mirror of
https://github.com/ansible-collections/community.crypto.git
synced 2026-03-26 21:33:25 +00:00
Release 3.0.0.
This commit is contained in:
Felix Fontein
512
CHANGELOG.md
512
CHANGELOG.md
File diff suppressed because it is too large
Load Diff
@@ -4,53 +4,19 @@ Community Crypto Release Notes
|
||||
|
||||
.. contents:: Topics
|
||||
|
||||
v3.0.0-rc1
|
||||
==========
|
||||
v3.0.0
|
||||
======
|
||||
|
||||
Release Summary
|
||||
---------------
|
||||
|
||||
First release candidate for new major 3.0.0 release. Contains two bugfixes and some refactorings.
|
||||
New major release of community.crypto with a lot of code modernization.
|
||||
This release drops compatibility for ansible-core before 2.17, for Python
|
||||
before 3.7, and for cryptography before 3.3.
|
||||
It also removes all Entrust modules, and the Entrust provider for the
|
||||
``community.crypto.x509_certificate*`` modules.
|
||||
|
||||
Minor Changes
|
||||
-------------
|
||||
|
||||
- Remove various no longer needed abstraction layers for multiple backends (https://github.com/ansible-collections/community.crypto/pull/912).
|
||||
- Various code refactorings (https://github.com/ansible-collections/community.crypto/pull/905, https://github.com/ansible-collections/community.crypto/pull/909, https://github.com/ansible-collections/community.crypto/pull/911, https://github.com/ansible-collections/community.crypto/pull/913, https://github.com/ansible-collections/community.crypto/pull/914, https://github.com/ansible-collections/community.crypto/pull/917).
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- acme_account - make work with CAs that do not accept any account request without External Account Binding data (https://github.com/ansible-collections/community.crypto/issues/918, https://github.com/ansible-collections/community.crypto/pull/919).
|
||||
- openssl_csr, openssl_csr_pipe - avoid accessing internal members of cryptography's ``KeyUsage`` extension object (https://github.com/ansible-collections/community.crypto/pull/910).
|
||||
|
||||
v3.0.0-a2
|
||||
=========
|
||||
|
||||
Release Summary
|
||||
---------------
|
||||
|
||||
Second pre-release for community.crypto 3.0.0.
|
||||
|
||||
This release removes all Entrust content.
|
||||
|
||||
Removed Features (previously deprecated)
|
||||
----------------------------------------
|
||||
|
||||
- All Entrust content is being removed since the Entrust service in currently being sunsetted after the sale of Entrust's Public Certificates Business to Sectigo; see `the announcement with key dates <https://www.entrust.com/tls-certificate-information-center>`__ and `the migration brief for customers <https://www.sectigo.com/uploads/resources/EOL_Migration-Brief-End-Customer.pdf>`__ for details. Since this process will be completed in 2025, we decided to remove all Entrust content from community.general 3.0.0 (https://github.com/ansible-collections/community.crypto/issues/895, https://github.com/ansible-collections/community.crypto/pull/901).
|
||||
- ecs_certificate - the module has been removed. Please use community.crypto 2.x.y if you need this module (https://github.com/ansible-collections/community.crypto/pull/900).
|
||||
- ecs_domain - the module has been removed. Please use community.crypto 2.x.y if you need this module (https://github.com/ansible-collections/community.crypto/pull/900).
|
||||
- x509_certificate - the ``entrust`` provider has been removed. Please use community.crypto 2.x.y if you need this provider (https://github.com/ansible-collections/community.crypto/pull/900).
|
||||
- x509_certificate_pipe - the ``entrust`` provider has been removed. Please use community.crypto 2.x.y if you need this provider (https://github.com/ansible-collections/community.crypto/pull/900).
|
||||
|
||||
v3.0.0-a1
|
||||
=========
|
||||
|
||||
Release Summary
|
||||
---------------
|
||||
|
||||
First pre-release for community.crypto 3.0.0.
|
||||
This release drops compatibility for ansible-core before 2.17, for Python before 3.7, and for cryptography before 3.3.
|
||||
See below for a more detailled list of changes.
|
||||
|
||||
Minor Changes
|
||||
-------------
|
||||
@@ -66,7 +32,9 @@ Minor Changes
|
||||
- Python code modernization: use f-strings instead of ``%`` and ``str.format()`` (https://github.com/ansible-collections/community.crypto/pull/875).
|
||||
- Remove ``backend`` parameter from internal code whenever possible (https://github.com/ansible-collections/community.crypto/pull/883).
|
||||
- Remove various compatibility code for cryptography < 3.3 (https://github.com/ansible-collections/community.crypto/pull/878).
|
||||
- Remove various no longer needed abstraction layers for multiple backends (https://github.com/ansible-collections/community.crypto/pull/912).
|
||||
- Remove vendored copy of ``distutils.version`` in favor of vendored copy included with ansible-core 2.12+ (https://github.com/ansible-collections/community.crypto/pull/371).
|
||||
- Various code refactorings (https://github.com/ansible-collections/community.crypto/pull/905, https://github.com/ansible-collections/community.crypto/pull/909, https://github.com/ansible-collections/community.crypto/pull/911, https://github.com/ansible-collections/community.crypto/pull/913, https://github.com/ansible-collections/community.crypto/pull/914, https://github.com/ansible-collections/community.crypto/pull/917).
|
||||
- acme_* modules - improve parsing of ``Retry-After`` reply headers in regular ACME requests (https://github.com/ansible-collections/community.crypto/pull/890).
|
||||
- action_module plugin utils - remove compatibility with older ansible-core/ansible-base/Ansible versions (https://github.com/ansible-collections/community.crypto/pull/872).
|
||||
- x509_certificate, x509_certificate_pipe - the ``ownca_version`` and ``selfsigned_version`` parameters explicitly only allow the value ``3``. The module already failed for other values in the past, now this is validated as part of the module argument spec (https://github.com/ansible-collections/community.crypto/pull/890).
|
||||
@@ -86,11 +54,13 @@ Deprecated Features
|
||||
-------------------
|
||||
|
||||
- acme_certificate - deprecate the ``agreement`` option which has no more effect. It will be removed from community.crypto 4.0.0 (https://github.com/ansible-collections/community.crypto/pull/891).
|
||||
- acme_certificate - the option ``modify_account``'s default value ``true`` has been deprecated. It will change to ``false`` in community.crypto 4.0.0. We recommend to set the option to an explicit value to avoid deprecation warnings, and to prefer setting it to ``false`` already now. Better use the ``community.crypto.acme_account`` module instead (https://github.com/ansible-collections/community.crypto/issues/924).
|
||||
- openssl_pkcs12 - deprecate the ``maciter_size`` option which has no more effect. It will be removed from community.crypto 4.0.0 (https://github.com/ansible-collections/community.crypto/pull/891).
|
||||
|
||||
Removed Features (previously deprecated)
|
||||
----------------------------------------
|
||||
|
||||
- All Entrust content is being removed since the Entrust service in currently being sunsetted after the sale of Entrust's Public Certificates Business to Sectigo; see `the announcement with key dates <https://www.entrust.com/tls-certificate-information-center>`__ and `the migration brief for customers <https://www.sectigo.com/uploads/resources/EOL_Migration-Brief-End-Customer.pdf>`__ for details. Since this process will be completed in 2025, we decided to remove all Entrust content from community.general 3.0.0 (https://github.com/ansible-collections/community.crypto/issues/895, https://github.com/ansible-collections/community.crypto/pull/901).
|
||||
- The collection no longer supports cryptography < 3.3 (https://github.com/ansible-collections/community.crypto/pull/878, https://github.com/ansible-collections/community.crypto/pull/882).
|
||||
- acme.acme module utils - the ``get_default_argspec()`` function has been removed. Use ``create_default_argspec()`` instead (https://github.com/ansible-collections/community.crypto/pull/873).
|
||||
- acme.backends module utils - the methods ``get_ordered_csr_identifiers()`` and ``get_cert_information()`` of ``CryptoBackend`` now must be implemented (https://github.com/ansible-collections/community.crypto/pull/873).
|
||||
@@ -101,13 +71,23 @@ Removed Features (previously deprecated)
|
||||
- crypto.cryptography_support module utils - remove ``cryptography_serial_number_of_cert()`` helper function (https://github.com/ansible-collections/community.crypto/pull/878).
|
||||
- crypto.module_backends.common module utils - this module utils has been removed. Use the ``argspec`` module utils instead (https://github.com/ansible-collections/community.crypto/pull/873).
|
||||
- crypto.support module utils - remove ``pyopenssl`` backend (https://github.com/ansible-collections/community.crypto/pull/874).
|
||||
- ecs_certificate - the module has been removed. Please use community.crypto 2.x.y if you need this module (https://github.com/ansible-collections/community.crypto/pull/900).
|
||||
- ecs_domain - the module has been removed. Please use community.crypto 2.x.y if you need this module (https://github.com/ansible-collections/community.crypto/pull/900).
|
||||
- execution environment dependencies - remove PyOpenSSL dependency (https://github.com/ansible-collections/community.crypto/pull/874).
|
||||
- openssl_csr_pipe - the module now ignores check mode and will always behave as if check mode is not active (https://github.com/ansible-collections/community.crypto/pull/873).
|
||||
- openssl_pkcs12 - support for the ``pyopenssl`` backend has been removed (https://github.com/ansible-collections/community.crypto/pull/873).
|
||||
- openssl_privatekey_pipe - the module now ignores check mode and will always behave as if check mode is not active (https://github.com/ansible-collections/community.crypto/pull/873).
|
||||
- time module utils - remove ``pyopenssl`` backend (https://github.com/ansible-collections/community.crypto/pull/874).
|
||||
- x509_certificate - the ``entrust`` provider has been removed. Please use community.crypto 2.x.y if you need this provider (https://github.com/ansible-collections/community.crypto/pull/900).
|
||||
- x509_certificate_pipe - the ``entrust`` provider has been removed. Please use community.crypto 2.x.y if you need this provider (https://github.com/ansible-collections/community.crypto/pull/900).
|
||||
- x509_certificate_pipe - the module now ignores check mode and will always behave as if check mode is not active (https://github.com/ansible-collections/community.crypto/pull/873).
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- acme_account - make work with CAs that do not accept any account request without External Account Binding data (https://github.com/ansible-collections/community.crypto/issues/918, https://github.com/ansible-collections/community.crypto/pull/919).
|
||||
- openssl_csr, openssl_csr_pipe - avoid accessing internal members of cryptography's ``KeyUsage`` extension object (https://github.com/ansible-collections/community.crypto/pull/910).
|
||||
|
||||
v2.26.1
|
||||
=======
|
||||
|
||||
|
||||
@@ -1804,3 +1804,29 @@ releases:
|
||||
- 919-acme_account-ear.yml
|
||||
- refactoring.yml
|
||||
release_date: '2025-06-14'
|
||||
3.0.0:
|
||||
changes:
|
||||
deprecated_features:
|
||||
- acme_certificate - the option ``modify_account``'s default value ``true``
|
||||
has been deprecated. It will change to ``false`` in community.crypto 4.0.0.
|
||||
We recommend to set the option to an explicit value to avoid deprecation
|
||||
warnings, and to prefer setting it to ``false`` already now. Better use
|
||||
the ``community.crypto.acme_account`` module instead (https://github.com/ansible-collections/community.crypto/issues/924).
|
||||
release_summary: 'New major release of community.crypto with a lot of code modernization.
|
||||
|
||||
This release drops compatibility for ansible-core before 2.17, for Python
|
||||
|
||||
before 3.7, and for cryptography before 3.3.
|
||||
|
||||
It also removes all Entrust modules, and the Entrust provider for the
|
||||
|
||||
``community.crypto.x509_certificate*`` modules.
|
||||
|
||||
|
||||
See below for a more detailled list of changes.
|
||||
|
||||
'
|
||||
fragments:
|
||||
- 3.0.0.yml
|
||||
- 924-acme_certificate-modify_account.yml
|
||||
release_date: '2025-07-02'
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
release_summary: |
|
||||
New major release of community.crypto with a lot of code modernization.
|
||||
This release drops compatibility for ansible-core before 2.17, for Python
|
||||
before 3.7, and for cryptography before 3.3.
|
||||
It also removes all Entrust modules, and the Entrust provider for the
|
||||
``community.crypto.x509_certificate*`` modules.
|
||||
|
||||
See below for a more detailled list of changes.
|
||||
@@ -1,5 +0,0 @@
|
||||
deprecated_features:
|
||||
- "acme_certificate - the option ``modify_account``'s default value ``true`` has been deprecated. It will change to ``false`` in community.crypto 4.0.0.
|
||||
We recommend to set the option to an explicit value to avoid deprecation warnings, and to prefer setting it to ``false`` already now.
|
||||
Better use the ``community.crypto.acme_account`` module instead
|
||||
(https://github.com/ansible-collections/community.crypto/issues/924)."
|
||||
Reference in New Issue
Block a user