: jessicamack <jmack@redhat.com>

* add licenses

* add django-ansible-base

Signed-off-by: jessicamack <jmack@redhat.com>

* add licenses

* apply patch to fix permissions issue

---------

Signed-off-by: jessicamack <jmack@redhat.com>
 2023-12-07 11:45:44 -05:00
Hao Liu
bcefcd8cf8 Remove specific version for receptorctl (#14593) 2023-10-19 22:49:42 -04:00
Hao Liu
e9bd99c1ff Fix CVE-2023-43665 (#14561) 2023-10-12 14:00:32 -04:00
Alan Rominger
19ca480078 Upgrade client library for dsv since tss already landed (#14362) 2023-10-11 16:01:22 -04:00
Hao Liu
a88e47930c Update django version to address CVE-2023-41164 (#14460) 2023-09-27 09:36:02 -04:00
Hao Liu
ffa59864ee Fix CVE-2023-40267 (#14388) 
CVE-2023-40267 GitPython: Insecure non-multi options in clone and clone_from is not blocked https://bugzilla.redhat.com/show_bug.cgi?id=2231474

GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.

References:
gitpython-developers/GitPython@ca965ec gitpython-developers/GitPython#1609
 2023-08-28 15:35:32 -04:00
Rick Elrod
4dd823121a Update cryptography for CVE-2023-38325 (#14358) 
Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-08-23 10:54:20 -05:00
delinea-sagar
c75757bf22 Update python-tss-sdk dependency (#14207) 
Signed-off-by: delinea-sagar <sagar.wani@c.delinea.com>
 2023-08-16 20:07:35 +00:00
Alan Rominger
284bd8377a Integrate scheduler into dispatcher main loop (#14067) 
Dispatcher refactoring to get pg_notify publish payload
  as separate method

Refactor periodic module under dispatcher entirely
  Use real numbers for schedule reference time
  Run based on due_to_run method

Review comments about naming and code comments
 2023-08-10 14:43:07 -04:00
Seth Foster
601b62deef bump python-daemon package (#14301) 2023-08-01 01:39:17 +00:00
Rick Elrod
445d892050 Drop unused django-taggit dependency (#14241) 
This drops the django-taggit dependency and drops the relevant fields
from old migrations.

Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-07-31 10:05:27 -05:00
Satoe Imaishi
8e2a5ed8ae Require pyyaml >= 6.0.1 (#14262) 2023-07-18 16:25:14 -05:00
Rick Elrod
8cfb704f86 Migrate from django-redis to Django's built-in Redis caching support (#14210) 
Signed-off-by: Rick Elrod <rick@elrod.me>
 2023-07-13 12:16:16 -05:00
John Westcott IV
efcac860de Upgrade django to 4.2.3 (#14228) 2023-07-13 08:52:50 -04:00
Gabriel Muniz
9676a95e05 Add AWS Secretsmanager plugin (#13778) 
Co-authored-by: Jessica Steurer <70719005+jay-steurer@users.noreply.github.com>
 2023-06-15 10:12:02 -04:00
John Westcott IV
dfe8b3b16b Removes psycopg2 in favor of psycopg3 2023-06-14 17:40:15 -04:00
John Westcott IV
098861d906 Updated sqlparse library (#13962) 
Co-authored-by: Jessica Steurer <70719005+jay-steurer@users.noreply.github.com>
 2023-05-24 08:09:29 -03:00