ansible/ansible-rpmlintrc

# Modules are scripts by definition but are executed from ansible not directly
addFilter("non-executable-script.*/usr/lib/python.*/site-packages/ansible/modules/.*");
# same as utils and runner script
addFilter("non-executable-script.*/usr/lib/python.*/site-packages/ansible/(cli|galaxy|module_utils|plugins/action|runner|utils)/.*.py");
# no really a lib - ignore rpmlint for this package explicitely
addFilter("explicit-lib-dependency python3-passlib");
# # standard files, needed for python
# addFilter("files-duplicate /usr/lib/python.*/site-packages/ansible/.*");
# # same for the ansible-test sub-package
# addFilter("files-duplicate /usr/lib/python.*/site-packages/ansible_test/.*");
Accepting request 263653 from home:bmanojlovic:ansible - updated package to latest release ## 1.8.1 "You Really Got Me" * Various bug fixes in postgresql and mysql modules. * Fixed a bug related to lookup plugins used within roles not finding files based on the relative paths to the roles files/ directory. * Fixed a bug related to vars specified in plays being templated too early, resulting in incorrect variable interpolation. * Fixed a bug related to git submodules in bare repos. * fact caching support, pluggable, initially supports Redis (DOCS pending) * 'serial' size in a rolling update can be specified as a percentage * added new Jinja2 filters, 'min' and 'max' that take lists * new 'ansible_version' variable available contains a dictionary of version info * For ec2 dynamic inventory, ec2.ini can has various new configuration options * 'ansible vault view filename.yml' opens filename.yml decrypted in a pager. * no_log parameter now surpressess data from callbacks/output as well as syslog * ansible-galaxy install -f requirements.yml allows advanced options and installs from non-galaxy SCM sources and tarballs. * command_warnings feature will warn about when usage of the shell/command module can be simplified to use core modules - this can be enabled in ansible.cfg * new omit value can be used to leave off a parameter when not set, like so module_name: a=1 b={{ c \| default(omit) }}, would not pass value for b (not even an empty value) if c was not set. * developers: 'baby JSON' in module responses, originally intended for writing modules in bash, is removed as a feature to simplify logic, script module remains available for running bash scripts. * async jobs started in "fire & forget" mode can now be checked on at a later time. * added ability to subcategorize modules for docs.ansible.com * added ability for shipped modules to have aliases with symlinks * added ability to deprecate older modules by starting with "_" and including "deprecated: message why" in module docs + New Modules: OBS-URL: https://build.opensuse.org/request/show/263653 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=33 2014-12-01 19:05:08 +01:00			`# Modules are scripts by definition but are executed from ansible not directly`
			`addFilter("non-executable-script./usr/lib/python./site-packages/ansible/modules/.*");`
			`# same as utils and runner script`
Accepting request 359109 from home:rainbowtux:branches:systemsmanagement Hopefully I got all ducks in a row now, if not please let me know how I can improve the submission. Thanks a lot! OBS-URL: https://build.opensuse.org/request/show/359109 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=57 2016-02-15 12:28:25 +01:00			`addFilter("non-executable-script./usr/lib/python./site-packages/ansible/(cli\|galaxy\|module_utils\|plugins/action\|runner\|utils)/.*.py");`
- Create system directories that Ansible defines as default locations in ansible/config/base.yml - rephrase the summary line - Disable shebang munging for specific paths. These files are data files. ansible-test munges the shebangs itself. OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=156 2019-11-21 17:28:08 +01:00			`# no really a lib - ignore rpmlint for this package explicitely`
			`addFilter("explicit-lib-dependency python3-passlib");`
Accepting request 809080 from home:mcepl:branches:systemsmanagement - Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733 (bsc#1164140) - Add metadata information to this file to mark which SUSE bugzilla have been already fixed. - bsc#1164140 CVE-2020-1733 - insecure temporary directory when running become_user from become directive - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe lookup plugin subprocess - bsc#1164137 CVE-2020-1735 - path injection on dest parameter in fetch module - bsc#1164134 CVE-2020-1736 atomic_move primitive sets permissive permissions - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip module does not check extracted path - bsc#1164136 CVE-2020-1738 module package can be selected by the ansible facts - bsc#1164133 CVE-2020-1739 - svn module leaks password when specified as a parameter - bsc#1164135 CVE-2020-1740 - secrets readable after ansible-vault edit - bsc#1165393 CVE-2020-1746 - information disclosure issue in ldap_attr and ldap_entry modules - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks sensitive information - CVE-2020-10684 - code injection when using ansible_facts as a subkey - bsc#1167440 CVE-2020-10685 - modules which use files encrypted with vault are not properly cleaned up - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2] - update to version 2.9.6 (maintenance release) including OBS-URL: https://build.opensuse.org/request/show/809080 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183 2020-05-26 23:14:44 +02:00			`# # standard files, needed for python`
			`# addFilter("files-duplicate /usr/lib/python./site-packages/ansible/.");`
			`# # same for the ansible-test sub-package`
			`# addFilter("files-duplicate /usr/lib/python./site-packages/ansible_test/.");`