Release 10.7.2.

[PR #10409/a36ad54b backport][stable-10] doc style adjustments: modules i* (#10410 )
doc style adjustments: modules i* (#10409) (cherry picked from commit a36ad54b53) Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2026-04-28 17:36:49 +00:00 · 2025-07-14 15:39:20 +02:00 · 2025-07-14 15:34:36 +02:00 · 2025-07-14 07:47:50 +02:00 · 2025-07-14 07:23:05 +02:00 · 2025-07-13 15:50:28 +00:00
924 changed files with 28927 additions and 20210 deletions
--- a/.azure-pipelines/azure-pipelines.yml
+++ b/.azure-pipelines/azure-pipelines.yml
@@ -29,22 +29,20 @@ schedules:
    always: true
    branches:
      include:
+        - stable-11
        - stable-10
-        - stable-9
  - cron: 0 11 * * 0
    displayName: Weekly (old stable branches)
    always: true
    branches:
      include:
-        - stable-8
+        - stable-9

 variables:
  - name: checkoutPath
    value: ansible_collections/community/general
  - name: coverageBranches
    value: main
-  - name: pipelinesCoverage
-    value: coverage
  - name: entryPoint
    value: tests/utils/shippable/shippable.sh
  - name: fetchDepth
@@ -72,7 +70,19 @@ stages:
            - test: 2
            - test: 3
            - test: 4
-            - test: extra
+  - stage: Sanity_2_19
+    displayName: Sanity 2.19
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Test {0}
+          testFormat: 2.19/sanity/{0}
+          targets:
+            - test: 1
+            - test: 2
+            - test: 3
+            - test: 4
  - stage: Sanity_2_18
    displayName: Sanity 2.18
    dependsOn: []
@@ -128,6 +138,17 @@ stages:
            - test: '3.11'
            - test: '3.12'
            - test: '3.13'
+  - stage: Units_2_19
+    displayName: Units 2.19
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.19/units/{0}/1
+          targets:
+            - test: 3.9
+            - test: "3.13"
  - stage: Units_2_18
    displayName: Units 2.18
    dependsOn: []
@@ -190,14 +211,30 @@ stages:
        parameters:
          testFormat: devel/{0}
          targets:
-            - name: macOS 14.3
-              test: macos/14.3
+            - name: macOS 15.3
+              test: macos/15.3
+            - name: RHEL 10.0
+              test: rhel/10.0
            - name: RHEL 9.5
              test: rhel/9.5
            - name: FreeBSD 14.2
              test: freebsd/14.2
-            - name: FreeBSD 13.4
-              test: freebsd/13.4
+            - name: FreeBSD 13.5
+              test: freebsd/13.5
+          groups:
+            - 1
+            - 2
+            - 3
+  - stage: Remote_2_19
+    displayName: Remote 2.19
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.19/{0}
+          targets:
+            - name: RHEL 10.0
+              test: rhel/10.0
          groups:
            - 1
            - 2
@@ -210,6 +247,8 @@ stages:
        parameters:
          testFormat: 2.18/{0}
          targets:
+            - name: macOS 14.3
+              test: macos/14.3
            - name: RHEL 9.4
              test: rhel/9.4
            - name: FreeBSD 14.1
@@ -230,8 +269,6 @@ stages:
              test: freebsd/13.3
            - name: RHEL 9.3
              test: rhel/9.3
-            - name: FreeBSD 14.0
-              test: freebsd/14.0
          groups:
            - 1
            - 2
@@ -280,6 +317,20 @@ stages:
            - 1
            - 2
            - 3
+  - stage: Docker_2_19
+    displayName: Docker 2.19
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.19/linux/{0}
+          targets:
+            - name: Ubuntu 24.04
+              test: ubuntu2404
+          groups:
+            - 1
+            - 2
+            - 3
  - stage: Docker_2_18
    displayName: Docker 2.18
    dependsOn: []
@@ -371,6 +422,17 @@ stages:
 #            - test: '3.8'
 #            - test: '3.11'
 #            - test: '3.13'
+#  - stage: Generic_2_19
+#    displayName: Generic 2.19
+#    dependsOn: []
+#    jobs:
+#      - template: templates/matrix.yml
+#        parameters:
+#          nameFormat: Python {0}
+#          testFormat: 2.19/generic/{0}/1
+#          targets:
+#            - test: '3.9'
+#            - test: '3.13'
 #  - stage: Generic_2_18
 #    displayName: Generic 2.18
 #    dependsOn: []
@@ -410,25 +472,30 @@ stages:
    condition: succeededOrFailed()
    dependsOn:
      - Sanity_devel
+      - Sanity_2_19
      - Sanity_2_18
      - Sanity_2_17
      - Sanity_2_16
      - Units_devel
+      - Units_2_19
      - Units_2_18
      - Units_2_17
      - Units_2_16
      - Remote_devel_extra_vms
      - Remote_devel
+      - Remote_2_19
      - Remote_2_18
      - Remote_2_17
      - Remote_2_16
      - Docker_devel
+      - Docker_2_19
      - Docker_2_18
      - Docker_2_17
      - Docker_2_16
      - Docker_community_devel
 # Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
 #      - Generic_devel
+#      - Generic_2_19
 #      - Generic_2_18
 #      - Generic_2_17
 #      - Generic_2_16
--- a/.azure-pipelines/templates/coverage.yml
+++ b/.azure-pipelines/templates/coverage.yml
@@ -28,16 +28,6 @@ jobs:
      - bash: .azure-pipelines/scripts/report-coverage.sh
        displayName: Generate Coverage Report
        condition: gt(variables.coverageFileCount, 0)
-      - task: PublishCodeCoverageResults@1
-        inputs:
-          codeCoverageTool: Cobertura
-          # Azure Pipelines only accepts a single coverage data file.
-          # That means only Python or PowerShell coverage can be uploaded, but not both.
-          # Set the "pipelinesCoverage" variable to determine which type is uploaded.
-          # Use "coverage" for Python and "coverage-powershell" for PowerShell.
-          summaryFileLocation: "$(outputPath)/reports/$(pipelinesCoverage).xml"
-        displayName: Publish to Azure Pipelines
-        condition: gt(variables.coverageFileCount, 0)
      - bash: .azure-pipelines/scripts/publish-codecov.py "$(outputPath)"
        displayName: Publish to codecov.io
        condition: gt(variables.coverageFileCount, 0)
--- a/.azure-pipelines/templates/matrix.yml
+++ b/.azure-pipelines/templates/matrix.yml
@@ -50,11 +50,11 @@ jobs:
    parameters:
      jobs:
        - ${{ if eq(length(parameters.groups), 0) }}:
-          - ${{ each target in parameters.targets }}:
-            - name: ${{ format(parameters.nameFormat, coalesce(target.name, target.test)) }}
-              test: ${{ format(parameters.testFormat, coalesce(target.test, target.name)) }}
-        - ${{ if not(eq(length(parameters.groups), 0)) }}:
-          - ${{ each group in parameters.groups }}:
            - ${{ each target in parameters.targets }}:
-              - name: ${{ format(format(parameters.nameGroupFormat, parameters.nameFormat), coalesce(target.name, target.test), group) }}
-                test: ${{ format(format(parameters.testGroupFormat, parameters.testFormat), coalesce(target.test, target.name), group) }}
+                - name: ${{ format(parameters.nameFormat, coalesce(target.name, target.test)) }}
+                  test: ${{ format(parameters.testFormat, coalesce(target.test, target.name)) }}
+        - ${{ if not(eq(length(parameters.groups), 0)) }}:
+            - ${{ each group in parameters.groups }}:
+                - ${{ each target in parameters.targets }}:
+                    - name: ${{ format(format(parameters.nameGroupFormat, parameters.nameFormat), coalesce(target.name, target.test), group) }}
+                      test: ${{ format(format(parameters.testGroupFormat, parameters.testFormat), coalesce(target.test, target.name), group) }}
--- a/.azure-pipelines/templates/test.yml
+++ b/.azure-pipelines/templates/test.yml
@@ -14,37 +14,37 @@ parameters:

 jobs:
  - ${{ each job in parameters.jobs }}:
-    - job: test_${{ replace(replace(replace(job.test, '/', '_'), '.', '_'), '-', '_') }}
-      displayName: ${{ job.name }}
-      container: default
-      workspace:
-        clean: all
-      steps:
-        - checkout: self
-          fetchDepth: $(fetchDepth)
-          path: $(checkoutPath)
-        - bash: .azure-pipelines/scripts/run-tests.sh "$(entryPoint)" "${{ job.test }}" "$(coverageBranches)"
-          displayName: Run Tests
-        - bash: .azure-pipelines/scripts/process-results.sh
-          condition: succeededOrFailed()
-          displayName: Process Results
-        - bash: .azure-pipelines/scripts/aggregate-coverage.sh "$(Agent.TempDirectory)"
-          condition: eq(variables.haveCoverageData, 'true')
-          displayName: Aggregate Coverage Data
-        - task: PublishTestResults@2
-          condition: eq(variables.haveTestResults, 'true')
-          inputs:
-            testResultsFiles: "$(outputPath)/junit/*.xml"
-          displayName: Publish Test Results
-        - task: PublishPipelineArtifact@1
-          condition: eq(variables.haveBotResults, 'true')
-          displayName: Publish Bot Results
-          inputs:
-            targetPath: "$(outputPath)/bot/"
-            artifactName: "Bot $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"
-        - task: PublishPipelineArtifact@1
-          condition: eq(variables.haveCoverageData, 'true')
-          displayName: Publish Coverage Data
-          inputs:
-            targetPath: "$(Agent.TempDirectory)/coverage/"
-            artifactName: "Coverage $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"
+      - job: test_${{ replace(replace(replace(job.test, '/', '_'), '.', '_'), '-', '_') }}
+        displayName: ${{ job.name }}
+        container: default
+        workspace:
+          clean: all
+        steps:
+          - checkout: self
+            fetchDepth: $(fetchDepth)
+            path: $(checkoutPath)
+          - bash: .azure-pipelines/scripts/run-tests.sh "$(entryPoint)" "${{ job.test }}" "$(coverageBranches)"
+            displayName: Run Tests
+          - bash: .azure-pipelines/scripts/process-results.sh
+            condition: succeededOrFailed()
+            displayName: Process Results
+          - bash: .azure-pipelines/scripts/aggregate-coverage.sh "$(Agent.TempDirectory)"
+            condition: eq(variables.haveCoverageData, 'true')
+            displayName: Aggregate Coverage Data
+          - task: PublishTestResults@2
+            condition: eq(variables.haveTestResults, 'true')
+            inputs:
+              testResultsFiles: "$(outputPath)/junit/*.xml"
+            displayName: Publish Test Results
+          - task: PublishPipelineArtifact@1
+            condition: eq(variables.haveBotResults, 'true')
+            displayName: Publish Bot Results
+            inputs:
+              targetPath: "$(outputPath)/bot/"
+              artifactName: "Bot $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"
+          - task: PublishPipelineArtifact@1
+            condition: eq(variables.haveCoverageData, 'true')
+            displayName: Publish Coverage Data
+            inputs:
+              targetPath: "$(Agent.TempDirectory)/coverage/"
+              artifactName: "Coverage $(System.JobAttempt) $(System.StageDisplayName) $(System.JobDisplayName)"
--- a/.git-blame-ignore-revs
+++ b/.git-blame-ignore-revs
@@ -0,0 +1,9 @@
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+# YAML reformatting
+2b4882549908b5b1fafe5fa10efb47f613a71f94
+8196cacff8e83dc5d7fb88b43ef3cab5d3751c39
+bd4f1a3e5ca1af5afc53636c36767e81a4566978
+a9e892952deef6f91977d7032dd95237a9867509
--- a/.github/BOTMETA.yml
+++ b/.github/BOTMETA.yml
@@ -77,6 +77,8 @@ files:
  $callbacks/opentelemetry.py:
    keywords: opentelemetry observability
    maintainers: v1v
+  $callbacks/print_task.py:
+    maintainers: demonpig
  $callbacks/say.py:
    keywords: brew cask darwin homebrew macosx macports osx
    labels: macos say
@@ -119,6 +121,8 @@ files:
  $connections/saltstack.py:
    labels: saltstack
    maintainers: mscherer
+  $connections/wsl.py:
+    maintainers: rgl
  $connections/zone.py:
    maintainers: $team_ansible_core
  $doc_fragments/:
@@ -208,6 +212,8 @@ files:
    maintainers: resmo
  $filters/to_months.yml:
    maintainers: resmo
+  $filters/to_prettytable.py:
+    maintainers: tgadiev
  $filters/to_seconds.yml:
    maintainers: resmo
  $filters/to_time_unit.yml:
@@ -378,9 +384,13 @@ files:
  $module_utils/oracle/oci_utils.py:
    labels: cloud
    maintainers: $team_oracle
+  $module_utils/pacemaker.py:
+    maintainers: munchtoast
  $module_utils/pipx.py:
    labels: pipx
    maintainers: russoz
+  $module_utils/pkg_req.py:
+    maintainers: russoz
  $module_utils/python_runner.py:
    maintainers: russoz
  $module_utils/puppet.py:
@@ -402,6 +412,8 @@ files:
    maintainers: russoz
  $module_utils/ssh.py:
    maintainers: russoz
+  $module_utils/systemd.py:
+    maintainers: NomakCooper
  $module_utils/storage/hpe3par/hpe3par.py:
    maintainers: farhan7500 gautamphegde
  $module_utils/utm_utils.py:
@@ -413,6 +425,8 @@ files:
  $module_utils/wdc_redfish_utils.py:
    labels: wdc_redfish_utils
    maintainers: $team_wdc
+  $module_utils/xdg_mime.py:
+    maintainers: mhalano
  $module_utils/xenserver.py:
    labels: xenserver
    maintainers: bvitnik
@@ -1054,6 +1068,8 @@ files:
    maintainers: fraff
  $modules/pacemaker_cluster.py:
    maintainers: matbu
+  $modules/pacemaker_resource.py:
+    maintainers: munchtoast
  $modules/packet_:
    maintainers: nurfet-becirevic t0mk
  $modules/packet_device.py:
@@ -1229,9 +1245,9 @@ files:
  $modules/scaleway_compute_private_network.py:
    maintainers: pastral
  $modules/scaleway_container.py:
-     maintainers: Lunik
+    maintainers: Lunik
  $modules/scaleway_container_info.py:
-     maintainers: Lunik
+    maintainers: Lunik
  $modules/scaleway_container_namespace.py:
    maintainers: Lunik
  $modules/scaleway_container_namespace_info.py:
@@ -1364,6 +1380,8 @@ files:
    maintainers: konstruktoid
  $modules/systemd_creds_encrypt.py:
    maintainers: konstruktoid
+  $modules/systemd_info.py:
+    maintainers: NomakCooper
  $modules/sysupgrade.py:
    maintainers: precurse
  $modules/taiga_issue.py:
@@ -1437,6 +1455,8 @@ files:
    maintainers: dinoocch the-maldridge
  $modules/xcc_:
    maintainers: panyy3 renxulei
+  $modules/xdg_mime.py:
+    maintainers: mhalano
  $modules/xenserver_:
    maintainers: bvitnik
  $modules/xenserver_facts.py:
@@ -1543,6 +1563,8 @@ files:
    maintainers: baldwinSPC nurfet-becirevic t0mk teebes
  docs/docsite/rst/guide_scaleway.rst:
    maintainers: $team_scaleway
+  docs/docsite/rst/guide_uthelper.rst:
+    maintainers: russoz
  docs/docsite/rst/guide_vardict.rst:
    maintainers: russoz
  docs/docsite/rst/test_guide.rst:
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -7,147 +7,147 @@ name: Bug report
 description: Create a report to help us improve

 body:
- type: markdown
-  attributes:
-    value: |
-      ⚠
-      Verify first that your issue is not [already reported on GitHub][issue search].
-      Also test if the latest release and devel branch are affected too.
-      *Complete **all** sections as described, this form is processed automatically.*
+  - type: markdown
+    attributes:
+      value: |
+        ⚠
+        Verify first that your issue is not [already reported on GitHub][issue search].
+        Also test if the latest release and devel branch are affected too.
+        *Complete **all** sections as described, this form is processed automatically.*

-      [issue search]: https://github.com/ansible-collections/community.general/search?q=is%3Aissue&type=issues
+        [issue search]: https://github.com/ansible-collections/community.general/search?q=is%3Aissue&type=issues


- type: textarea
-  attributes:
-    label: Summary
-    description: Explain the problem briefly below.
-    placeholder: >-
-      When I try to do X with the collection from the main branch on GitHub, Y
-      breaks in a way Z under the env E. Here are all the details I know
-      about this problem...
-  validations:
-    required: true
-
- type: dropdown
-  attributes:
-    label: Issue Type
-    # FIXME: Once GitHub allows defining the default choice, update this
-    options:
-    - Bug Report
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    # For smaller collections we could use a multi-select and hardcode the list
-    # May generate this list via GitHub action and walking files under https://github.com/ansible-collections/community.general/tree/main/plugins
-    # Select from list, filter as you type (`mysql` would only show the 3 mysql components)
-    # OR freeform - doesn't seem to be supported in adaptivecards
-    label: Component Name
-    description: >-
-      Write the short name of the module, plugin, task or feature below,
-      *use your best guess if unsure*. Do not include `community.general.`!
-    placeholder: dnf, apt, yum, pip, user etc.
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    label: Ansible Version
-    description: >-
-      Paste verbatim output from `ansible --version` between
-      tripple backticks.
-    value: |
-      ```console (paste below)
-      $ ansible --version
-
-      ```
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    label: Community.general Version
-    description: >-
-      Paste verbatim output from "ansible-galaxy collection list community.general"
-      between tripple backticks.
-    value: |
-      ```console (paste below)
-      $ ansible-galaxy collection list community.general
-
-      ```
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    label: Configuration
-    description: >-
-      If this issue has an example piece of YAML that can help to reproduce this problem, please provide it.
-      This can be a piece of YAML from, e.g., an automation, script, scene or configuration.
-      Paste verbatim output from `ansible-config dump --only-changed` between quotes
-    value: |
-      ```console (paste below)
-      $ ansible-config dump --only-changed
-
-      ```
-
-
- type: textarea
-  attributes:
-    label: OS / Environment
-    description: >-
-      Provide all relevant information below, e.g. target OS versions,
-      network device firmware, etc.
-    placeholder: RHEL 8, CentOS Stream etc.
-  validations:
-    required: false
-
-
- type: textarea
-  attributes:
-    label: Steps to Reproduce
-    description: |
-      Describe exactly how to reproduce the problem, using a minimal test-case. It would *really* help us understand your problem if you could also passed any playbooks, configs and commands you used.
-
-      **HINT:** You can paste https://gist.github.com links for larger files.
-    value: |
-      <!--- Paste example playbooks or commands between quotes below -->
-      ```yaml (paste below)
-
-      ```
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    label: Expected Results
-    description: >-
-      Describe what you expected to happen when running the steps above.
-    placeholder: >-
-      I expected X to happen because I assumed Y.
-      that it did not.
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    label: Actual Results
-    description: |
-      Describe what actually happened. If possible run with extra verbosity (`-vvvv`).
-
-      Paste verbatim command output between quotes.
-    value: |
-      ```console (paste below)
-
-      ```
- type: checkboxes
-  attributes:
-    label: Code of Conduct
-    description: |
-      Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
-    options:
-    - label: I agree to follow the Ansible Code of Conduct
+  - type: textarea
+    attributes:
+      label: Summary
+      description: Explain the problem briefly below.
+      placeholder: >-
+        When I try to do X with the collection from the main branch on GitHub, Y
+        breaks in a way Z under the env E. Here are all the details I know
+        about this problem...
+    validations:
      required: true
+
+  - type: dropdown
+    attributes:
+      label: Issue Type
+      # FIXME: Once GitHub allows defining the default choice, update this
+      options:
+        - Bug Report
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      # For smaller collections we could use a multi-select and hardcode the list
+      # May generate this list via GitHub action and walking files under https://github.com/ansible-collections/community.general/tree/main/plugins
+      # Select from list, filter as you type (`mysql` would only show the 3 mysql components)
+      # OR freeform - doesn't seem to be supported in adaptivecards
+      label: Component Name
+      description: >-
+        Write the short name of the module, plugin, task or feature below,
+        *use your best guess if unsure*. Do not include `community.general.`!
+      placeholder: dnf, apt, yum, pip, user etc.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Ansible Version
+      description: >-
+        Paste verbatim output from `ansible --version` between
+        tripple backticks.
+      value: |
+        ```console (paste below)
+        $ ansible --version
+
+        ```
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Community.general Version
+      description: >-
+        Paste verbatim output from "ansible-galaxy collection list community.general"
+        between tripple backticks.
+      value: |
+        ```console (paste below)
+        $ ansible-galaxy collection list community.general
+
+        ```
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Configuration
+      description: >-
+        If this issue has an example piece of YAML that can help to reproduce this problem, please provide it.
+        This can be a piece of YAML from, e.g., an automation, script, scene or configuration.
+        Paste verbatim output from `ansible-config dump --only-changed` between quotes
+      value: |
+        ```console (paste below)
+        $ ansible-config dump --only-changed
+
+        ```
+
+
+  - type: textarea
+    attributes:
+      label: OS / Environment
+      description: >-
+        Provide all relevant information below, e.g. target OS versions,
+        network device firmware, etc.
+      placeholder: RHEL 8, CentOS Stream etc.
+    validations:
+      required: false
+
+
+  - type: textarea
+    attributes:
+      label: Steps to Reproduce
+      description: |
+        Describe exactly how to reproduce the problem, using a minimal test-case. It would *really* help us understand your problem if you could also passed any playbooks, configs and commands you used.
+
+        **HINT:** You can paste https://gist.github.com links for larger files.
+      value: |
+        <!--- Paste example playbooks or commands between quotes below -->
+        ```yaml (paste below)
+
+        ```
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Expected Results
+      description: >-
+        Describe what you expected to happen when running the steps above.
+      placeholder: >-
+        I expected X to happen because I assumed Y.
+        that it did not.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Actual Results
+      description: |
+        Describe what actually happened. If possible run with extra verbosity (`-vvvv`).
+
+        Paste verbatim command output between quotes.
+      value: |
+        ```console (paste below)
+
+        ```
+  - type: checkboxes
+    attributes:
+      label: Code of Conduct
+      description: |
+        Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
+      options:
+        - label: I agree to follow the Ansible Code of Conduct
+          required: true
 ...
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -6,26 +6,26 @@
 # Ref: https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
 blank_issues_enabled: false  # default: true
 contact_links:
- name: Security bug report
-  url: https://docs.ansible.com/ansible-core/devel/community/reporting_bugs_and_features.html?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
-  about: |
-    Please learn how to report security vulnerabilities here.
+  - name: Security bug report
+    url: https://docs.ansible.com/ansible-core/devel/community/reporting_bugs_and_features.html?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
+    about: |
+      Please learn how to report security vulnerabilities here.

-    For all security related bugs, email security@ansible.com
-    instead of using this issue tracker and you will receive
-    a prompt response.
+      For all security related bugs, email security@ansible.com
+      instead of using this issue tracker and you will receive
+      a prompt response.

-    For more information, see
-    https://docs.ansible.com/ansible/latest/community/reporting_bugs_and_features.html
- name: Ansible Code of Conduct
-  url: https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
-  about: Be nice to other members of the community.
- name: Talks to the community
-  url: https://docs.ansible.com/ansible/latest/community/communication.html?utm_medium=github&utm_source=issue_template_chooser#mailing-list-information
-  about: Please ask and answer usage questions here
- name: Working groups
-  url: https://github.com/ansible/community/wiki
-  about: Interested in improving a specific area? Become a part of a working group!
- name: For Enterprise
-  url: https://www.ansible.com/products/engine?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
-  about: Red Hat offers support for the Ansible Automation Platform
+      For more information, see
+      https://docs.ansible.com/ansible/latest/community/reporting_bugs_and_features.html
+  - name: Ansible Code of Conduct
+    url: https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
+    about: Be nice to other members of the community.
+  - name: Talks to the community
+    url: https://docs.ansible.com/ansible/latest/community/communication.html?utm_medium=github&utm_source=issue_template_chooser#mailing-list-information
+    about: Please ask and answer usage questions here
+  - name: Working groups
+    url: https://github.com/ansible/community/wiki
+    about: Interested in improving a specific area? Become a part of a working group!
+  - name: For Enterprise
+    url: https://www.ansible.com/products/engine?utm_medium=github&utm_source=issue_template_chooser_ansible_collections
+    about: Red Hat offers support for the Ansible Automation Platform
--- a/.github/ISSUE_TEMPLATE/documentation_report.yml
+++ b/.github/ISSUE_TEMPLATE/documentation_report.yml
@@ -8,122 +8,122 @@ description: Ask us about docs
 # NOTE: issue body is enabled to allow screenshots

 body:
- type: markdown
-  attributes:
-    value: |
-      ⚠
-      Verify first that your issue is not [already reported on GitHub][issue search].
-      Also test if the latest release and devel branch are affected too.
-      *Complete **all** sections as described, this form is processed automatically.*
+  - type: markdown
+    attributes:
+      value: |
+        ⚠
+        Verify first that your issue is not [already reported on GitHub][issue search].
+        Also test if the latest release and devel branch are affected too.
+        *Complete **all** sections as described, this form is processed automatically.*

-      [issue search]: https://github.com/ansible-collections/community.general/search?q=is%3Aissue&type=issues
+        [issue search]: https://github.com/ansible-collections/community.general/search?q=is%3Aissue&type=issues


- type: textarea
-  attributes:
-    label: Summary
-    description: |
-      Explain the problem briefly below, add suggestions to wording or structure.
+  - type: textarea
+    attributes:
+      label: Summary
+      description: |
+        Explain the problem briefly below, add suggestions to wording or structure.

-      **HINT:** Did you know the documentation has an `Edit on GitHub` link on every page?
-    placeholder: >-
-      I was reading the Collection documentation of version X and I'm having
-      problems understanding Y. It would be very helpful if that got
-      rephrased as Z.
-  validations:
-    required: true
-
- type: dropdown
-  attributes:
-    label: Issue Type
-    # FIXME: Once GitHub allows defining the default choice, update this
-    options:
-    - Documentation Report
-  validations:
-    required: true
-
- type: input
-  attributes:
-    label: Component Name
-    description: >-
-      Write the short name of the file, module, plugin, task or feature below,
-      *use your best guess if unsure*. Do not include `community.general.`!
-    placeholder: mysql_user
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    label: Ansible Version
-    description: >-
-      Paste verbatim output from `ansible --version` between
-      tripple backticks.
-    value: |
-      ```console (paste below)
-      $ ansible --version
-
-      ```
-  validations:
-    required: false
-
- type: textarea
-  attributes:
-    label: Community.general Version
-    description: >-
-      Paste verbatim output from "ansible-galaxy collection list community.general"
-      between tripple backticks.
-    value: |
-      ```console (paste below)
-      $ ansible-galaxy collection list community.general
-
-      ```
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    label: Configuration
-    description: >-
-      Paste verbatim output from `ansible-config dump --only-changed` between quotes.
-    value: |
-      ```console (paste below)
-      $ ansible-config dump --only-changed
-
-      ```
-  validations:
-    required: false
-
- type: textarea
-  attributes:
-    label: OS / Environment
-    description: >-
-      Provide all relevant information below, e.g. OS version,
-      browser, etc.
-    placeholder: Fedora 33, Firefox etc.
-  validations:
-    required: false
-
- type: textarea
-  attributes:
-    label: Additional Information
-    description: |
-      Describe how this improves the documentation, e.g. before/after situation or screenshots.
-
-      **Tip:** It's not possible to upload the screenshot via this field directly but you can use the last textarea in this form to attach them.
-
-      **HINT:** You can paste https://gist.github.com links for larger files.
-    placeholder: >-
-      When the improvement is applied, it makes it more straightforward
-      to understand X.
-  validations:
-    required: false
-
- type: checkboxes
-  attributes:
-    label: Code of Conduct
-    description: |
-      Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
-    options:
-    - label: I agree to follow the Ansible Code of Conduct
+        **HINT:** Did you know the documentation has an `Edit on GitHub` link on every page?
+      placeholder: >-
+        I was reading the Collection documentation of version X and I'm having
+        problems understanding Y. It would be very helpful if that got
+        rephrased as Z.
+    validations:
      required: true
+
+  - type: dropdown
+    attributes:
+      label: Issue Type
+      # FIXME: Once GitHub allows defining the default choice, update this
+      options:
+        - Documentation Report
+    validations:
+      required: true
+
+  - type: input
+    attributes:
+      label: Component Name
+      description: >-
+        Write the short name of the file, module, plugin, task or feature below,
+        *use your best guess if unsure*. Do not include `community.general.`!
+      placeholder: mysql_user
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Ansible Version
+      description: >-
+        Paste verbatim output from `ansible --version` between
+        tripple backticks.
+      value: |
+        ```console (paste below)
+        $ ansible --version
+
+        ```
+    validations:
+      required: false
+
+  - type: textarea
+    attributes:
+      label: Community.general Version
+      description: >-
+        Paste verbatim output from "ansible-galaxy collection list community.general"
+        between tripple backticks.
+      value: |
+        ```console (paste below)
+        $ ansible-galaxy collection list community.general
+
+        ```
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Configuration
+      description: >-
+        Paste verbatim output from `ansible-config dump --only-changed` between quotes.
+      value: |
+        ```console (paste below)
+        $ ansible-config dump --only-changed
+
+        ```
+    validations:
+      required: false
+
+  - type: textarea
+    attributes:
+      label: OS / Environment
+      description: >-
+        Provide all relevant information below, e.g. OS version,
+        browser, etc.
+      placeholder: Fedora 33, Firefox etc.
+    validations:
+      required: false
+
+  - type: textarea
+    attributes:
+      label: Additional Information
+      description: |
+        Describe how this improves the documentation, e.g. before/after situation or screenshots.
+
+        **Tip:** It's not possible to upload the screenshot via this field directly but you can use the last textarea in this form to attach them.
+
+        **HINT:** You can paste https://gist.github.com links for larger files.
+      placeholder: >-
+        When the improvement is applied, it makes it more straightforward
+        to understand X.
+    validations:
+      required: false
+
+  - type: checkboxes
+    attributes:
+      label: Code of Conduct
+      description: |
+        Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
+      options:
+        - label: I agree to follow the Ansible Code of Conduct
+          required: true
 ...
--- a/.github/ISSUE_TEMPLATE/feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -7,67 +7,67 @@ name: Feature request
 description: Suggest an idea for this project

 body:
- type: markdown
-  attributes:
-    value: |
-      ⚠
-      Verify first that your issue is not [already reported on GitHub][issue search].
-      Also test if the latest release and devel branch are affected too.
-      *Complete **all** sections as described, this form is processed automatically.*
+  - type: markdown
+    attributes:
+      value: |
+        ⚠
+        Verify first that your issue is not [already reported on GitHub][issue search].
+        Also test if the latest release and devel branch are affected too.
+        *Complete **all** sections as described, this form is processed automatically.*

-      [issue search]: https://github.com/ansible-collections/community.general/search?q=is%3Aissue&type=issues
+        [issue search]: https://github.com/ansible-collections/community.general/search?q=is%3Aissue&type=issues


- type: textarea
-  attributes:
-    label: Summary
-    description: Describe the new feature/improvement briefly below.
-    placeholder: >-
-      I am trying to do X with the collection from the main branch on GitHub and
-      I think that implementing a feature Y would be very helpful for me and
-      every other user of community.general because of Z.
-  validations:
-    required: true
-
- type: dropdown
-  attributes:
-    label: Issue Type
-    # FIXME: Once GitHub allows defining the default choice, update this
-    options:
-    - Feature Idea
-  validations:
-    required: true
-
- type: input
-  attributes:
-    label: Component Name
-    description: >-
-      Write the short name of the module or plugin, or which other part(s) of the collection this feature affects.
-      *use your best guess if unsure*. Do not include `community.general.`!
-    placeholder: dnf, apt, yum, pip, user etc.
-  validations:
-    required: true
-
- type: textarea
-  attributes:
-    label: Additional Information
-    description: |
-      Describe how the feature would be used, why it is needed and what it would solve.
-
-      **HINT:** You can paste https://gist.github.com links for larger files.
-    value: |
-      <!--- Paste example playbooks or commands between quotes below -->
-      ```yaml (paste below)
-
-      ```
-  validations:
-    required: false
- type: checkboxes
-  attributes:
-    label: Code of Conduct
-    description: |
-      Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
-    options:
-    - label: I agree to follow the Ansible Code of Conduct
+  - type: textarea
+    attributes:
+      label: Summary
+      description: Describe the new feature/improvement briefly below.
+      placeholder: >-
+        I am trying to do X with the collection from the main branch on GitHub and
+        I think that implementing a feature Y would be very helpful for me and
+        every other user of community.general because of Z.
+    validations:
      required: true
+
+  - type: dropdown
+    attributes:
+      label: Issue Type
+      # FIXME: Once GitHub allows defining the default choice, update this
+      options:
+        - Feature Idea
+    validations:
+      required: true
+
+  - type: input
+    attributes:
+      label: Component Name
+      description: >-
+        Write the short name of the module or plugin, or which other part(s) of the collection this feature affects.
+        *use your best guess if unsure*. Do not include `community.general.`!
+      placeholder: dnf, apt, yum, pip, user etc.
+    validations:
+      required: true
+
+  - type: textarea
+    attributes:
+      label: Additional Information
+      description: |
+        Describe how the feature would be used, why it is needed and what it would solve.
+
+        **HINT:** You can paste https://gist.github.com links for larger files.
+      value: |
+        <!--- Paste example playbooks or commands between quotes below -->
+        ```yaml (paste below)
+
+        ```
+    validations:
+      required: false
+  - type: checkboxes
+    attributes:
+      label: Code of Conduct
+      description: |
+        Read the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html?utm_medium=github&utm_source=issue_form--ansible-collections) first.
+      options:
+        - label: I agree to follow the Ansible Code of Conduct
+          required: true
 ...
--- a/.github/workflows/ansible-test.yml
+++ b/.github/workflows/ansible-test.yml
@@ -7,7 +7,7 @@
 # https://github.com/marketplace/actions/ansible-test

 name: EOL CI
-on:
+"on":
  # Run EOL CI against all pushes (direct commits, also merged PRs), Pull Requests
  push:
    branches:
@@ -45,6 +45,8 @@ jobs:
          coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
          pull-request-change-detection: 'true'
          testing-type: sanity
+          pre-test-cmd: >-
+            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.internal_test_tools.git ../../community/internal_test_tools

  units:
    # Ansible-test on various stable branches does not yet work well with cgroups v2.
@@ -164,12 +166,15 @@ jobs:
          integration-continue-on-error: 'false'
          integration-diff: 'false'
          integration-retry-on-error: 'true'
+          # TODO: remove "--branch stable-2" from community.crypto install once we're only using ansible-core 2.17 or newer!
          pre-test-cmd: >-
            mkdir -p ../../ansible
            ;
            git clone --depth=1 --single-branch https://github.com/ansible-collections/ansible.posix.git ../../ansible/posix
            ;
-            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.crypto.git ../../community/crypto
+            git clone --depth=1 --single-branch --branch stable-2 https://github.com/ansible-collections/community.crypto.git ../../community/crypto
+            ;
+            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.docker.git ../../community/docker
            ;
            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.internal_test_tools.git ../../community/internal_test_tools
          pull-request-change-detection: 'true'
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -5,7 +5,7 @@

 name: "Code scanning - action"

-on:
+"on":
  schedule:
    - cron: '26 19 * * 1'
  workflow_dispatch:
@@ -23,16 +23,16 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-      with:
-        persist-credentials: false
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false

-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: python
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: python

-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
--- a/.github/workflows/import-galaxy.yml
+++ b/.github/workflows/import-galaxy.yml
@@ -1,20 +0,0 @@
---
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-name: import-galaxy
-'on':
-  # Run CI against all pushes (direct commits, also merged PRs) to main, and all Pull Requests
-  push:
-    branches:
-      - main
-      - stable-*
-  pull_request:
-
-jobs:
-  import-galaxy:
-    permissions:
-      contents: read
-    name: Test to import built collection artifact with Galaxy importer
-    uses: ansible-community/github-action-test-galaxy-import/.github/workflows/test-galaxy-import.yml@main
--- a/.github/workflows/nox.yml
+++ b/.github/workflows/nox.yml
@@ -0,0 +1,28 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+name: nox
+'on':
+  push:
+    branches:
+      - main
+      - stable-*
+  pull_request:
+  # Run CI once per day (at 08:00 UTC)
+  schedule:
+    - cron: '0 8 * * *'
+  workflow_dispatch:
+
+jobs:
+  nox:
+    runs-on: ubuntu-latest
+    name: "Run extra sanity tests"
+    steps:
+      - name: Check out collection
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+      - name: Run nox
+        uses: ansible-community/antsibull-nox@main
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@@ -1,35 +0,0 @@
---
-# Copyright (c) Ansible Project
-# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-name: Verify REUSE
-
-on:
-  push:
-    branches:
-      - main
-      - stable-*
-  pull_request:
-    types: [opened, synchronize, reopened]
-    branches:
-      - main
-      - stable-*
-  # Run CI once per day (at 07:30 UTC)
-  schedule:
-    - cron: '30 7 * * *'
-
-jobs:
-  check:
-    permissions:
-      contents: read
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          persist-credentials: false
-          ref: ${{ github.event.pull_request.head.sha || '' }}
-
-      - name: REUSE Compliance Check
-        uses: fsfe/reuse-action@v5
--- a/.gitignore
+++ b/.gitignore
@@ -383,6 +383,16 @@ cython_debug/
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 #.idea/

+### Python Patch ###
+# Poetry local configuration file - https://python-poetry.org/docs/configuration/#local-configuration
+poetry.toml
+
+# ruff
+.ruff_cache/
+
+# LSP config files
+pyrightconfig.json
+
 ### Vim ###
 # Swap
 [._]*.s[a-v][a-z]
@@ -482,6 +492,10 @@ tags
 # https://plugins.jetbrains.com/plugin/12206-codestream
 .idea/codestream.xml

+# Azure Toolkit for IntelliJ plugin
+# https://plugins.jetbrains.com/plugin/8053-azure-toolkit-for-intellij
+.idea/**/azureSettings.xml
+
 ### Windows ###
 # Windows thumbnail cache files
 Thumbs.db
--- a/.reuse/dep5
+++ b/.reuse/dep5
@@ -1,5 +0,0 @@
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-
-Files: changelogs/fragments/*
-Copyright: Ansible Project
-License: GPL-3.0-or-later
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,69 +2,386 @@

 **Topics**

- <a href="#v10-3-1">v10\.3\.1</a>
+- <a href="#v10-7-2">v10\.7\.2</a>
    - <a href="#release-summary">Release Summary</a>
-    - <a href="#minor-changes">Minor Changes</a>
    - <a href="#bugfixes">Bugfixes</a>
- <a href="#v10-3-0">v10\.3\.0</a>
+- <a href="#v10-7-1">v10\.7\.1</a>
    - <a href="#release-summary-1">Release Summary</a>
-    - <a href="#minor-changes-1">Minor Changes</a>
+    - <a href="#minor-changes">Minor Changes</a>
    - <a href="#deprecated-features">Deprecated Features</a>
-    - <a href="#security-fixes">Security Fixes</a>
    - <a href="#bugfixes-1">Bugfixes</a>
-    - <a href="#new-plugins">New Plugins</a>
-        - <a href="#connection">Connection</a>
-        - <a href="#filter">Filter</a>
-        - <a href="#lookup">Lookup</a>
-    - <a href="#new-modules">New Modules</a>
- <a href="#v10-2-0">v10\.2\.0</a>
+- <a href="#v10-7-0">v10\.7\.0</a>
    - <a href="#release-summary-2">Release Summary</a>
-    - <a href="#minor-changes-2">Minor Changes</a>
+    - <a href="#minor-changes-1">Minor Changes</a>
    - <a href="#deprecated-features-1">Deprecated Features</a>
-    - <a href="#security-fixes-1">Security Fixes</a>
    - <a href="#bugfixes-2">Bugfixes</a>
-    - <a href="#new-plugins-1">New Plugins</a>
-        - <a href="#inventory">Inventory</a>
-    - <a href="#new-modules-1">New Modules</a>
- <a href="#v10-1-0">v10\.1\.0</a>
+    - <a href="#new-plugins">New Plugins</a>
+        - <a href="#callback">Callback</a>
+        - <a href="#filter">Filter</a>
+    - <a href="#new-modules">New Modules</a>
+- <a href="#v10-6-0">v10\.6\.0</a>
    - <a href="#release-summary-3">Release Summary</a>
-    - <a href="#minor-changes-3">Minor Changes</a>
+    - <a href="#minor-changes-2">Minor Changes</a>
    - <a href="#deprecated-features-2">Deprecated Features</a>
    - <a href="#bugfixes-3">Bugfixes</a>
-    - <a href="#new-plugins-2">New Plugins</a>
-        - <a href="#filter-1">Filter</a>
-    - <a href="#new-modules-2">New Modules</a>
- <a href="#v10-0-1">v10\.0\.1</a>
+    - <a href="#known-issues">Known Issues</a>
+    - <a href="#new-plugins-1">New Plugins</a>
+        - <a href="#connection">Connection</a>
+- <a href="#v10-5-0">v10\.5\.0</a>
    - <a href="#release-summary-4">Release Summary</a>
+    - <a href="#minor-changes-3">Minor Changes</a>
    - <a href="#bugfixes-4">Bugfixes</a>
- <a href="#v10-0-0">v10\.0\.0</a>
+    - <a href="#new-modules-1">New Modules</a>
+- <a href="#v10-4-0">v10\.4\.0</a>
    - <a href="#release-summary-5">Release Summary</a>
    - <a href="#minor-changes-4">Minor Changes</a>
-    - <a href="#breaking-changes--porting-guide">Breaking Changes / Porting Guide</a>
    - <a href="#deprecated-features-3">Deprecated Features</a>
-    - <a href="#removed-features-previously-deprecated">Removed Features \(previously deprecated\)</a>
    - <a href="#bugfixes-5">Bugfixes</a>
-    - <a href="#known-issues">Known Issues</a>
-    - <a href="#new-plugins-3">New Plugins</a>
-        - <a href="#filter-2">Filter</a>
-        - <a href="#test">Test</a>
+    - <a href="#new-modules-2">New Modules</a>
+- <a href="#v10-3-1">v10\.3\.1</a>
+    - <a href="#release-summary-6">Release Summary</a>
+    - <a href="#minor-changes-5">Minor Changes</a>
+    - <a href="#bugfixes-6">Bugfixes</a>
+- <a href="#v10-3-0">v10\.3\.0</a>
+    - <a href="#release-summary-7">Release Summary</a>
+    - <a href="#minor-changes-6">Minor Changes</a>
+    - <a href="#deprecated-features-4">Deprecated Features</a>
+    - <a href="#security-fixes">Security Fixes</a>
+    - <a href="#bugfixes-7">Bugfixes</a>
+    - <a href="#new-plugins-2">New Plugins</a>
+        - <a href="#connection-1">Connection</a>
+        - <a href="#filter-1">Filter</a>
+        - <a href="#lookup">Lookup</a>
    - <a href="#new-modules-3">New Modules</a>
+- <a href="#v10-2-0">v10\.2\.0</a>
+    - <a href="#release-summary-8">Release Summary</a>
+    - <a href="#minor-changes-7">Minor Changes</a>
+    - <a href="#deprecated-features-5">Deprecated Features</a>
+    - <a href="#security-fixes-1">Security Fixes</a>
+    - <a href="#bugfixes-8">Bugfixes</a>
+    - <a href="#new-plugins-3">New Plugins</a>
+        - <a href="#inventory">Inventory</a>
+    - <a href="#new-modules-4">New Modules</a>
+- <a href="#v10-1-0">v10\.1\.0</a>
+    - <a href="#release-summary-9">Release Summary</a>
+    - <a href="#minor-changes-8">Minor Changes</a>
+    - <a href="#deprecated-features-6">Deprecated Features</a>
+    - <a href="#bugfixes-9">Bugfixes</a>
+    - <a href="#new-plugins-4">New Plugins</a>
+        - <a href="#filter-2">Filter</a>
+    - <a href="#new-modules-5">New Modules</a>
+- <a href="#v10-0-1">v10\.0\.1</a>
+    - <a href="#release-summary-10">Release Summary</a>
+    - <a href="#bugfixes-10">Bugfixes</a>
+- <a href="#v10-0-0">v10\.0\.0</a>
+    - <a href="#release-summary-11">Release Summary</a>
+    - <a href="#minor-changes-9">Minor Changes</a>
+    - <a href="#breaking-changes--porting-guide">Breaking Changes / Porting Guide</a>
+    - <a href="#deprecated-features-7">Deprecated Features</a>
+    - <a href="#removed-features-previously-deprecated">Removed Features \(previously deprecated\)</a>
+    - <a href="#bugfixes-11">Bugfixes</a>
+    - <a href="#known-issues-1">Known Issues</a>
+    - <a href="#new-plugins-5">New Plugins</a>
+        - <a href="#filter-3">Filter</a>
+        - <a href="#test">Test</a>
+    - <a href="#new-modules-6">New Modules</a>
 This changelog describes changes after version 9\.0\.0\.

-<a id="v10-3-1"></a>
-## v10\.3\.1
+<a id="v10-7-2"></a>
+## v10\.7\.2

 <a id="release-summary"></a>
 ### Release Summary

-Bugfix release\.
+Regular bugfix release\.
+
+<a id="bugfixes"></a>
+### Bugfixes
+
+* dependent lookup plugin \- avoid deprecated ansible\-core 2\.19 functionality \([https\://github\.com/ansible\-collections/community\.general/pull/10359](https\://github\.com/ansible\-collections/community\.general/pull/10359)\)\.
+* github\_release \- support multiple types of GitHub tokens\; no longer failing when <code>ghs\_</code> token type is provided \([https\://github\.com/ansible\-collections/community\.general/issues/10338](https\://github\.com/ansible\-collections/community\.general/issues/10338)\, [https\://github\.com/ansible\-collections/community\.general/pull/10339](https\://github\.com/ansible\-collections/community\.general/pull/10339)\)\.
+* icinga2 inventory plugin \- avoid using deprecated option when templating options \([https\://github\.com/ansible\-collections/community\.general/pull/10271](https\://github\.com/ansible\-collections/community\.general/pull/10271)\)\.
+* incus connection plugin \- fix error handling to return more useful Ansible errors to the user \([https\://github\.com/ansible\-collections/community\.general/issues/10344](https\://github\.com/ansible\-collections/community\.general/issues/10344)\, [https\://github\.com/ansible\-collections/community\.general/pull/10349](https\://github\.com/ansible\-collections/community\.general/pull/10349)\)\.
+* linode inventory plugin \- avoid using deprecated option when templating options \([https\://github\.com/ansible\-collections/community\.general/pull/10271](https\://github\.com/ansible\-collections/community\.general/pull/10271)\)\.
+* logstash callback plugin \- remove reference to Python 2 library \([https\://github\.com/ansible\-collections/community\.general/pull/10345](https\://github\.com/ansible\-collections/community\.general/pull/10345)\)\.
+
+<a id="v10-7-1"></a>
+## v10\.7\.1
+
+<a id="release-summary-1"></a>
+### Release Summary
+
+Regular bugfix release\.

 <a id="minor-changes"></a>
 ### Minor Changes

+* git\_config \- remove redundant <code>required\=False</code> from <code>argument\_spec</code> \([https\://github\.com/ansible\-collections/community\.general/pull/10177](https\://github\.com/ansible\-collections/community\.general/pull/10177)\)\.
+* proxmox\_snap \- correctly handle proxmox\_snap timeout parameter \([https\://github\.com/ansible\-collections/community\.proxmox/issues/73](https\://github\.com/ansible\-collections/community\.proxmox/issues/73)\, [https\://github\.com/ansible\-collections/community\.proxmox/issues/95](https\://github\.com/ansible\-collections/community\.proxmox/issues/95)\, [https\://github\.com/ansible\-collections/community\.general/pull/10176](https\://github\.com/ansible\-collections/community\.general/pull/10176)\)\.
+
+<a id="deprecated-features"></a>
+### Deprecated Features
+
+* yaml callback plugin \- the YAML callback plugin was deprecated for removal in community\.general 13\.0\.0\. Since it needs to use ansible\-core internals since ansible\-core 2\.19 that are changing a lot\, we will remove this plugin already from community\.general 12\.0\.0 to ease the maintenance burden \([https\://github\.com/ansible\-collections/community\.general/pull/10213](https\://github\.com/ansible\-collections/community\.general/pull/10213)\)\.
+
+<a id="bugfixes-1"></a>
+### Bugfixes
+
+* cobbler\_system \- update minimum version number to avoid wrong comparisons that happen in some cases using LooseVersion class which results in TypeError \([https\://github\.com/ansible\-collections/community\.general/issues/8506](https\://github\.com/ansible\-collections/community\.general/issues/8506)\, [https\://github\.com/ansible\-collections/community\.general/pull/10145](https\://github\.com/ansible\-collections/community\.general/pull/10145)\, [https\://github\.com/ansible\-collections/community\.general/pull/10178](https\://github\.com/ansible\-collections/community\.general/pull/10178)\)\.
+* gitlab\_group\_access\_token\, gitlab\_project\_access\_token \- fix handling of group and project access tokens for changes in GitLab 17\.10 \([https\://github\.com/ansible\-collections/community\.general/pull/10196](https\://github\.com/ansible\-collections/community\.general/pull/10196)\)\.
+* keycloak \- update more than 10 sub\-groups \([https\://github\.com/ansible\-collections/community\.general/issues/9690](https\://github\.com/ansible\-collections/community\.general/issues/9690)\, [https\://github\.com/ansible\-collections/community\.general/pull/9692](https\://github\.com/ansible\-collections/community\.general/pull/9692)\)\.
+* yaml callback plugin \- adjust to latest changes in ansible\-core devel \([https\://github\.com/ansible\-collections/community\.general/pull/10212](https\://github\.com/ansible\-collections/community\.general/pull/10212)\)\.
+* yaml callback plugin \- when using ansible\-core 2\.19\.0b2 or newer\, uses a new utility provided by ansible\-core\. This allows us to remove all hacks and vendored code that was part of the plugin for ansible\-core versions with Data Tagging so far \([https\://github\.com/ansible\-collections/community\.general/pull/10242](https\://github\.com/ansible\-collections/community\.general/pull/10242)\)\.
+* zypper\_repository \- make compatible with Python 3\.12\+ \([https\://github\.com/ansible\-collections/community\.general/issues/10222](https\://github\.com/ansible\-collections/community\.general/issues/10222)\, [https\://github\.com/ansible\-collections/community\.general/pull/10223](https\://github\.com/ansible\-collections/community\.general/pull/10223)\)\.
+* zypper\_repository \- use <code>metalink</code> attribute to identify repositories without <code>\<url/\></code> element \([https\://github\.com/ansible\-collections/community\.general/issues/10224](https\://github\.com/ansible\-collections/community\.general/issues/10224)\, [https\://github\.com/ansible\-collections/community\.general/pull/10225](https\://github\.com/ansible\-collections/community\.general/pull/10225)\)\.
+
+<a id="v10-7-0"></a>
+## v10\.7\.0
+
+<a id="release-summary-2"></a>
+### Release Summary
+
+Bugfix and feature release\.
+Note that this is the final minor 10\.x\.0 release\.
+The next release with new features will be 11\.0\.0\.
+From now on\, there will only be bugfix 10\.7\.x releases for the community\.general 10 release train\.
+
+<a id="minor-changes-1"></a>
+### Minor Changes
+
+* cobbler inventory plugin \- add <code>connection\_timeout</code> option to specify the connection timeout to the cobbler server \([https\://github\.com/ansible\-collections/community\.general/pull/11063](https\://github\.com/ansible\-collections/community\.general/pull/11063)\)\.
+* cobbler inventory plugin \- add <code>facts\_level</code> option to allow requesting fully rendered variables for Cobbler systems \([https\://github\.com/ansible\-collections/community\.general/issues/9419](https\://github\.com/ansible\-collections/community\.general/issues/9419)\, [https\://github\.com/ansible\-collections/community\.general/pull/9975](https\://github\.com/ansible\-collections/community\.general/pull/9975)\)\.
+* ini\_file \- modify an inactive option also when there are spaces in front of the comment symbol \([https\://github\.com/ansible\-collections/community\.general/pull/10102](https\://github\.com/ansible\-collections/community\.general/pull/10102)\, [https\://github\.com/ansible\-collections/community\.general/issues/8539](https\://github\.com/ansible\-collections/community\.general/issues/8539)\)\.
+* pipx \- parameter <code>name</code> now accepts Python package specifiers \([https\://github\.com/ansible\-collections/community\.general/issues/7815](https\://github\.com/ansible\-collections/community\.general/issues/7815)\, [https\://github\.com/ansible\-collections/community\.general/pull/10031](https\://github\.com/ansible\-collections/community\.general/pull/10031)\)\.
+* pipx module\_utils \- filtering application list by name now happens in the modules \([https\://github\.com/ansible\-collections/community\.general/pull/10031](https\://github\.com/ansible\-collections/community\.general/pull/10031)\)\.
+* pipx\_info \- filtering application list by name now happens in the module  \([https\://github\.com/ansible\-collections/community\.general/pull/10031](https\://github\.com/ansible\-collections/community\.general/pull/10031)\)\.
+
+<a id="deprecated-features-1"></a>
+### Deprecated Features
+
+* The proxmox content \(modules and plugins\) is being moved to the [new collection community\.proxmox](https\://github\.com/ansible\-collections/community\.proxmox)\. In community\.general 11\.0\.0\, these modules and plugins will be replaced by deprecated redirections to community\.proxmox\. You need to explicitly install community\.proxmox\, for example with <code>ansible\-galaxy collection install community\.proxmox</code>\. We suggest to update your roles and playbooks to use the new FQCNs as soon as possible to avoid getting deprecation messages \([https\://github\.com/ansible\-collections/community\.general/pull/10109](https\://github\.com/ansible\-collections/community\.general/pull/10109)\)\.
+* pipx module\_utils \- function <code>make\_process\_list\(\)</code> is deprecated and will be removed in community\.general 13\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/10031](https\://github\.com/ansible\-collections/community\.general/pull/10031)\)\.
+
+<a id="bugfixes-2"></a>
+### Bugfixes
+
+* cobbler\_system \- fix bug with Cobbler \>\= 3\.4\.0 caused by giving more than 2 positional arguments to <code>CobblerXMLRPCInterface\.get\_system\_handle\(\)</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8506](https\://github\.com/ansible\-collections/community\.general/issues/8506)\, [https\://github\.com/ansible\-collections/community\.general/pull/10145](https\://github\.com/ansible\-collections/community\.general/pull/10145)\)\.
+* kdeconfig \- allow option values beginning with a dash \([https\://github\.com/ansible\-collections/community\.general/issues/10127](https\://github\.com/ansible\-collections/community\.general/issues/10127)\, [https\://github\.com/ansible\-collections/community\.general/pull/10128](https\://github\.com/ansible\-collections/community\.general/pull/10128)\)\.
+* keycloak\_user\_rolemapping \- fix <code>\-\-diff</code> mode \([https\://github\.com/ansible\-collections/community\.general/issues/10067](https\://github\.com/ansible\-collections/community\.general/issues/10067)\, [https\://github\.com/ansible\-collections/community\.general/pull/10075](https\://github\.com/ansible\-collections/community\.general/pull/10075)\)\.
+* pickle cache plugin \- avoid extra JSON serialization with ansible\-core \>\= 2\.19 \([https\://github\.com/ansible\-collections/community\.general/pull/10136](https\://github\.com/ansible\-collections/community\.general/pull/10136)\)\.
+* proxmox \- fix crash in module when the used on an existing LXC container with <code>state\=present</code> and <code>force\=true</code> \([https\://github\.com/ansible\-collections/community\.proxmox/pull/91](https\://github\.com/ansible\-collections/community\.proxmox/pull/91)\, [https\://github\.com/ansible\-collections/community\.general/pull/10155](https\://github\.com/ansible\-collections/community\.general/pull/10155)\)\.
+* rundeck\_acl\_policy \- ensure that project ACLs are sent to the correct endpoint \([https\://github\.com/ansible\-collections/community\.general/pull/10097](https\://github\.com/ansible\-collections/community\.general/pull/10097)\)\.
+* sysrc \- split the output of <code>sysrc \-e \-a</code> on the first <code>\=</code> only \([https\://github\.com/ansible\-collections/community\.general/issues/10120](https\://github\.com/ansible\-collections/community\.general/issues/10120)\, [https\://github\.com/ansible\-collections/community\.general/pull/10121](https\://github\.com/ansible\-collections/community\.general/pull/10121)\)\.
+
+<a id="new-plugins"></a>
+### New Plugins
+
+<a id="callback"></a>
+#### Callback
+
+* community\.general\.print\_task \- Prints playbook task snippet to job output\.
+
+<a id="filter"></a>
+#### Filter
+
+* community\.general\.to\_prettytable \- Format a list of dictionaries as an ASCII table\.
+
+<a id="new-modules"></a>
+### New Modules
+
+* community\.general\.xdg\_mime \- Set default handler for MIME types\, for applications using XDG tools\.
+
+<a id="v10-6-0"></a>
+## v10\.6\.0
+
+<a id="release-summary-3"></a>
+### Release Summary
+
+Regular bugfix and feature release\.
+
+<a id="minor-changes-2"></a>
+### Minor Changes
+
+* apache2\_module \- added workaround for new PHP module name\, from <code>php7\_module</code> to <code>php\_module</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9951](https\://github\.com/ansible\-collections/community\.general/pull/9951)\)\.
+* gitlab\_project \- add option <code>build\_timeout</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9960](https\://github\.com/ansible\-collections/community\.general/pull/9960)\)\.
+* gitlab\_project\_members \- extend choices parameter <code>access\_level</code> by missing upstream valid value <code>owner</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9953](https\://github\.com/ansible\-collections/community\.general/pull/9953)\)\.
+* hpilo\_boot \- add option to get an idempotent behavior while powering on server\, resulting in success instead of failure when using <code>state\: boot\_once</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/9646](https\://github\.com/ansible\-collections/community\.general/pull/9646)\)\.
+* idrac\_redfish\_command\, idrac\_redfish\_config\, idrac\_redfish\_info \- add <code>validate\_certs</code>\, <code>ca\_path</code>\, and <code>ciphers</code> options to configure TLS/SSL \([https\://github\.com/ansible\-collections/community\.general/issues/3686](https\://github\.com/ansible\-collections/community\.general/issues/3686)\, [https\://github\.com/ansible\-collections/community\.general/pull/9964](https\://github\.com/ansible\-collections/community\.general/pull/9964)\)\.
+* ilo\_redfish\_command\, ilo\_redfish\_config\, ilo\_redfish\_info \- add <code>validate\_certs</code>\, <code>ca\_path</code>\, and <code>ciphers</code> options to configure TLS/SSL \([https\://github\.com/ansible\-collections/community\.general/issues/3686](https\://github\.com/ansible\-collections/community\.general/issues/3686)\, [https\://github\.com/ansible\-collections/community\.general/pull/9964](https\://github\.com/ansible\-collections/community\.general/pull/9964)\)\.
+* keycloak module\_utils \- user groups can now be referenced by their name\, like <code>staff</code>\, or their path\, like <code>/staff/engineering</code>\. The path syntax allows users to reference subgroups\, which is not possible otherwise \([https\://github\.com/ansible\-collections/community\.general/pull/9898](https\://github\.com/ansible\-collections/community\.general/pull/9898)\)\.
+* keycloak\_user module \- user groups can now be referenced by their name\, like <code>staff</code>\, or their path\, like <code>/staff/engineering</code>\. The path syntax allows users to reference subgroups\, which is not possible otherwise \([https\://github\.com/ansible\-collections/community\.general/pull/9898](https\://github\.com/ansible\-collections/community\.general/pull/9898)\)\.
+* nmcli \- add support for Infiniband MAC setting when <code>type</code> is <code>infiniband</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9962](https\://github\.com/ansible\-collections/community\.general/pull/9962)\)\.
+* one\_vm \- update allowed values for <code>updateconf</code> to include new parameters as per the latest OpenNebula API documentation\.
+  Added parameters\:
+
+  - <code>OS</code>\: <code>FIRMWARE</code>\;
+  - <code>CPU\_MODEL</code>\: <code>MODEL</code>\, <code>FEATURES</code>\;
+  - <code>FEATURES</code>\: <code>VIRTIO\_BLK\_QUEUES</code>\, <code>VIRTIO\_SCSI\_QUEUES</code>\, <code>IOTHREADS</code>\;
+  - <code>GRAPHICS</code>\: <code>PORT</code>\, <code>COMMAND</code>\;
+  - <code>VIDEO</code>\: <code>ATS</code>\, <code>IOMMU</code>\, <code>RESOLUTION</code>\, <code>TYPE</code>\, <code>VRAM</code>\;
+  - <code>RAW</code>\: <code>VALIDATE</code>\;
+  - <code>BACKUP\_CONFIG</code>\: <code>FS\_FREEZE</code>\, <code>KEEP\_LAST</code>\, <code>BACKUP\_VOLATILE</code>\, <code>MODE</code>\, <code>INCREMENT\_MODE</code>\.
+
+  \([https\://github\.com/ansible\-collections/community\.general/pull/9959](https\://github\.com/ansible\-collections/community\.general/pull/9959)\)\.
+* proxmox and proxmox\_kvm modules \- allow uppercase characters in VM/container tags \([https\://github\.com/ansible\-collections/community\.general/issues/9895](https\://github\.com/ansible\-collections/community\.general/issues/9895)\, [https\://github\.com/ansible\-collections/community\.general/pull/10024](https\://github\.com/ansible\-collections/community\.general/pull/10024)\)\.
+* puppet \- improve parameter formatting\, no impact to user \([https\://github\.com/ansible\-collections/community\.general/pull/10014](https\://github\.com/ansible\-collections/community\.general/pull/10014)\)\.
+* redfish module utils \- add <code>REDFISH\_COMMON\_ARGUMENT\_SPEC</code>\, a corresponding <code>redfish</code> docs fragment\, and support for its <code>validate\_certs</code>\, <code>ca\_path</code>\, and <code>ciphers</code> options \([https\://github\.com/ansible\-collections/community\.general/issues/3686](https\://github\.com/ansible\-collections/community\.general/issues/3686)\, [https\://github\.com/ansible\-collections/community\.general/pull/9964](https\://github\.com/ansible\-collections/community\.general/pull/9964)\)\.
+* redfish\_command\, redfish\_config\, redfish\_info \- add <code>validate\_certs</code> and <code>ca\_path</code> options to configure TLS/SSL \([https\://github\.com/ansible\-collections/community\.general/issues/3686](https\://github\.com/ansible\-collections/community\.general/issues/3686)\, [https\://github\.com/ansible\-collections/community\.general/pull/9964](https\://github\.com/ansible\-collections/community\.general/pull/9964)\)\.
+* rocketchat \- fix duplicate JSON conversion for Rocket\.Chat \< 7\.4\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/9965](https\://github\.com/ansible\-collections/community\.general/pull/9965)\)\.
+* wdc\_redfish\_command\, wdc\_redfish\_info \- add <code>validate\_certs</code>\, <code>ca\_path</code>\, and <code>ciphers</code> options to configure TLS/SSL \([https\://github\.com/ansible\-collections/community\.general/issues/3686](https\://github\.com/ansible\-collections/community\.general/issues/3686)\, [https\://github\.com/ansible\-collections/community\.general/pull/9964](https\://github\.com/ansible\-collections/community\.general/pull/9964)\)\.
+* xcc\_redfish\_command \- add <code>validate\_certs</code>\, <code>ca\_path</code>\, and <code>ciphers</code> options to configure TLS/SSL \([https\://github\.com/ansible\-collections/community\.general/issues/3686](https\://github\.com/ansible\-collections/community\.general/issues/3686)\, [https\://github\.com/ansible\-collections/community\.general/pull/9964](https\://github\.com/ansible\-collections/community\.general/pull/9964)\)\.
+* zypper \- adds <code>skip\_post\_errors</code> that allows to skip RPM post\-install errors \(Zypper return code 107\) \([https\://github\.com/ansible\-collections/community\.general/issues/9972](https\://github\.com/ansible\-collections/community\.general/issues/9972)\)\.
+
+<a id="deprecated-features-2"></a>
+### Deprecated Features
+
+* manifold lookup plugin \- plugin is deprecated and will be removed in community\.general 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/10028](https\://github\.com/ansible\-collections/community\.general/pull/10028)\)\.
+* stackpath\_compute inventory plugin \- plugin is deprecated and will be removed in community\.general 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/10026](https\://github\.com/ansible\-collections/community\.general/pull/10026)\)\.
+
+<a id="bugfixes-3"></a>
+### Bugfixes
+
+* dependent look plugin \- make compatible with ansible\-core\'s Data Tagging feature \([https\://github\.com/ansible\-collections/community\.general/pull/9833](https\://github\.com/ansible\-collections/community\.general/pull/9833)\)\.
+* diy callback plugin \- make compatible with ansible\-core\'s Data Tagging feature \([https\://github\.com/ansible\-collections/community\.general/pull/9833](https\://github\.com/ansible\-collections/community\.general/pull/9833)\)\.
+* github\_deploy\_key \- check that key really exists on 422 to avoid masking other errors \([https\://github\.com/ansible\-collections/community\.general/issues/6718](https\://github\.com/ansible\-collections/community\.general/issues/6718)\, [https\://github\.com/ansible\-collections/community\.general/pull/10011](https\://github\.com/ansible\-collections/community\.general/pull/10011)\)\.
+* hashids and unicode\_normalize filter plugins \- avoid deprecated <code>AnsibleFilterTypeError</code> on ansible\-core 2\.19 \([https\://github\.com/ansible\-collections/community\.general/pull/9992](https\://github\.com/ansible\-collections/community\.general/pull/9992)\)\.
+* homebrew \- emit a useful error message if <code>brew info</code> reports a package tap is <code>null</code> \([https\://github\.com/ansible\-collections/community\.general/pull/10013](https\://github\.com/ansible\-collections/community\.general/pull/10013)\, [https\://github\.com/ansible\-collections/community\.general/issues/10012](https\://github\.com/ansible\-collections/community\.general/issues/10012)\)\.
+* java\_cert \- the module no longer fails if the optional parameters <code>pkcs12\_alias</code> and <code>cert\_alias</code> are not provided \([https\://github\.com/ansible\-collections/community\.general/pull/9970](https\://github\.com/ansible\-collections/community\.general/pull/9970)\)\.
+* keycloak\_authentication \- fix authentification config duplication for Keycloak \< 26\.2\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/9987](https\://github\.com/ansible\-collections/community\.general/pull/9987)\)\.
+* keycloak\_client \- fix the idempotency regression by normalizing the Keycloak response for <code>after\_client</code> \([https\://github\.com/ansible\-collections/community\.general/issues/9905](https\://github\.com/ansible\-collections/community\.general/issues/9905)\, [https\://github\.com/ansible\-collections/community\.general/pull/9976](https\://github\.com/ansible\-collections/community\.general/pull/9976)\)\.
+* proxmox inventory plugin \- fix <code>ansible\_host</code> staying empty for certain Proxmox nodes \([https\://github\.com/ansible\-collections/community\.general/issues/5906](https\://github\.com/ansible\-collections/community\.general/issues/5906)\, [https\://github\.com/ansible\-collections/community\.general/pull/9952](https\://github\.com/ansible\-collections/community\.general/pull/9952)\)\.
+* proxmox\_disk \- fail gracefully if <code>storage</code> is required but not provided by the user \([https\://github\.com/ansible\-collections/community\.general/issues/9941](https\://github\.com/ansible\-collections/community\.general/issues/9941)\, [https\://github\.com/ansible\-collections/community\.general/pull/9963](https\://github\.com/ansible\-collections/community\.general/pull/9963)\)\.
+* reveal\_ansible\_type filter plugin and ansible\_type test plugin \- make compatible with ansible\-core\'s Data Tagging feature \([https\://github\.com/ansible\-collections/community\.general/pull/9833](https\://github\.com/ansible\-collections/community\.general/pull/9833)\)\.
+* sysrc \- no longer always reporting <code>changed\=true</code> when <code>state\=absent</code>\. This fixes the method <code>exists\(\)</code> \([https\://github\.com/ansible\-collections/community\.general/issues/10004](https\://github\.com/ansible\-collections/community\.general/issues/10004)\, [https\://github\.com/ansible\-collections/community\.general/pull/10005](https\://github\.com/ansible\-collections/community\.general/pull/10005)\)\.
+* yaml callback plugin \- use ansible\-core internals to avoid breakage with Data Tagging \([https\://github\.com/ansible\-collections/community\.general/pull/9833](https\://github\.com/ansible\-collections/community\.general/pull/9833)\)\.
+
+<a id="known-issues"></a>
+### Known Issues
+
+* reveal\_ansible\_type filter plugin and ansible\_type test plugin \- note that ansible\-core\'s Data Tagging feature implements new aliases\, such as <code>\_AnsibleTaggedStr</code> for <code>str</code>\, <code>\_AnsibleTaggedInt</code> for <code>int</code>\, and <code>\_AnsibleTaggedFloat</code> for <code>float</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9833](https\://github\.com/ansible\-collections/community\.general/pull/9833)\)\.
+
+<a id="new-plugins-1"></a>
+### New Plugins
+
+<a id="connection"></a>
+#### Connection
+
+* community\.general\.wsl \- Run tasks in WSL distribution using wsl\.exe CLI via SSH\.
+
+<a id="v10-5-0"></a>
+## v10\.5\.0
+
+<a id="release-summary-4"></a>
+### Release Summary
+
+Regular bugfix and feature release\.
+
+<a id="minor-changes-3"></a>
+### Minor Changes
+
+* CmdRunner module utils \- the convenience method <code>cmd\_runner\_fmt\.as\_fixed\(\)</code> now accepts multiple arguments as a list \([https\://github\.com/ansible\-collections/community\.general/pull/9893](https\://github\.com/ansible\-collections/community\.general/pull/9893)\)\.
+* apache2\_mod\_proxy \- code simplification\, no change in functionality \([https\://github\.com/ansible\-collections/community\.general/pull/9457](https\://github\.com/ansible\-collections/community\.general/pull/9457)\)\.
+* consul\_token \- fix idempotency when <code>policies</code> or <code>roles</code> are supplied by name \([https\://github\.com/ansible\-collections/community\.general/issues/9841](https\://github\.com/ansible\-collections/community\.general/issues/9841)\, [https\://github\.com/ansible\-collections/community\.general/pull/9845](https\://github\.com/ansible\-collections/community\.general/pull/9845)\)\.
+* keycloak\_realm \- remove ID requirement when creating a realm to allow Keycloak generating its own realm ID \([https\://github\.com/ansible\-collections/community\.general/pull/9768](https\://github\.com/ansible\-collections/community\.general/pull/9768)\)\.
+* nmap inventory plugin \- adds <code>dns\_servers</code> option for specifying DNS servers for name resolution\. Accepts hostnames or IP addresses in the same format as the <code>exclude</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/9849](https\://github\.com/ansible\-collections/community\.general/pull/9849)\)\.
+* proxmox\_kvm \- add missing audio hardware device handling \([https\://github\.com/ansible\-collections/community\.general/issues/5192](https\://github\.com/ansible\-collections/community\.general/issues/5192)\, [https\://github\.com/ansible\-collections/community\.general/pull/9847](https\://github\.com/ansible\-collections/community\.general/pull/9847)\)\.
+* redfish\_config \- add command <code>SetPowerRestorePolicy</code> to set the desired power state of the system when power is restored \([https\://github\.com/ansible\-collections/community\.general/pull/9837](https\://github\.com/ansible\-collections/community\.general/pull/9837)\)\.
+* redfish\_info \- add command <code>GetPowerRestorePolicy</code> to get the desired power state of the system when power is restored \([https\://github\.com/ansible\-collections/community\.general/pull/9824](https\://github\.com/ansible\-collections/community\.general/pull/9824)\)\.
+* rocketchat \- option <code>is\_pre740</code> has been added to control the format of the payload\. For Rocket\.Chat 7\.4\.0 or newer\, it must be set to <code>false</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9882](https\://github\.com/ansible\-collections/community\.general/pull/9882)\)\.
+* slack callback plugin \- add <code>http\_agent</code> option to enable the user to set a custom user agent for slack callback plugin \([https\://github\.com/ansible\-collections/community\.general/issues/9813](https\://github\.com/ansible\-collections/community\.general/issues/9813)\, [https\://github\.com/ansible\-collections/community\.general/pull/9836](https\://github\.com/ansible\-collections/community\.general/pull/9836)\)\.
+* systemd\_info \- add wildcard expression support in <code>unitname</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/9821](https\://github\.com/ansible\-collections/community\.general/pull/9821)\)\.
+* systemd\_info \- extend support to timer units \([https\://github\.com/ansible\-collections/community\.general/pull/9891](https\://github\.com/ansible\-collections/community\.general/pull/9891)\)\.
+* vmadm \- add new options <code>flexible\_disk\_size</code> and <code>owner\_uuid</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9892](https\://github\.com/ansible\-collections/community\.general/pull/9892)\)\.
+
+<a id="bugfixes-4"></a>
+### Bugfixes
+
+* cloudlare\_dns \- handle exhausted response stream in case of HTTP errors to show nice error message to the user \([https\://github\.com/ansible\-collections/community\.general/issues/9782](https\://github\.com/ansible\-collections/community\.general/issues/9782)\, [https\://github\.com/ansible\-collections/community\.general/pull/9818](https\://github\.com/ansible\-collections/community\.general/pull/9818)\)\.
+* dnf\_versionlock \- add support for dnf5 \([https\://github\.com/ansible\-collections/community\.general/issues/9556](https\://github\.com/ansible\-collections/community\.general/issues/9556)\)\.
+* homebrew \- fix crash when package names include tap \([https\://github\.com/ansible\-collections/community\.general/issues/9777](https\://github\.com/ansible\-collections/community\.general/issues/9777)\, [https\://github\.com/ansible\-collections/community\.general/pull/9803](https\://github\.com/ansible\-collections/community\.general/pull/9803)\)\.
+* homebrew\_cask \- handle unusual brew version strings \([https\://github\.com/ansible\-collections/community\.general/issues/8432](https\://github\.com/ansible\-collections/community\.general/issues/8432)\, [https\://github\.com/ansible\-collections/community\.general/pull/9881](https\://github\.com/ansible\-collections/community\.general/pull/9881)\)\.
+* nmcli \- enable changing only the order of DNS servers or search suffixes \([https\://github\.com/ansible\-collections/community\.general/issues/8724](https\://github\.com/ansible\-collections/community\.general/issues/8724)\, [https\://github\.com/ansible\-collections/community\.general/pull/9880](https\://github\.com/ansible\-collections/community\.general/pull/9880)\)\.
+* proxmox \- add missing key selection of <code>\'status\'</code> key to <code>get\_lxc\_status</code> \([https\://github\.com/ansible\-collections/community\.general/issues/9696](https\://github\.com/ansible\-collections/community\.general/issues/9696)\, [https\://github\.com/ansible\-collections/community\.general/pull/9809](https\://github\.com/ansible\-collections/community\.general/pull/9809)\)\.
+* proxmox\_vm\_info \- the module no longer expects that the key <code>template</code> exists in a dictionary returned by Proxmox \([https\://github\.com/ansible\-collections/community\.general/issues/9875](https\://github\.com/ansible\-collections/community\.general/issues/9875)\, [https\://github\.com/ansible\-collections/community\.general/pull/9910](https\://github\.com/ansible\-collections/community\.general/pull/9910)\)\.
+* sudoers \- display stdout and stderr raised while failed validation \([https\://github\.com/ansible\-collections/community\.general/issues/9674](https\://github\.com/ansible\-collections/community\.general/issues/9674)\, [https\://github\.com/ansible\-collections/community\.general/pull/9871](https\://github\.com/ansible\-collections/community\.general/pull/9871)\)\.
+
+<a id="new-modules-1"></a>
+### New Modules
+
+* community\.general\.pacemaker\_resource \- Manage pacemaker resources\.
+
+<a id="v10-4-0"></a>
+## v10\.4\.0
+
+<a id="release-summary-5"></a>
+### Release Summary
+
+Regular bugfix and feature release\.
+
+<a id="minor-changes-4"></a>
+### Minor Changes
+
+* bitwarden lookup plugin \- add new option <code>collection\_name</code> to filter results by collection name\, and new option <code>result\_count</code> to validate number of results \([https\://github\.com/ansible\-collections/community\.general/pull/9728](https\://github\.com/ansible\-collections/community\.general/pull/9728)\)\.
+* incus connection plugin \- adds <code>remote\_user</code> and <code>incus\_become\_method</code> parameters for allowing a non\-root user to connect to an Incus instance \([https\://github\.com/ansible\-collections/community\.general/pull/9743](https\://github\.com/ansible\-collections/community\.general/pull/9743)\)\.
+* iocage inventory plugin \- the new parameter <code>hooks\_results</code> of the plugin is a list of files inside a jail that provide configuration parameters for the inventory\. The inventory plugin reads the files from the jails and put the contents into the items of created variable <code>iocage\_hooks</code> \([https\://github\.com/ansible\-collections/community\.general/issues/9650](https\://github\.com/ansible\-collections/community\.general/issues/9650)\, [https\://github\.com/ansible\-collections/community\.general/pull/9651](https\://github\.com/ansible\-collections/community\.general/pull/9651)\)\.
+* jira \- adds <code>client\_cert</code> and <code>client\_key</code> parameters for supporting client certificate authentification when connecting to Jira \([https\://github\.com/ansible\-collections/community\.general/pull/9753](https\://github\.com/ansible\-collections/community\.general/pull/9753)\)\.
+* lldp \- adds <code>multivalues</code> parameter to control behavior when lldpctl outputs an attribute multiple times \([https\://github\.com/ansible\-collections/community\.general/pull/9657](https\://github\.com/ansible\-collections/community\.general/pull/9657)\)\.
+* lvg \- add <code>remove\_extra\_pvs</code> parameter to control if ansible should remove physical volumes which are not in the <code>pvs</code> parameter \([https\://github\.com/ansible\-collections/community\.general/pull/9698](https\://github\.com/ansible\-collections/community\.general/pull/9698)\)\.
+* lxd connection plugin \- adds <code>remote\_user</code> and <code>lxd\_become\_method</code> parameters for allowing a non\-root user to connect to an LXD instance \([https\://github\.com/ansible\-collections/community\.general/pull/9659](https\://github\.com/ansible\-collections/community\.general/pull/9659)\)\.
+* nmcli \- adds VRF support with new <code>type</code> value <code>vrf</code> and new <code>slave\_type</code> value <code>vrf</code> as well as new <code>table</code> parameter \([https\://github\.com/ansible\-collections/community\.general/pull/9658](https\://github\.com/ansible\-collections/community\.general/pull/9658)\, [https\://github\.com/ansible\-collections/community\.general/issues/8014](https\://github\.com/ansible\-collections/community\.general/issues/8014)\)\.
+* proxmox\_kvm \- allow hibernation and suspending of VMs \([https\://github\.com/ansible\-collections/community\.general/issues/9620](https\://github\.com/ansible\-collections/community\.general/issues/9620)\, [https\://github\.com/ansible\-collections/community\.general/pull/9653](https\://github\.com/ansible\-collections/community\.general/pull/9653)\)\.
+* redfish\_command \- add <code>PowerFullPowerCycle</code> to power command options \([https\://github\.com/ansible\-collections/community\.general/pull/9729](https\://github\.com/ansible\-collections/community\.general/pull/9729)\)\.
+* ssh\_config \- add <code>other\_options</code> option \([https\://github\.com/ansible\-collections/community\.general/issues/8053](https\://github\.com/ansible\-collections/community\.general/issues/8053)\, [https\://github\.com/ansible\-collections/community\.general/pull/9684](https\://github\.com/ansible\-collections/community\.general/pull/9684)\)\.
+* xen\_orchestra inventory plugin \- add <code>use\_vm\_uuid</code> and <code>use\_host\_uuid</code> boolean options to allow switching over to using VM/Xen name labels instead of UUIDs as item names \([https\://github\.com/ansible\-collections/community\.general/pull/9787](https\://github\.com/ansible\-collections/community\.general/pull/9787)\)\.
+
+<a id="deprecated-features-3"></a>
+### Deprecated Features
+
+* profitbricks \- module is deprecated and will be removed in community\.general 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/9733](https\://github\.com/ansible\-collections/community\.general/pull/9733)\)\.
+* profitbricks\_datacenter \- module is deprecated and will be removed in community\.general 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/9733](https\://github\.com/ansible\-collections/community\.general/pull/9733)\)\.
+* profitbricks\_nic \- module is deprecated and will be removed in community\.general 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/9733](https\://github\.com/ansible\-collections/community\.general/pull/9733)\)\.
+* profitbricks\_volume \- module is deprecated and will be removed in community\.general 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/9733](https\://github\.com/ansible\-collections/community\.general/pull/9733)\)\.
+* profitbricks\_volume\_attachments \- module is deprecated and will be removed in community\.general 11\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/9733](https\://github\.com/ansible\-collections/community\.general/pull/9733)\)\.
+
+<a id="bugfixes-5"></a>
+### Bugfixes
+
+* apache2\_mod\_proxy \- make compatible with Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/9762](https\://github\.com/ansible\-collections/community\.general/pull/9762)\)\.
+* apache2\_mod\_proxy \- passing the cluster\'s page as referer for the member\'s pages\. This makes the module actually work again for halfway modern Apache versions\. According to some comments founds on the net the referer was required since at least 2019 for some versions of Apache 2 \([https\://github\.com/ansible\-collections/community\.general/pull/9762](https\://github\.com/ansible\-collections/community\.general/pull/9762)\)\.
+* elasticsearch\_plugin \- fix <code>ERROR\: D is not a recognized option</code> issue when configuring proxy settings \([https\://github\.com/ansible\-collections/community\.general/pull/9774](https\://github\.com/ansible\-collections/community\.general/pull/9774)\, [https\://github\.com/ansible\-collections/community\.general/issues/9773](https\://github\.com/ansible\-collections/community\.general/issues/9773)\)\.
+* ipa\_host \- module revoked existing host certificates even if <code>user\_certificate</code> was not given \([https\://github\.com/ansible\-collections/community\.general/pull/9694](https\://github\.com/ansible\-collections/community\.general/pull/9694)\)\.
+* keycloak\_client \- in check mode\, detect whether the lists in before client \(for example redirect URI list\) contain items that the lists in the desired client do not contain \([https\://github\.com/ansible\-collections/community\.general/pull/9739](https\://github\.com/ansible\-collections/community\.general/pull/9739)\)\.
+* lldp \- fix crash caused by certain lldpctl output where an attribute is defined as branch and leaf \([https\://github\.com/ansible\-collections/community\.general/pull/9657](https\://github\.com/ansible\-collections/community\.general/pull/9657)\)\.
+* onepassword\_doc lookup plugin \- ensure that 1Password Connect support also works for this plugin \([https\://github\.com/ansible\-collections/community\.general/pull/9625](https\://github\.com/ansible\-collections/community\.general/pull/9625)\)\.
+* passwordstore lookup plugin \- fix subkey creation even when <code>create\=false</code> \([https\://github\.com/ansible\-collections/community\.general/issues/9105](https\://github\.com/ansible\-collections/community\.general/issues/9105)\, [https\://github\.com/ansible\-collections/community\.general/pull/9106](https\://github\.com/ansible\-collections/community\.general/pull/9106)\)\.
+* proxmox inventory plugin \- plugin did not update cache correctly after <code>meta\: refresh\_inventory</code> \([https\://github\.com/ansible\-collections/community\.general/issues/9710](https\://github\.com/ansible\-collections/community\.general/issues/9710)\, [https\://github\.com/ansible\-collections/community\.general/pull/9760](https\://github\.com/ansible\-collections/community\.general/pull/9760)\)\.
+* redhat\_subscription \- use the \"enable\_content\" option \(when available\) when
+  registering using D\-Bus\, to ensure that subscription\-manager enables the
+  content on registration\; this is particular important on EL 10\+ and Fedora
+  41\+
+  \([https\://github\.com/ansible\-collections/community\.general/pull/9778](https\://github\.com/ansible\-collections/community\.general/pull/9778)\)\.
+* zfs \- fix handling of multi\-line values of user\-defined ZFS properties \([https\://github\.com/ansible\-collections/community\.general/pull/6264](https\://github\.com/ansible\-collections/community\.general/pull/6264)\)\.
+* zfs\_facts \- parameter <code>type</code> now accepts multple values as documented \([https\://github\.com/ansible\-collections/community\.general/issues/5909](https\://github\.com/ansible\-collections/community\.general/issues/5909)\, [https\://github\.com/ansible\-collections/community\.general/pull/9697](https\://github\.com/ansible\-collections/community\.general/pull/9697)\)\.
+
+<a id="new-modules-2"></a>
+### New Modules
+
+* community\.general\.systemd\_info \- Gather C\(systemd\) unit info\.
+
+<a id="v10-3-1"></a>
+## v10\.3\.1
+
+<a id="release-summary-6"></a>
+### Release Summary
+
+Bugfix release\.
+
+<a id="minor-changes-5"></a>
+### Minor Changes
+
 * onepassword\_ssh\_key \- refactor to move code to lookup class \([https\://github\.com/ansible\-collections/community\.general/pull/9633](https\://github\.com/ansible\-collections/community\.general/pull/9633)\)\.

-<a id="bugfixes"></a>
+<a id="bugfixes-6"></a>
 ### Bugfixes

 * cloudflare\_dns \- fix crash when deleting a DNS record or when updating a record with <code>solo\=true</code> \([https\://github\.com/ansible\-collections/community\.general/issues/9652](https\://github\.com/ansible\-collections/community\.general/issues/9652)\, [https\://github\.com/ansible\-collections/community\.general/pull/9649](https\://github\.com/ansible\-collections/community\.general/pull/9649)\)\.
@@ -78,12 +395,12 @@ Bugfix release\.
 <a id="v10-3-0"></a>
 ## v10\.3\.0

-<a id="release-summary-1"></a>
+<a id="release-summary-7"></a>
 ### Release Summary

 Regular bugfix and feature release\.

-<a id="minor-changes-1"></a>
+<a id="minor-changes-6"></a>
 ### Minor Changes

 * MH module utils \- delegate <code>debug</code> to the underlying <code>AnsibleModule</code> instance or issues a warning if an attribute already exists with that name \([https\://github\.com/ansible\-collections/community\.general/pull/9577](https\://github\.com/ansible\-collections/community\.general/pull/9577)\)\.
@@ -206,7 +523,7 @@ Regular bugfix and feature release\.
 * yaml callback plugin \- adjust standard preamble for Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/9583](https\://github\.com/ansible\-collections/community\.general/pull/9583)\)\.
 * zone connection plugin \- adjust standard preamble for Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/9584](https\://github\.com/ansible\-collections/community\.general/pull/9584)\)\.

-<a id="deprecated-features"></a>
+<a id="deprecated-features-4"></a>
 ### Deprecated Features

 * MH module utils \- attribute <code>debug</code> definition in subclasses of MH is now deprecated\, as that name will become a delegation to <code>AnsibleModule</code> in community\.general 12\.0\.0\, and any such attribute will be overridden by that delegation in that version \([https\://github\.com/ansible\-collections/community\.general/pull/9577](https\://github\.com/ansible\-collections/community\.general/pull/9577)\)\.
@@ -217,7 +534,7 @@ Regular bugfix and feature release\.

 * keycloak\_client \- Sanitize <code>saml\.encryption\.private\.key</code> so it does not show in the logs \([https\://github\.com/ansible\-collections/community\.general/pull/9621](https\://github\.com/ansible\-collections/community\.general/pull/9621)\)\.

-<a id="bugfixes-1"></a>
+<a id="bugfixes-7"></a>
 ### Bugfixes

 * homebrew \- fix incorrect handling of homebrew modules when a tap is requested \([https\://github\.com/ansible\-collections/community\.general/pull/9546](https\://github\.com/ansible\-collections/community\.general/pull/9546)\, [https\://github\.com/ansible\-collections/community\.general/issues/9533](https\://github\.com/ansible\-collections/community\.general/issues/9533)\)\.
@@ -233,15 +550,15 @@ Regular bugfix and feature release\.
  thus unsubscribing will fail
  \([https\://github\.com/ansible\-collections/community\.general/pull/9578](https\://github\.com/ansible\-collections/community\.general/pull/9578)\)\.

-<a id="new-plugins"></a>
+<a id="new-plugins-2"></a>
 ### New Plugins

-<a id="connection"></a>
+<a id="connection-1"></a>
 #### Connection

 * community\.general\.proxmox\_pct\_remote \- Run tasks in Proxmox LXC container instances using pct CLI via SSH\.

-<a id="filter"></a>
+<a id="filter-1"></a>
 #### Filter

 * community\.general\.json\_diff \- Create a JSON patch by comparing two JSON files\.
@@ -253,7 +570,7 @@ Regular bugfix and feature release\.

 * community\.general\.onepassword\_ssh\_key \- Fetch SSH keys stored in 1Password\.

-<a id="new-modules"></a>
+<a id="new-modules-3"></a>
 ### New Modules

 * community\.general\.proxmox\_backup\_info \- Retrieve information on Proxmox scheduled backups\.
@@ -261,12 +578,12 @@ Regular bugfix and feature release\.
 <a id="v10-2-0"></a>
 ## v10\.2\.0

-<a id="release-summary-2"></a>
+<a id="release-summary-8"></a>
 ### Release Summary

 Regular bugfix and feature release\.

-<a id="minor-changes-2"></a>
+<a id="minor-changes-7"></a>
 ### Minor Changes

 * bitwarden lookup plugin \- use f\-strings instead of interpolations or <code>format</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9324](https\://github\.com/ansible\-collections/community\.general/pull/9324)\)\.
@@ -397,7 +714,7 @@ Regular bugfix and feature release\.
 * zypper \- add <code>quiet</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/9270](https\://github\.com/ansible\-collections/community\.general/pull/9270)\)\.
 * zypper \- add <code>simple\_errors</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/9270](https\://github\.com/ansible\-collections/community\.general/pull/9270)\)\.

-<a id="deprecated-features-1"></a>
+<a id="deprecated-features-5"></a>
 ### Deprecated Features

 * atomic\_container \- module is deprecated and will be removed in community\.general 13\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/9487](https\://github\.com/ansible\-collections/community\.general/pull/9487)\)\.
@@ -420,7 +737,7 @@ Regular bugfix and feature release\.

 * keycloak\_authentication \- API calls did not properly set the <code>priority</code> during update resulting in incorrectly sorted authentication flows\. This apparently only affects Keycloak 25 or newer \([https\://github\.com/ansible\-collections/community\.general/pull/9263](https\://github\.com/ansible\-collections/community\.general/pull/9263)\)\.

-<a id="bugfixes-2"></a>
+<a id="bugfixes-8"></a>
 ### Bugfixes

 * dig lookup plugin \- correctly handle <code>NoNameserver</code> exception \([https\://github\.com/ansible\-collections/community\.general/pull/9363](https\://github\.com/ansible\-collections/community\.general/pull/9363)\, [https\://github\.com/ansible\-collections/community\.general/issues/9362](https\://github\.com/ansible\-collections/community\.general/issues/9362)\)\.
@@ -432,7 +749,7 @@ Regular bugfix and feature release\.
 * qubes connection plugin \- fix the printing of debug information \([https\://github\.com/ansible\-collections/community\.general/pull/9334](https\://github\.com/ansible\-collections/community\.general/pull/9334)\)\.
 * redfish\_utils module utils \- Fix <code>VerifyBiosAttributes</code> command on multi system resource nodes \([https\://github\.com/ansible\-collections/community\.general/pull/9234](https\://github\.com/ansible\-collections/community\.general/pull/9234)\)\.

-<a id="new-plugins-1"></a>
+<a id="new-plugins-3"></a>
 ### New Plugins

 <a id="inventory"></a>
@@ -440,7 +757,7 @@ Regular bugfix and feature release\.

 * community\.general\.iocage \- iocage inventory source\.

-<a id="new-modules-1"></a>
+<a id="new-modules-4"></a>
 ### New Modules

 * community\.general\.android\_sdk \- Manages Android SDK packages\.
@@ -451,12 +768,12 @@ Regular bugfix and feature release\.
 <a id="v10-1-0"></a>
 ## v10\.1\.0

-<a id="release-summary-3"></a>
+<a id="release-summary-9"></a>
 ### Release Summary

 Regular bugfix and feature release\.

-<a id="minor-changes-3"></a>
+<a id="minor-changes-8"></a>
 ### Minor Changes

 * alternatives \- add <code>family</code> parameter that allows to utilize the <code>\-\-family</code> option available in RedHat version of update\-alternatives \([https\://github\.com/ansible\-collections/community\.general/issues/5060](https\://github\.com/ansible\-collections/community\.general/issues/5060)\, [https\://github\.com/ansible\-collections/community\.general/pull/9096](https\://github\.com/ansible\-collections/community\.general/pull/9096)\)\.
@@ -477,13 +794,13 @@ Regular bugfix and feature release\.
 * scaleway\_lb \- minor simplification in the code \([https\://github\.com/ansible\-collections/community\.general/pull/9189](https\://github\.com/ansible\-collections/community\.general/pull/9189)\)\.
 * ssh\_config \- add <code>dynamicforward</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/9192](https\://github\.com/ansible\-collections/community\.general/pull/9192)\)\.

-<a id="deprecated-features-2"></a>
+<a id="deprecated-features-6"></a>
 ### Deprecated Features

 * opkg \- deprecate value <code>\"\"</code> for parameter <code>force</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9172](https\://github\.com/ansible\-collections/community\.general/pull/9172)\)\.
 * redfish\_utils module utils \- deprecate method <code>RedfishUtils\.\_init\_session\(\)</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9190](https\://github\.com/ansible\-collections/community\.general/pull/9190)\)\.

-<a id="bugfixes-3"></a>
+<a id="bugfixes-9"></a>
 ### Bugfixes

 * dnf\_config\_manager \- fix hanging when prompting to import GPG keys \([https\://github\.com/ansible\-collections/community\.general/pull/9124](https\://github\.com/ansible\-collections/community\.general/pull/9124)\, [https\://github\.com/ansible\-collections/community\.general/issues/8830](https\://github\.com/ansible\-collections/community\.general/issues/8830)\)\.
@@ -495,15 +812,15 @@ Regular bugfix and feature release\.
 * keycloak\_clientscope\_type \- sort the default and optional clientscope lists to improve the diff \([https\://github\.com/ansible\-collections/community\.general/pull/9202](https\://github\.com/ansible\-collections/community\.general/pull/9202)\)\.
 * slack \- fail if Slack API response is not OK with error message \([https\://github\.com/ansible\-collections/community\.general/pull/9198](https\://github\.com/ansible\-collections/community\.general/pull/9198)\)\.

-<a id="new-plugins-2"></a>
+<a id="new-plugins-4"></a>
 ### New Plugins

-<a id="filter-1"></a>
+<a id="filter-2"></a>
 #### Filter

 * community\.general\.accumulate \- Produce a list of accumulated sums of the input list contents\.

-<a id="new-modules-2"></a>
+<a id="new-modules-5"></a>
 ### New Modules

 * community\.general\.decompress \- Decompresses compressed files\.
@@ -512,12 +829,12 @@ Regular bugfix and feature release\.
 <a id="v10-0-1"></a>
 ## v10\.0\.1

-<a id="release-summary-4"></a>
+<a id="release-summary-10"></a>
 ### Release Summary

 Bugfix release for inclusion in Ansible 11\.0\.0rc1\.

-<a id="bugfixes-4"></a>
+<a id="bugfixes-10"></a>
 ### Bugfixes

 * keycloak\_client \- fix diff by removing code that turns the attributes dict which contains additional settings into a list \([https\://github\.com/ansible\-collections/community\.general/pull/9077](https\://github\.com/ansible\-collections/community\.general/pull/9077)\)\.
@@ -527,12 +844,12 @@ Bugfix release for inclusion in Ansible 11\.0\.0rc1\.
 <a id="v10-0-0"></a>
 ## v10\.0\.0

-<a id="release-summary-5"></a>
+<a id="release-summary-11"></a>
 ### Release Summary

 This is release 10\.0\.0 of <code>community\.general</code>\, released on 2024\-11\-04\.

-<a id="minor-changes-4"></a>
+<a id="minor-changes-9"></a>
 ### Minor Changes

 * CmdRunner module util \- argument formats can be specified as plain functions without calling <code>cmd\_runner\_fmt\.as\_func\(\)</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8479](https\://github\.com/ansible\-collections/community\.general/pull/8479)\)\.
@@ -737,7 +1054,7 @@ This is release 10\.0\.0 of <code>community\.general</code>\, released on 2024\-
 * irc \- the defaults of <code>use\_tls</code> and <code>validate\_certs</code> changed from <code>false</code> to <code>true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8918](https\://github\.com/ansible\-collections/community\.general/pull/8918)\)\.
 * rhsm\_repository \- the states <code>present</code> and <code>absent</code> have been removed\. Use <code>enabled</code> and <code>disabled</code> instead \([https\://github\.com/ansible\-collections/community\.general/pull/8918](https\://github\.com/ansible\-collections/community\.general/pull/8918)\)\.

-<a id="deprecated-features-3"></a>
+<a id="deprecated-features-7"></a>
 ### Deprecated Features

 * CmdRunner module util \- setting the value of the <code>ignore\_none</code> parameter within a <code>CmdRunner</code> context is deprecated and that feature should be removed in community\.general 12\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/8479](https\://github\.com/ansible\-collections/community\.general/pull/8479)\)\.
@@ -762,7 +1079,7 @@ This is release 10\.0\.0 of <code>community\.general</code>\, released on 2024\-
 * proxmox\_kvm \- removed the <code>proxmox\_default\_behavior</code> option\. Explicitly specify the old default values if you were using <code>proxmox\_default\_behavior\=compatibility</code>\, otherwise simply remove it \([https\://github\.com/ansible\-collections/community\.general/pull/8918](https\://github\.com/ansible\-collections/community\.general/pull/8918)\)\.
 * redhat\_subscriptions \- removed the <code>pool</code> option\. Use <code>pool\_ids</code> instead \([https\://github\.com/ansible\-collections/community\.general/pull/8918](https\://github\.com/ansible\-collections/community\.general/pull/8918)\)\.

-<a id="bugfixes-5"></a>
+<a id="bugfixes-11"></a>
 ### Bugfixes

 * bitwarden lookup plugin \- fix <code>KeyError</code> in <code>search\_field</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8549](https\://github\.com/ansible\-collections/community\.general/issues/8549)\, [https\://github\.com/ansible\-collections/community\.general/pull/8557](https\://github\.com/ansible\-collections/community\.general/pull/8557)\)\.
@@ -842,15 +1159,15 @@ This is release 10\.0\.0 of <code>community\.general</code>\, released on 2024\-
 * snap\_alias \- use new <code>VarDict</code> to prevent deprecation warning \([https\://github\.com/ansible\-collections/community\.general/issues/8410](https\://github\.com/ansible\-collections/community\.general/issues/8410)\, [https\://github\.com/ansible\-collections/community\.general/pull/8411](https\://github\.com/ansible\-collections/community\.general/pull/8411)\)\.
 * udm\_user \- the module now tries to use <code>legacycrypt</code> on Python 3\.13\+ \([https\://github\.com/ansible\-collections/community\.general/issues/4690](https\://github\.com/ansible\-collections/community\.general/issues/4690)\, [https\://github\.com/ansible\-collections/community\.general/pull/8987](https\://github\.com/ansible\-collections/community\.general/pull/8987)\)\.

-<a id="known-issues"></a>
+<a id="known-issues-1"></a>
 ### Known Issues

 * jenkins\_node \- the module is not able to update offline message when node is already offline due to internally using toggleOffline API \([https\://github\.com/ansible\-collections/community\.general/pull/9084](https\://github\.com/ansible\-collections/community\.general/pull/9084)\)\.

-<a id="new-plugins-3"></a>
+<a id="new-plugins-5"></a>
 ### New Plugins

-<a id="filter-2"></a>
+<a id="filter-3"></a>
 #### Filter

 * community\.general\.keep\_keys \- Keep specific keys from dictionaries in a list\.
@@ -863,7 +1180,7 @@ This is release 10\.0\.0 of <code>community\.general</code>\, released on 2024\-

 * community\.general\.ansible\_type \- Validate input type\.

-<a id="new-modules-3"></a>
+<a id="new-modules-6"></a>
 ### New Modules

 * community\.general\.bootc\_manage \- Bootc Switch and Upgrade\.
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -6,6 +6,287 @@ Community General Release Notes

 This changelog describes changes after version 9.0.0.

+v10.7.2
+=======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- dependent lookup plugin - avoid deprecated ansible-core 2.19 functionality (https://github.com/ansible-collections/community.general/pull/10359).
+- github_release - support multiple types of GitHub tokens; no longer failing when ``ghs_`` token type is provided (https://github.com/ansible-collections/community.general/issues/10338, https://github.com/ansible-collections/community.general/pull/10339).
+- icinga2 inventory plugin - avoid using deprecated option when templating options (https://github.com/ansible-collections/community.general/pull/10271).
+- incus connection plugin - fix error handling to return more useful Ansible errors to the user (https://github.com/ansible-collections/community.general/issues/10344, https://github.com/ansible-collections/community.general/pull/10349).
+- linode inventory plugin - avoid using deprecated option when templating options (https://github.com/ansible-collections/community.general/pull/10271).
+- logstash callback plugin - remove reference to Python 2 library (https://github.com/ansible-collections/community.general/pull/10345).
+
+v10.7.1
+=======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Minor Changes
+-------------
+
+- git_config - remove redundant ``required=False`` from ``argument_spec`` (https://github.com/ansible-collections/community.general/pull/10177).
+- proxmox_snap - correctly handle proxmox_snap timeout parameter (https://github.com/ansible-collections/community.proxmox/issues/73, https://github.com/ansible-collections/community.proxmox/issues/95, https://github.com/ansible-collections/community.general/pull/10176).
+
+Deprecated Features
+-------------------
+
+- yaml callback plugin - the YAML callback plugin was deprecated for removal in community.general 13.0.0. Since it needs to use ansible-core internals since ansible-core 2.19 that are changing a lot, we will remove this plugin already from community.general 12.0.0 to ease the maintenance burden (https://github.com/ansible-collections/community.general/pull/10213).
+
+Bugfixes
+--------
+
+- cobbler_system - update minimum version number to avoid wrong comparisons that happen in some cases using LooseVersion class which results in TypeError (https://github.com/ansible-collections/community.general/issues/8506, https://github.com/ansible-collections/community.general/pull/10145, https://github.com/ansible-collections/community.general/pull/10178).
+- gitlab_group_access_token, gitlab_project_access_token - fix handling of group and project access tokens for changes in GitLab 17.10 (https://github.com/ansible-collections/community.general/pull/10196).
+- keycloak - update more than 10 sub-groups (https://github.com/ansible-collections/community.general/issues/9690, https://github.com/ansible-collections/community.general/pull/9692).
+- yaml callback plugin - adjust to latest changes in ansible-core devel (https://github.com/ansible-collections/community.general/pull/10212).
+- yaml callback plugin - when using ansible-core 2.19.0b2 or newer, uses a new utility provided by ansible-core. This allows us to remove all hacks and vendored code that was part of the plugin for ansible-core versions with Data Tagging so far (https://github.com/ansible-collections/community.general/pull/10242).
+- zypper_repository - make compatible with Python 3.12+ (https://github.com/ansible-collections/community.general/issues/10222, https://github.com/ansible-collections/community.general/pull/10223).
+- zypper_repository - use ``metalink`` attribute to identify repositories without ``<url/>`` element (https://github.com/ansible-collections/community.general/issues/10224, https://github.com/ansible-collections/community.general/pull/10225).
+
+v10.7.0
+=======
+
+Release Summary
+---------------
+
+Bugfix and feature release.
+Note that this is the final minor 10.x.0 release.
+The next release with new features will be 11.0.0.
+From now on, there will only be bugfix 10.7.x releases for the community.general 10 release train.
+
+Minor Changes
+-------------
+
+- cobbler inventory plugin - add ``connection_timeout`` option to specify the connection timeout to the cobbler server (https://github.com/ansible-collections/community.general/pull/11063).
+- cobbler inventory plugin - add ``facts_level`` option to allow requesting fully rendered variables for Cobbler systems (https://github.com/ansible-collections/community.general/issues/9419, https://github.com/ansible-collections/community.general/pull/9975).
+- ini_file - modify an inactive option also when there are spaces in front of the comment symbol (https://github.com/ansible-collections/community.general/pull/10102, https://github.com/ansible-collections/community.general/issues/8539).
+- pipx - parameter ``name`` now accepts Python package specifiers (https://github.com/ansible-collections/community.general/issues/7815, https://github.com/ansible-collections/community.general/pull/10031).
+- pipx module_utils - filtering application list by name now happens in the modules (https://github.com/ansible-collections/community.general/pull/10031).
+- pipx_info - filtering application list by name now happens in the module  (https://github.com/ansible-collections/community.general/pull/10031).
+
+Deprecated Features
+-------------------
+
+- The proxmox content (modules and plugins) is being moved to the `new collection community.proxmox <https://github.com/ansible-collections/community.proxmox>`__. In community.general 11.0.0, these modules and plugins will be replaced by deprecated redirections to community.proxmox. You need to explicitly install community.proxmox, for example with ``ansible-galaxy collection install community.proxmox``. We suggest to update your roles and playbooks to use the new FQCNs as soon as possible to avoid getting deprecation messages (https://github.com/ansible-collections/community.general/pull/10109).
+- pipx module_utils - function ``make_process_list()`` is deprecated and will be removed in community.general 13.0.0 (https://github.com/ansible-collections/community.general/pull/10031).
+
+Bugfixes
+--------
+
+- cobbler_system - fix bug with Cobbler >= 3.4.0 caused by giving more than 2 positional arguments to ``CobblerXMLRPCInterface.get_system_handle()`` (https://github.com/ansible-collections/community.general/issues/8506, https://github.com/ansible-collections/community.general/pull/10145).
+- kdeconfig - allow option values beginning with a dash (https://github.com/ansible-collections/community.general/issues/10127, https://github.com/ansible-collections/community.general/pull/10128).
+- keycloak_user_rolemapping - fix ``--diff`` mode (https://github.com/ansible-collections/community.general/issues/10067, https://github.com/ansible-collections/community.general/pull/10075).
+- pickle cache plugin - avoid extra JSON serialization with ansible-core >= 2.19 (https://github.com/ansible-collections/community.general/pull/10136).
+- proxmox - fix crash in module when the used on an existing LXC container with ``state=present`` and ``force=true`` (https://github.com/ansible-collections/community.proxmox/pull/91, https://github.com/ansible-collections/community.general/pull/10155).
+- rundeck_acl_policy - ensure that project ACLs are sent to the correct endpoint (https://github.com/ansible-collections/community.general/pull/10097).
+- sysrc - split the output of ``sysrc -e -a`` on the first ``=`` only (https://github.com/ansible-collections/community.general/issues/10120, https://github.com/ansible-collections/community.general/pull/10121).
+
+New Plugins
+-----------
+
+Callback
+~~~~~~~~
+
+- community.general.print_task - Prints playbook task snippet to job output.
+
+Filter
+~~~~~~
+
+- community.general.to_prettytable - Format a list of dictionaries as an ASCII table.
+
+New Modules
+-----------
+
+- community.general.xdg_mime - Set default handler for MIME types, for applications using XDG tools.
+
+v10.6.0
+=======
+
+Release Summary
+---------------
+
+Regular bugfix and feature release.
+
+Minor Changes
+-------------
+
+- apache2_module - added workaround for new PHP module name, from ``php7_module`` to ``php_module`` (https://github.com/ansible-collections/community.general/pull/9951).
+- gitlab_project - add option ``build_timeout`` (https://github.com/ansible-collections/community.general/pull/9960).
+- gitlab_project_members - extend choices parameter ``access_level`` by missing upstream valid value ``owner`` (https://github.com/ansible-collections/community.general/pull/9953).
+- hpilo_boot - add option to get an idempotent behavior while powering on server, resulting in success instead of failure when using ``state: boot_once`` option (https://github.com/ansible-collections/community.general/pull/9646).
+- idrac_redfish_command, idrac_redfish_config, idrac_redfish_info - add ``validate_certs``, ``ca_path``, and ``ciphers`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686, https://github.com/ansible-collections/community.general/pull/9964).
+- ilo_redfish_command, ilo_redfish_config, ilo_redfish_info - add ``validate_certs``, ``ca_path``, and ``ciphers`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686, https://github.com/ansible-collections/community.general/pull/9964).
+- keycloak module_utils - user groups can now be referenced by their name, like ``staff``, or their path, like ``/staff/engineering``. The path syntax allows users to reference subgroups, which is not possible otherwise (https://github.com/ansible-collections/community.general/pull/9898).
+- keycloak_user module - user groups can now be referenced by their name, like ``staff``, or their path, like ``/staff/engineering``. The path syntax allows users to reference subgroups, which is not possible otherwise (https://github.com/ansible-collections/community.general/pull/9898).
+- nmcli - add support for Infiniband MAC setting when ``type`` is ``infiniband`` (https://github.com/ansible-collections/community.general/pull/9962).
+- one_vm - update allowed values for ``updateconf`` to include new parameters as per the latest OpenNebula API documentation.
+  Added parameters:
+
+  * ``OS``: ``FIRMWARE``;
+  * ``CPU_MODEL``: ``MODEL``, ``FEATURES``;
+  * ``FEATURES``: ``VIRTIO_BLK_QUEUES``, ``VIRTIO_SCSI_QUEUES``, ``IOTHREADS``;
+  * ``GRAPHICS``: ``PORT``, ``COMMAND``;
+  * ``VIDEO``: ``ATS``, ``IOMMU``, ``RESOLUTION``, ``TYPE``, ``VRAM``;
+  * ``RAW``: ``VALIDATE``;
+  * ``BACKUP_CONFIG``: ``FS_FREEZE``, ``KEEP_LAST``, ``BACKUP_VOLATILE``, ``MODE``, ``INCREMENT_MODE``.
+
+  (https://github.com/ansible-collections/community.general/pull/9959).
+- proxmox and proxmox_kvm modules - allow uppercase characters in VM/container tags (https://github.com/ansible-collections/community.general/issues/9895, https://github.com/ansible-collections/community.general/pull/10024).
+- puppet - improve parameter formatting, no impact to user (https://github.com/ansible-collections/community.general/pull/10014).
+- redfish module utils - add ``REDFISH_COMMON_ARGUMENT_SPEC``, a corresponding ``redfish`` docs fragment, and support for its ``validate_certs``, ``ca_path``, and ``ciphers`` options (https://github.com/ansible-collections/community.general/issues/3686, https://github.com/ansible-collections/community.general/pull/9964).
+- redfish_command, redfish_config, redfish_info - add ``validate_certs`` and ``ca_path`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686, https://github.com/ansible-collections/community.general/pull/9964).
+- rocketchat - fix duplicate JSON conversion for Rocket.Chat < 7.4.0 (https://github.com/ansible-collections/community.general/pull/9965).
+- wdc_redfish_command, wdc_redfish_info - add ``validate_certs``, ``ca_path``, and ``ciphers`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686, https://github.com/ansible-collections/community.general/pull/9964).
+- xcc_redfish_command - add ``validate_certs``, ``ca_path``, and ``ciphers`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686, https://github.com/ansible-collections/community.general/pull/9964).
+- zypper - adds ``skip_post_errors`` that allows to skip RPM post-install errors (Zypper return code 107) (https://github.com/ansible-collections/community.general/issues/9972).
+
+Deprecated Features
+-------------------
+
+- manifold lookup plugin - plugin is deprecated and will be removed in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/10028).
+- stackpath_compute inventory plugin - plugin is deprecated and will be removed in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/10026).
+
+Bugfixes
+--------
+
+- dependent look plugin - make compatible with ansible-core's Data Tagging feature (https://github.com/ansible-collections/community.general/pull/9833).
+- diy callback plugin - make compatible with ansible-core's Data Tagging feature (https://github.com/ansible-collections/community.general/pull/9833).
+- github_deploy_key - check that key really exists on 422 to avoid masking other errors (https://github.com/ansible-collections/community.general/issues/6718, https://github.com/ansible-collections/community.general/pull/10011).
+- hashids and unicode_normalize filter plugins - avoid deprecated ``AnsibleFilterTypeError`` on ansible-core 2.19 (https://github.com/ansible-collections/community.general/pull/9992).
+- homebrew - emit a useful error message if ``brew info`` reports a package tap is ``null`` (https://github.com/ansible-collections/community.general/pull/10013, https://github.com/ansible-collections/community.general/issues/10012).
+- java_cert - the module no longer fails if the optional parameters ``pkcs12_alias`` and ``cert_alias`` are not provided (https://github.com/ansible-collections/community.general/pull/9970).
+- keycloak_authentication - fix authentification config duplication for Keycloak < 26.2.0 (https://github.com/ansible-collections/community.general/pull/9987).
+- keycloak_client - fix the idempotency regression by normalizing the Keycloak response for ``after_client`` (https://github.com/ansible-collections/community.general/issues/9905, https://github.com/ansible-collections/community.general/pull/9976).
+- proxmox inventory plugin - fix ``ansible_host`` staying empty for certain Proxmox nodes (https://github.com/ansible-collections/community.general/issues/5906, https://github.com/ansible-collections/community.general/pull/9952).
+- proxmox_disk - fail gracefully if ``storage`` is required but not provided by the user (https://github.com/ansible-collections/community.general/issues/9941, https://github.com/ansible-collections/community.general/pull/9963).
+- reveal_ansible_type filter plugin and ansible_type test plugin - make compatible with ansible-core's Data Tagging feature (https://github.com/ansible-collections/community.general/pull/9833).
+- sysrc - no longer always reporting ``changed=true`` when ``state=absent``. This fixes the method ``exists()`` (https://github.com/ansible-collections/community.general/issues/10004, https://github.com/ansible-collections/community.general/pull/10005).
+- yaml callback plugin - use ansible-core internals to avoid breakage with Data Tagging (https://github.com/ansible-collections/community.general/pull/9833).
+
+Known Issues
+------------
+
+- reveal_ansible_type filter plugin and ansible_type test plugin - note that ansible-core's Data Tagging feature implements new aliases, such as ``_AnsibleTaggedStr`` for ``str``, ``_AnsibleTaggedInt`` for ``int``, and ``_AnsibleTaggedFloat`` for ``float`` (https://github.com/ansible-collections/community.general/pull/9833).
+
+New Plugins
+-----------
+
+Connection
+~~~~~~~~~~
+
+- community.general.wsl - Run tasks in WSL distribution using wsl.exe CLI via SSH.
+
+v10.5.0
+=======
+
+Release Summary
+---------------
+
+Regular bugfix and feature release.
+
+Minor Changes
+-------------
+
+- CmdRunner module utils - the convenience method ``cmd_runner_fmt.as_fixed()`` now accepts multiple arguments as a list (https://github.com/ansible-collections/community.general/pull/9893).
+- apache2_mod_proxy - code simplification, no change in functionality (https://github.com/ansible-collections/community.general/pull/9457).
+- consul_token - fix idempotency when ``policies`` or ``roles`` are supplied by name (https://github.com/ansible-collections/community.general/issues/9841, https://github.com/ansible-collections/community.general/pull/9845).
+- keycloak_realm - remove ID requirement when creating a realm to allow Keycloak generating its own realm ID (https://github.com/ansible-collections/community.general/pull/9768).
+- nmap inventory plugin - adds ``dns_servers`` option for specifying DNS servers for name resolution. Accepts hostnames or IP addresses in the same format as the ``exclude`` option (https://github.com/ansible-collections/community.general/pull/9849).
+- proxmox_kvm - add missing audio hardware device handling (https://github.com/ansible-collections/community.general/issues/5192, https://github.com/ansible-collections/community.general/pull/9847).
+- redfish_config - add command ``SetPowerRestorePolicy`` to set the desired power state of the system when power is restored (https://github.com/ansible-collections/community.general/pull/9837).
+- redfish_info - add command ``GetPowerRestorePolicy`` to get the desired power state of the system when power is restored (https://github.com/ansible-collections/community.general/pull/9824).
+- rocketchat - option ``is_pre740`` has been added to control the format of the payload. For Rocket.Chat 7.4.0 or newer, it must be set to ``false`` (https://github.com/ansible-collections/community.general/pull/9882).
+- slack callback plugin - add ``http_agent`` option to enable the user to set a custom user agent for slack callback plugin (https://github.com/ansible-collections/community.general/issues/9813, https://github.com/ansible-collections/community.general/pull/9836).
+- systemd_info - add wildcard expression support in ``unitname`` option (https://github.com/ansible-collections/community.general/pull/9821).
+- systemd_info - extend support to timer units (https://github.com/ansible-collections/community.general/pull/9891).
+- vmadm - add new options ``flexible_disk_size`` and ``owner_uuid`` (https://github.com/ansible-collections/community.general/pull/9892).
+
+Bugfixes
+--------
+
+- cloudlare_dns - handle exhausted response stream in case of HTTP errors to show nice error message to the user (https://github.com/ansible-collections/community.general/issues/9782, https://github.com/ansible-collections/community.general/pull/9818).
+- dnf_versionlock - add support for dnf5 (https://github.com/ansible-collections/community.general/issues/9556).
+- homebrew - fix crash when package names include tap (https://github.com/ansible-collections/community.general/issues/9777, https://github.com/ansible-collections/community.general/pull/9803).
+- homebrew_cask - handle unusual brew version strings (https://github.com/ansible-collections/community.general/issues/8432, https://github.com/ansible-collections/community.general/pull/9881).
+- nmcli - enable changing only the order of DNS servers or search suffixes (https://github.com/ansible-collections/community.general/issues/8724, https://github.com/ansible-collections/community.general/pull/9880).
+- proxmox - add missing key selection of ``'status'`` key to ``get_lxc_status`` (https://github.com/ansible-collections/community.general/issues/9696, https://github.com/ansible-collections/community.general/pull/9809).
+- proxmox_vm_info - the module no longer expects that the key ``template`` exists in a dictionary returned by Proxmox (https://github.com/ansible-collections/community.general/issues/9875, https://github.com/ansible-collections/community.general/pull/9910).
+- sudoers - display stdout and stderr raised while failed validation (https://github.com/ansible-collections/community.general/issues/9674, https://github.com/ansible-collections/community.general/pull/9871).
+
+New Modules
+-----------
+
+- community.general.pacemaker_resource - Manage pacemaker resources.
+
+v10.4.0
+=======
+
+Release Summary
+---------------
+
+Regular bugfix and feature release.
+
+Minor Changes
+-------------
+
+- bitwarden lookup plugin - add new option ``collection_name`` to filter results by collection name, and new option ``result_count`` to validate number of results (https://github.com/ansible-collections/community.general/pull/9728).
+- incus connection plugin - adds ``remote_user`` and ``incus_become_method`` parameters for allowing a non-root user to connect to an Incus instance (https://github.com/ansible-collections/community.general/pull/9743).
+- iocage inventory plugin - the new parameter ``hooks_results`` of the plugin is a list of files inside a jail that provide configuration parameters for the inventory. The inventory plugin reads the files from the jails and put the contents into the items of created variable ``iocage_hooks`` (https://github.com/ansible-collections/community.general/issues/9650, https://github.com/ansible-collections/community.general/pull/9651).
+- jira - adds ``client_cert`` and ``client_key`` parameters for supporting client certificate authentification when connecting to Jira (https://github.com/ansible-collections/community.general/pull/9753).
+- lldp - adds ``multivalues`` parameter to control behavior when lldpctl outputs an attribute multiple times (https://github.com/ansible-collections/community.general/pull/9657).
+- lvg - add ``remove_extra_pvs`` parameter to control if ansible should remove physical volumes which are not in the ``pvs`` parameter (https://github.com/ansible-collections/community.general/pull/9698).
+- lxd connection plugin - adds ``remote_user`` and ``lxd_become_method`` parameters for allowing a non-root user to connect to an LXD instance (https://github.com/ansible-collections/community.general/pull/9659).
+- nmcli - adds VRF support with new ``type`` value ``vrf`` and new ``slave_type`` value ``vrf`` as well as new ``table`` parameter (https://github.com/ansible-collections/community.general/pull/9658, https://github.com/ansible-collections/community.general/issues/8014).
+- proxmox_kvm - allow hibernation and suspending of VMs (https://github.com/ansible-collections/community.general/issues/9620, https://github.com/ansible-collections/community.general/pull/9653).
+- redfish_command - add ``PowerFullPowerCycle`` to power command options (https://github.com/ansible-collections/community.general/pull/9729).
+- ssh_config - add ``other_options`` option (https://github.com/ansible-collections/community.general/issues/8053, https://github.com/ansible-collections/community.general/pull/9684).
+- xen_orchestra inventory plugin - add ``use_vm_uuid`` and ``use_host_uuid`` boolean options to allow switching over to using VM/Xen name labels instead of UUIDs as item names (https://github.com/ansible-collections/community.general/pull/9787).
+
+Deprecated Features
+-------------------
+
+- profitbricks - module is deprecated and will be removed in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+- profitbricks_datacenter - module is deprecated and will be removed in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+- profitbricks_nic - module is deprecated and will be removed in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+- profitbricks_volume - module is deprecated and will be removed in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+- profitbricks_volume_attachments - module is deprecated and will be removed in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+
+Bugfixes
+--------
+
+- apache2_mod_proxy - make compatible with Python 3 (https://github.com/ansible-collections/community.general/pull/9762).
+- apache2_mod_proxy - passing the cluster's page as referer for the member's pages. This makes the module actually work again for halfway modern Apache versions. According to some comments founds on the net the referer was required since at least 2019 for some versions of Apache 2 (https://github.com/ansible-collections/community.general/pull/9762).
+- elasticsearch_plugin - fix ``ERROR: D is not a recognized option`` issue when configuring proxy settings (https://github.com/ansible-collections/community.general/pull/9774, https://github.com/ansible-collections/community.general/issues/9773).
+- ipa_host - module revoked existing host certificates even if ``user_certificate`` was not given (https://github.com/ansible-collections/community.general/pull/9694).
+- keycloak_client - in check mode, detect whether the lists in before client (for example redirect URI list) contain items that the lists in the desired client do not contain (https://github.com/ansible-collections/community.general/pull/9739).
+- lldp - fix crash caused by certain lldpctl output where an attribute is defined as branch and leaf (https://github.com/ansible-collections/community.general/pull/9657).
+- onepassword_doc lookup plugin - ensure that 1Password Connect support also works for this plugin (https://github.com/ansible-collections/community.general/pull/9625).
+- passwordstore lookup plugin - fix subkey creation even when ``create=false`` (https://github.com/ansible-collections/community.general/issues/9105, https://github.com/ansible-collections/community.general/pull/9106).
+- proxmox inventory plugin - plugin did not update cache correctly after ``meta: refresh_inventory`` (https://github.com/ansible-collections/community.general/issues/9710, https://github.com/ansible-collections/community.general/pull/9760).
+- redhat_subscription - use the "enable_content" option (when available) when
+  registering using D-Bus, to ensure that subscription-manager enables the
+  content on registration; this is particular important on EL 10+ and Fedora
+  41+
+  (https://github.com/ansible-collections/community.general/pull/9778).
+- zfs - fix handling of multi-line values of user-defined ZFS properties (https://github.com/ansible-collections/community.general/pull/6264).
+- zfs_facts - parameter ``type`` now accepts multple values as documented (https://github.com/ansible-collections/community.general/issues/5909, https://github.com/ansible-collections/community.general/pull/9697).
+
+New Modules
+-----------
+
+- community.general.systemd_info - Gather C(systemd) unit info.
+
 v10.3.1
 =======

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -44,7 +44,49 @@ If you want to test a PR locally, refer to [our testing guide](https://github.co

 If you find any inconsistencies or places in this document which can be improved, feel free to raise an issue or pull request to fix it.

-## Run sanity, unit or integration tests locally
+## Run sanity or unit locally (with antsibull-nox)
+
+The easiest way to run sanity and unit tests locally is to use [antsibull-nox](https://ansible.readthedocs.io/projects/antsibull-nox/).
+(If you have [nox](https://nox.thea.codes/en/stable/) installed, it will automatically install antsibull-nox in a virtual environment for you.)
+
+### Sanity tests
+
+The following commands show how to run ansible-test sanity tests:
+
+```.bash
+# Run basic sanity tests for all files in the collection:
+nox -Re ansible-test-sanity-devel
+
+# Run basic sanity tests for the given files and directories:
+nox -Re ansible-test-sanity-devel -- plugins/modules/system/pids.py tests/integration/targets/pids/
+
+# Run all other sanity tests for all files in the collection:
+nox -R
+```
+
+If you replace `-Re` with `-e`, respectively. If you leave `-R` away, then the virtual environments will be re-created. The `-R` re-uses them (if they already exist).
+
+### Unit tests
+
+The following commands show how to run unit tests:
+
+```.bash
+# Run all unit tests:
+nox -Re ansible-test-units-devel
+
+# Run all unit tests for one Python version (a lot faster):
+nox -Re ansible-test-units-devel -- --python 3.13
+
+# Run a specific unit test (for the nmcli module) for one Python version:
+nox -Re ansible-test-units-devel -- --python 3.13 tests/unit/plugins/modules/net_tools/test_nmcli.py
+```
+
+If you replace `-Re` with `-e`, then the virtual environments will be re-created. The `-R` re-uses them (if they already exist).
+
+## Run basic sanity, unit or integration tests locally (with ansible-test)
+
+Instead of using antsibull-nox, you can also run sanity and unit tests with ansible-test directly.
+This also allows you to run integration tests.

 You have to check out the repository into a specific path structure to be able to run `ansible-test`. The path to the git checkout must end with `.../ansible_collections/community/general`. Please see [our testing guide](https://github.com/ansible/community-docs/blob/main/test_pr_locally_guide.rst) for instructions on how to check out the repository into a correct path structure. The short version of these instructions is:

@@ -56,20 +98,27 @@ cd ~/dev/ansible_collections/community/general

 Then you can run `ansible-test` (which is a part of [ansible-core](https://pypi.org/project/ansible-core/)) inside the checkout. The following example commands expect that you have installed Docker or Podman. Note that Podman has only been supported by more recent ansible-core releases. If you are using Docker, the following will work with Ansible 2.9+.

-### Sanity tests
+### Basic sanity tests

-The following commands show how to run sanity tests:
+The following commands show how to run basic sanity tests:

 ```.bash
-# Run sanity tests for all files in the collection:
+# Run basic sanity tests for all files in the collection:
 ansible-test sanity --docker -v

-# Run sanity tests for the given files and directories:
+# Run basic sanity tests for the given files and directories:
 ansible-test sanity --docker -v plugins/modules/system/pids.py tests/integration/targets/pids/
 ```

 ### Unit tests

+Note that for running unit tests, you need to install required collections in the same folder structure that `community.general` is checked out in.
+Right now, you need to install [`community.internal_test_tools`](https://github.com/ansible-collections/community.internal_test_tools).
+If you want to use the latest version from GitHub, you can run:
+```
+git clone https://github.com/ansible-collections/community.internal_test_tools.git ~/dev/ansible_collections/community/internal_test_tools
+```
+
 The following commands show how to run unit tests:

 ```.bash
@@ -85,6 +134,16 @@ ansible-test units --docker -v --python 3.8 tests/unit/plugins/modules/net_tools

 ### Integration tests

+Note that for running integration tests, you need to install required collections in the same folder structure that `community.general` is checked out in.
+Right now, depending on the test, you need to install [`ansible.posix`](https://github.com/ansible-collections/ansible.posix), [`community.crypto`](https://github.com/ansible-collections/community.crypto), and [`community.docker`](https://github.com/ansible-collections/community.docker):
+If you want to use the latest versions from GitHub, you can run:
+```
+mkdir -p ~/dev/ansible_collections/ansible
+git clone https://github.com/ansible-collections/ansible.posix.git ~/dev/ansible_collections/ansible/posix
+git clone https://github.com/ansible-collections/community.crypto.git ~/dev/ansible_collections/community/crypto
+git clone https://github.com/ansible-collections/community.docker.git ~/dev/ansible_collections/community/docker
+```
+
 The following commands show how to run integration tests:

 #### In Docker
@@ -92,8 +151,8 @@ The following commands show how to run integration tests:
 Integration tests on Docker have the following parameters:
 - `image_name` (required): The name of the Docker image. To get the list of supported Docker images, run
  `ansible-test integration --help` and look for _target docker images_.
- `test_name` (optional): The name of the integration test.  
-  For modules, this equals the short name of the module; for example, `pacman` in case of `community.general.pacman`.  
+- `test_name` (optional): The name of the integration test.
+  For modules, this equals the short name of the module; for example, `pacman` in case of `community.general.pacman`.
  For plugins, the plugin type is added before the plugin's short name, for example `callback_yaml` for the `community.general.yaml` callback.
 ```.bash
 # Test all plugins/modules on fedora40
--- a/README.md
+++ b/README.md
@@ -9,6 +9,7 @@ SPDX-License-Identifier: GPL-3.0-or-later
 [![Documentation](https://img.shields.io/badge/docs-brightgreen.svg)](https://docs.ansible.com/ansible/latest/collections/community/general/)
 [![Build Status](https://dev.azure.com/ansible/community.general/_apis/build/status/CI?branchName=stable-10)](https://dev.azure.com/ansible/community.general/_build?definitionId=31)
 [![EOL CI](https://github.com/ansible-collections/community.general/actions/workflows/ansible-test.yml/badge.svg?branch=stable-10)](https://github.com/ansible-collections/community.general/actions)
+[![Nox CI](https://github.com/ansible-collections/community.general/actions/workflows/nox.yml/badge.svg?branch=stable-10)](https://github.com/ansible-collections/community.general/actions)
 [![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/community.general)](https://codecov.io/gh/ansible-collections/community.general)
 [![REUSE status](https://api.reuse.software/badge/github.com/ansible-collections/community.general)](https://api.reuse.software/info/github.com/ansible-collections/community.general)

@@ -38,7 +39,7 @@ For more information about communication, see the [Ansible communication guide](

 ## Tested with Ansible

-Tested with the current ansible-core 2.15, ansible-core 2.16, ansible-core 2.17, ansible-core 2.18 releases and the current development version of ansible-core. Ansible-core versions before 2.15.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.
+Tested with the current ansible-core 2.15, ansible-core 2.16, ansible-core 2.17, ansible-core 2.18, ansible-core 2.19 releases and the current development version of ansible-core. Ansible-core versions before 2.15.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.

 ## External requirements

@@ -140,4 +141,4 @@ See [LICENSES/GPL-3.0-or-later.txt](https://github.com/ansible-collections/commu

 Parts of the collection are licensed under the [BSD 2-Clause license](https://github.com/ansible-collections/community.general/blob/stable-10/LICENSES/BSD-2-Clause.txt), the [MIT license](https://github.com/ansible-collections/community.general/blob/stable-10/LICENSES/MIT.txt), and the [PSF 2.0 license](https://github.com/ansible-collections/community.general/blob/stable-10/LICENSES/PSF-2.0.txt).

-All files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `.reuse/dep5`. This conforms to the [REUSE specification](https://reuse.software/spec/).
+All files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `REUSE.toml`. This conforms to the [REUSE specification](https://reuse.software/spec/).
--- a/REUSE.toml
+++ b/REUSE.toml
@@ -0,0 +1,11 @@
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+version = 1
+
+[[annotations]]
+path = "changelogs/fragments/**"
+precedence = "aggregate"
+SPDX-FileCopyrightText = "Ansible Project"
+SPDX-License-Identifier = "GPL-3.0-or-later"
--- a/antsibull-nox.toml
+++ b/antsibull-nox.toml
@@ -0,0 +1,62 @@
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+# SPDX-FileCopyrightText: 2025 Felix Fontein <felix@fontein.de>
+
+[collection_sources]
+"ansible.posix" = "git+https://github.com/ansible-collections/ansible.posix.git,main"
+"community.crypto" = "git+https://github.com/ansible-collections/community.crypto.git,main"
+"community.docker" = "git+https://github.com/ansible-collections/community.docker.git,main"
+"community.internal_test_tools" = "git+https://github.com/ansible-collections/community.internal_test_tools.git,main"
+
+[collection_sources_per_ansible.'2.15']
+# community.crypto's main branch needs ansible-core >= 2.17
+"community.crypto" = "git+https://github.com/ansible-collections/community.crypto.git,stable-2"
+
+[collection_sources_per_ansible.'2.16']
+# community.crypto's main branch needs ansible-core >= 2.17
+"community.crypto" = "git+https://github.com/ansible-collections/community.crypto.git,stable-2"
+
+[sessions]
+
+[sessions.docs_check]
+validate_collection_refs="all"
+
+[sessions.license_check]
+
+[sessions.extra_checks]
+run_no_unwanted_files = true
+no_unwanted_files_module_extensions = [".py"]
+no_unwanted_files_yaml_extensions = [".yml"]
+run_action_groups = true
+
+[[sessions.extra_checks.action_groups_config]]
+name = "consul"
+pattern = "^consul_.*$"
+exclusions = [
+    "consul_acl_bootstrap",
+    "consul_kv",
+]
+doc_fragment = "community.general.consul.actiongroup_consul"
+
+[[sessions.extra_checks.action_groups_config]]
+name = "keycloak"
+pattern = "^keycloak_.*$"
+exclusions = [
+    "keycloak_realm_info",
+]
+doc_fragment = "community.general.keycloak.actiongroup_keycloak"
+
+[[sessions.extra_checks.action_groups_config]]
+name = "proxmox"
+pattern = "^proxmox(_.*)?$"
+exclusions = []
+doc_fragment = "community.general.proxmox.actiongroup_proxmox"
+
+[sessions.build_import_check]
+run_galaxy_importer = true
+
+[sessions.ansible_test_sanity]
+include_devel = true
+
+[sessions.ansible_test_units]
+include_devel = true
--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
@@ -1468,3 +1468,491 @@ releases:
      - 9691-keycloak-module-utils-replace-missing-return-in-get_role_composites.yml
      - 9695-xml-close-file.yml
    release_date: '2025-02-10'
+  10.4.0:
+    changes:
+      bugfixes:
+        - apache2_mod_proxy - make compatible with Python 3 (https://github.com/ansible-collections/community.general/pull/9762).
+        - apache2_mod_proxy - passing the cluster's page as referer for the member's
+          pages. This makes the module actually work again for halfway modern Apache
+          versions. According to some comments founds on the net the referer was required
+          since at least 2019 for some versions of Apache 2 (https://github.com/ansible-collections/community.general/pull/9762).
+        - 'elasticsearch_plugin - fix ``ERROR: D is not a recognized option`` issue
+          when configuring proxy settings (https://github.com/ansible-collections/community.general/pull/9774,
+          https://github.com/ansible-collections/community.general/issues/9773).'
+        - ipa_host - module revoked existing host certificates even if ``user_certificate``
+          was not given (https://github.com/ansible-collections/community.general/pull/9694).
+        - keycloak_client - in check mode, detect whether the lists in before client
+          (for example redirect URI list) contain items that the lists in the desired
+          client do not contain (https://github.com/ansible-collections/community.general/pull/9739).
+        - lldp - fix crash caused by certain lldpctl output where an attribute is
+          defined as branch and leaf (https://github.com/ansible-collections/community.general/pull/9657).
+        - onepassword_doc lookup plugin - ensure that 1Password Connect support also
+          works for this plugin (https://github.com/ansible-collections/community.general/pull/9625).
+        - passwordstore lookup plugin - fix subkey creation even when ``create=false``
+          (https://github.com/ansible-collections/community.general/issues/9105, https://github.com/ansible-collections/community.general/pull/9106).
+        - 'proxmox inventory plugin - plugin did not update cache correctly after
+          ``meta: refresh_inventory`` (https://github.com/ansible-collections/community.general/issues/9710,
+          https://github.com/ansible-collections/community.general/pull/9760).'
+        - 'redhat_subscription - use the "enable_content" option (when available)
+          when
+
+          registering using D-Bus, to ensure that subscription-manager enables the
+
+          content on registration; this is particular important on EL 10+ and Fedora
+
+          41+
+
+          (https://github.com/ansible-collections/community.general/pull/9778).
+
+          '
+        - zfs - fix handling of multi-line values of user-defined ZFS properties (https://github.com/ansible-collections/community.general/pull/6264).
+        - zfs_facts - parameter ``type`` now accepts multple values as documented
+          (https://github.com/ansible-collections/community.general/issues/5909, https://github.com/ansible-collections/community.general/pull/9697).
+      deprecated_features:
+        - profitbricks - module is deprecated and will be removed in community.general
+          11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+        - profitbricks_datacenter - module is deprecated and will be removed in community.general
+          11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+        - profitbricks_nic - module is deprecated and will be removed in community.general
+          11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+        - profitbricks_volume - module is deprecated and will be removed in community.general
+          11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+        - profitbricks_volume_attachments - module is deprecated and will be removed
+          in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/9733).
+      minor_changes:
+        - bitwarden lookup plugin - add new option ``collection_name`` to filter results
+          by collection name, and new option ``result_count`` to validate number of
+          results (https://github.com/ansible-collections/community.general/pull/9728).
+        - incus connection plugin - adds ``remote_user`` and ``incus_become_method``
+          parameters for allowing a non-root user to connect to an Incus instance
+          (https://github.com/ansible-collections/community.general/pull/9743).
+        - iocage inventory plugin - the new parameter ``hooks_results`` of the plugin
+          is a list of files inside a jail that provide configuration parameters for
+          the inventory. The inventory plugin reads the files from the jails and put
+          the contents into the items of created variable ``iocage_hooks`` (https://github.com/ansible-collections/community.general/issues/9650,
+          https://github.com/ansible-collections/community.general/pull/9651).
+        - jira - adds ``client_cert`` and ``client_key`` parameters for supporting
+          client certificate authentification when connecting to Jira (https://github.com/ansible-collections/community.general/pull/9753).
+        - lldp - adds ``multivalues`` parameter to control behavior when lldpctl outputs
+          an attribute multiple times (https://github.com/ansible-collections/community.general/pull/9657).
+        - lvg - add ``remove_extra_pvs`` parameter to control if ansible should remove
+          physical volumes which are not in the ``pvs`` parameter (https://github.com/ansible-collections/community.general/pull/9698).
+        - lxd connection plugin - adds ``remote_user`` and ``lxd_become_method`` parameters
+          for allowing a non-root user to connect to an LXD instance (https://github.com/ansible-collections/community.general/pull/9659).
+        - nmcli - adds VRF support with new ``type`` value ``vrf`` and new ``slave_type``
+          value ``vrf`` as well as new ``table`` parameter (https://github.com/ansible-collections/community.general/pull/9658,
+          https://github.com/ansible-collections/community.general/issues/8014).
+        - proxmox_kvm - allow hibernation and suspending of VMs (https://github.com/ansible-collections/community.general/issues/9620,
+          https://github.com/ansible-collections/community.general/pull/9653).
+        - redfish_command - add ``PowerFullPowerCycle`` to power command options (https://github.com/ansible-collections/community.general/pull/9729).
+        - ssh_config - add ``other_options`` option (https://github.com/ansible-collections/community.general/issues/8053,
+          https://github.com/ansible-collections/community.general/pull/9684).
+        - xen_orchestra inventory plugin - add ``use_vm_uuid`` and ``use_host_uuid``
+          boolean options to allow switching over to using VM/Xen name labels instead
+          of UUIDs as item names (https://github.com/ansible-collections/community.general/pull/9787).
+      release_summary: Regular bugfix and feature release.
+    fragments:
+      - 10.4.0.yaml
+      - 6264-zfs-multiline-property-value.yml
+      - 9106-passwordstore-fix-subkey-creation-even-when-create-==-false.yml
+      - 9625-onepassword_doc.yml
+      - 9651-iocage-inventory-hooks.yml
+      - 9653-proxmox-kvm-allow-vm-hibernation.yml
+      - 9657-lldp-handling-attributes-defined-multiple-times.yml
+      - 9658-add-vrf-commands-to-nmcli-module.yml
+      - 9659-lxd_connection-nonroot-user.yml
+      - 9694-ipa-host-certificate-revoked.yml
+      - 9697-zfs-facts-type.yml
+      - 9698-lvg-remove-extra-pvs-parameter.yml
+      - 9728-bitwarden-collection-name-filter.yml
+      - 9729-redfish-fullpowercycle-command.yml
+      - 9733-profitbrick-deprecation.yml
+      - 9739-keycloak_client-compare-before-desired-directly.yml
+      - 9743-incus_connection-nonroot-user.yml
+      - 9753-jira-add-client-certificate-auth.yml
+      - 9760-proxmox-inventory.yml
+      - 9762-apache2_mod_proxy.yml
+      - 9774-fix-elasticsearch_plugin-proxy-settings.yml
+      - 9778-redhat_subscription-ensure-to-enable-content.yml
+      - 9787-xoa_allow_using_names_in_inventory.yml
+      - ssh_config_add_other_options.yml
+    modules:
+      - description: Gather C(systemd) unit info.
+        name: systemd_info
+        namespace: ''
+    release_date: '2025-02-24'
+  10.5.0:
+    changes:
+      bugfixes:
+        - cloudlare_dns - handle exhausted response stream in case of HTTP errors
+          to show nice error message to the user (https://github.com/ansible-collections/community.general/issues/9782,
+          https://github.com/ansible-collections/community.general/pull/9818).
+        - dnf_versionlock - add support for dnf5 (https://github.com/ansible-collections/community.general/issues/9556).
+        - homebrew - fix crash when package names include tap (https://github.com/ansible-collections/community.general/issues/9777,
+          https://github.com/ansible-collections/community.general/pull/9803).
+        - homebrew_cask - handle unusual brew version strings (https://github.com/ansible-collections/community.general/issues/8432,
+          https://github.com/ansible-collections/community.general/pull/9881).
+        - nmcli - enable changing only the order of DNS servers or search suffixes
+          (https://github.com/ansible-collections/community.general/issues/8724, https://github.com/ansible-collections/community.general/pull/9880).
+        - proxmox - add missing key selection of ``'status'`` key to ``get_lxc_status``
+          (https://github.com/ansible-collections/community.general/issues/9696, https://github.com/ansible-collections/community.general/pull/9809).
+        - proxmox_vm_info - the module no longer expects that the key ``template``
+          exists in a dictionary returned by Proxmox (https://github.com/ansible-collections/community.general/issues/9875,
+          https://github.com/ansible-collections/community.general/pull/9910).
+        - sudoers - display stdout and stderr raised while failed validation (https://github.com/ansible-collections/community.general/issues/9674,
+          https://github.com/ansible-collections/community.general/pull/9871).
+      minor_changes:
+        - CmdRunner module utils - the convenience method ``cmd_runner_fmt.as_fixed()``
+          now accepts multiple arguments as a list (https://github.com/ansible-collections/community.general/pull/9893).
+        - apache2_mod_proxy - code simplification, no change in functionality (https://github.com/ansible-collections/community.general/pull/9457).
+        - consul_token - fix idempotency when ``policies`` or ``roles`` are supplied
+          by name (https://github.com/ansible-collections/community.general/issues/9841,
+          https://github.com/ansible-collections/community.general/pull/9845).
+        - keycloak_realm - remove ID requirement when creating a realm to allow Keycloak
+          generating its own realm ID (https://github.com/ansible-collections/community.general/pull/9768).
+        - nmap inventory plugin - adds ``dns_servers`` option for specifying DNS servers
+          for name resolution. Accepts hostnames or IP addresses in the same format
+          as the ``exclude`` option (https://github.com/ansible-collections/community.general/pull/9849).
+        - proxmox_kvm - add missing audio hardware device handling (https://github.com/ansible-collections/community.general/issues/5192,
+          https://github.com/ansible-collections/community.general/pull/9847).
+        - redfish_config - add command ``SetPowerRestorePolicy`` to set the desired
+          power state of the system when power is restored (https://github.com/ansible-collections/community.general/pull/9837).
+        - redfish_info - add command ``GetPowerRestorePolicy`` to get the desired
+          power state of the system when power is restored (https://github.com/ansible-collections/community.general/pull/9824).
+        - rocketchat - option ``is_pre740`` has been added to control the format of
+          the payload. For Rocket.Chat 7.4.0 or newer, it must be set to ``false``
+          (https://github.com/ansible-collections/community.general/pull/9882).
+        - slack callback plugin - add ``http_agent`` option to enable the user to
+          set a custom user agent for slack callback plugin (https://github.com/ansible-collections/community.general/issues/9813,
+          https://github.com/ansible-collections/community.general/pull/9836).
+        - systemd_info - add wildcard expression support in ``unitname`` option (https://github.com/ansible-collections/community.general/pull/9821).
+        - systemd_info - extend support to timer units (https://github.com/ansible-collections/community.general/pull/9891).
+        - vmadm - add new options ``flexible_disk_size`` and ``owner_uuid`` (https://github.com/ansible-collections/community.general/pull/9892).
+      release_summary: Regular bugfix and feature release.
+    fragments:
+      - 10.5.0.yml
+      - 9457-apache2-mod-proxy-revamp.yml
+      - 9768-keycloak_realm-remove-id-requirement.yaml
+      - 9777-homebrew-fix-crash-when-packages-include-tap.yml
+      - 9809-proxmox-fix-status-getter.yml
+      - 9818-cloudflare-dns-exhausted-response.yml
+      - 9821-systemd_info-add-wildcards.yml
+      - 9824-redfish-implement-obtaining-powerrestorepolicy.yml
+      - 9836-option-for-http-agent-for-user-to-callback-slack.yml
+      - 9837-redfish-implement-setting-powerrestorepolicy.yml
+      - 9845-consul_token_idempotency.yml
+      - 9847-Adding_audio_device-support_to_proxmox_kvm.yml
+      - 9849-nmap_dns_servers.yml
+      - 9875-proxmox-dont-expect-key-template-to-exist.yml
+      - 9880-nmcli-fix-reorder-same-dns-nameservers-search-suffixes.yml
+      - 9882-fix-payload-to-match-rocketchat-740-requirement.yml
+      - 9891-systemd_info-add_timer.yml
+      - 9892-vmadm-add-new-options.yml
+      - 9893-cmdrunner-as-fixed-args.yml
+      - dnf_versionlock.yml
+      - homebrew_cask.yml
+      - sudoers.yml
+    modules:
+      - description: Manage pacemaker resources.
+        name: pacemaker_resource
+        namespace: ''
+    release_date: '2025-03-24'
+  10.6.0:
+    changes:
+      bugfixes:
+        - dependent look plugin - make compatible with ansible-core's Data Tagging
+          feature (https://github.com/ansible-collections/community.general/pull/9833).
+        - diy callback plugin - make compatible with ansible-core's Data Tagging feature
+          (https://github.com/ansible-collections/community.general/pull/9833).
+        - "github_deploy_key - check that key really exists on 422\_to avoid masking\
+          \ other errors (https://github.com/ansible-collections/community.general/issues/6718,\
+          \ https://github.com/ansible-collections/community.general/pull/10011)."
+        - hashids and unicode_normalize filter plugins - avoid deprecated ``AnsibleFilterTypeError``
+          on ansible-core 2.19 (https://github.com/ansible-collections/community.general/pull/9992).
+        - homebrew - emit a useful error message if ``brew info`` reports a package
+          tap is ``null`` (https://github.com/ansible-collections/community.general/pull/10013,
+          https://github.com/ansible-collections/community.general/issues/10012).
+        - java_cert - the module no longer fails if the optional parameters ``pkcs12_alias``
+          and ``cert_alias`` are not provided (https://github.com/ansible-collections/community.general/pull/9970).
+        - keycloak_authentication - fix authentification config duplication for Keycloak
+          < 26.2.0 (https://github.com/ansible-collections/community.general/pull/9987).
+        - keycloak_client - fix the idempotency regression by normalizing the Keycloak
+          response for ``after_client`` (https://github.com/ansible-collections/community.general/issues/9905,
+          https://github.com/ansible-collections/community.general/pull/9976).
+        - proxmox inventory plugin - fix ``ansible_host`` staying empty for certain
+          Proxmox nodes (https://github.com/ansible-collections/community.general/issues/5906,
+          https://github.com/ansible-collections/community.general/pull/9952).
+        - proxmox_disk - fail gracefully if ``storage`` is required but not provided
+          by the user (https://github.com/ansible-collections/community.general/issues/9941,
+          https://github.com/ansible-collections/community.general/pull/9963).
+        - reveal_ansible_type filter plugin and ansible_type test plugin - make compatible
+          with ansible-core's Data Tagging feature (https://github.com/ansible-collections/community.general/pull/9833).
+        - sysrc - no longer always reporting ``changed=true`` when ``state=absent``.
+          This fixes the method ``exists()`` (https://github.com/ansible-collections/community.general/issues/10004,
+          https://github.com/ansible-collections/community.general/pull/10005).
+        - yaml callback plugin - use ansible-core internals to avoid breakage with
+          Data Tagging (https://github.com/ansible-collections/community.general/pull/9833).
+      deprecated_features:
+        - manifold lookup plugin - plugin is deprecated and will be removed in community.general
+          11.0.0 (https://github.com/ansible-collections/community.general/pull/10028).
+        - stackpath_compute inventory plugin - plugin is deprecated and will be removed
+          in community.general 11.0.0 (https://github.com/ansible-collections/community.general/pull/10026).
+      known_issues:
+        - reveal_ansible_type filter plugin and ansible_type test plugin - note that
+          ansible-core's Data Tagging feature implements new aliases, such as ``_AnsibleTaggedStr``
+          for ``str``, ``_AnsibleTaggedInt`` for ``int``, and ``_AnsibleTaggedFloat``
+          for ``float`` (https://github.com/ansible-collections/community.general/pull/9833).
+      minor_changes:
+        - apache2_module - added workaround for new PHP module name, from ``php7_module``
+          to ``php_module`` (https://github.com/ansible-collections/community.general/pull/9951).
+        - gitlab_project - add option ``build_timeout`` (https://github.com/ansible-collections/community.general/pull/9960).
+        - gitlab_project_members - extend choices parameter ``access_level`` by missing
+          upstream valid value ``owner`` (https://github.com/ansible-collections/community.general/pull/9953).
+        - 'hpilo_boot - add option to get an idempotent behavior while powering on
+          server, resulting in success instead of failure when using ``state: boot_once``
+          option (https://github.com/ansible-collections/community.general/pull/9646).'
+        - idrac_redfish_command, idrac_redfish_config, idrac_redfish_info - add ``validate_certs``,
+          ``ca_path``, and ``ciphers`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686,
+          https://github.com/ansible-collections/community.general/pull/9964).
+        - ilo_redfish_command, ilo_redfish_config, ilo_redfish_info - add ``validate_certs``,
+          ``ca_path``, and ``ciphers`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686,
+          https://github.com/ansible-collections/community.general/pull/9964).
+        - keycloak module_utils - user groups can now be referenced by their name,
+          like ``staff``, or their path, like ``/staff/engineering``. The path syntax
+          allows users to reference subgroups, which is not possible otherwise (https://github.com/ansible-collections/community.general/pull/9898).
+        - keycloak_user module - user groups can now be referenced by their name,
+          like ``staff``, or their path, like ``/staff/engineering``. The path syntax
+          allows users to reference subgroups, which is not possible otherwise (https://github.com/ansible-collections/community.general/pull/9898).
+        - nmcli - add support for Infiniband MAC setting when ``type`` is ``infiniband``
+          (https://github.com/ansible-collections/community.general/pull/9962).
+        - 'one_vm - update allowed values for ``updateconf`` to include new parameters
+          as per the latest OpenNebula API documentation.
+
+          Added parameters:
+
+
+          * ``OS``: ``FIRMWARE``;
+
+          * ``CPU_MODEL``: ``MODEL``, ``FEATURES``;
+
+          * ``FEATURES``: ``VIRTIO_BLK_QUEUES``, ``VIRTIO_SCSI_QUEUES``, ``IOTHREADS``;
+
+          * ``GRAPHICS``: ``PORT``, ``COMMAND``;
+
+          * ``VIDEO``: ``ATS``, ``IOMMU``, ``RESOLUTION``, ``TYPE``, ``VRAM``;
+
+          * ``RAW``: ``VALIDATE``;
+
+          * ``BACKUP_CONFIG``: ``FS_FREEZE``, ``KEEP_LAST``, ``BACKUP_VOLATILE``,
+          ``MODE``, ``INCREMENT_MODE``.
+
+
+          (https://github.com/ansible-collections/community.general/pull/9959).'
+        - proxmox and proxmox_kvm modules - allow uppercase characters in VM/container
+          tags (https://github.com/ansible-collections/community.general/issues/9895,
+          https://github.com/ansible-collections/community.general/pull/10024).
+        - puppet - improve parameter formatting, no impact to user (https://github.com/ansible-collections/community.general/pull/10014).
+        - redfish module utils - add ``REDFISH_COMMON_ARGUMENT_SPEC``, a corresponding
+          ``redfish`` docs fragment, and support for its ``validate_certs``, ``ca_path``,
+          and ``ciphers`` options (https://github.com/ansible-collections/community.general/issues/3686,
+          https://github.com/ansible-collections/community.general/pull/9964).
+        - redfish_command, redfish_config, redfish_info - add ``validate_certs`` and
+          ``ca_path`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686,
+          https://github.com/ansible-collections/community.general/pull/9964).
+        - rocketchat - fix duplicate JSON conversion for Rocket.Chat < 7.4.0 (https://github.com/ansible-collections/community.general/pull/9965).
+        - wdc_redfish_command, wdc_redfish_info - add ``validate_certs``, ``ca_path``,
+          and ``ciphers`` options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686,
+          https://github.com/ansible-collections/community.general/pull/9964).
+        - xcc_redfish_command - add ``validate_certs``, ``ca_path``, and ``ciphers``
+          options to configure TLS/SSL (https://github.com/ansible-collections/community.general/issues/3686,
+          https://github.com/ansible-collections/community.general/pull/9964).
+        - zypper - adds ``skip_post_errors`` that allows to skip RPM post-install
+          errors (Zypper return code 107) (https://github.com/ansible-collections/community.general/issues/9972).
+      release_summary: Regular bugfix and feature release.
+    fragments:
+      - 10.6.0.yml
+      - 10005-fix-method-exists-in-sysrc.yml
+      - 10011-github_deploy_key-check-key-present.yml
+      - 10012-improve-error-handling-homebrew-missing-tap.yml
+      - 10014-puppet-improve-param.yml
+      - 10026-stackpath-compute-deprecation.yml
+      - 10028-manifold-deprecation.yml
+      - 9646-hpilo-fix-idempotency.yml
+      - 9833-data-tagging.yml
+      - 9895-proxmox_tags_with_uppercase_chars.yml
+      - 9898-keycloak_user-supports-subgroups.yaml
+      - 9951-mod-php-identifier.yml
+      - 9952-proxmox-inventory-plugin-improve-ansible_host.yml
+      - 9953-gitlab-project-members-support-owner-level.yml
+      - 9959-update-opennebula-onevm-updateconf-params.yml
+      - 9960-gitlab_project-add-build_timeout-option.yml
+      - 9962-nmcli-add-infiniband-mac-support.yml
+      - 9963-proxmox_disk-storage.yml
+      - 9964-redfish-tls.yml
+      - 9965-fix-duplicate-jsonify-payload-for-rocketchat-pre740.yml
+      - 9970-pkcs12_alias_cert_alias_optional.yml
+      - 9972-zypper-skip-post-errors.yml
+      - 9976-keycloak_client-fix-idempotency-regression.yml
+      - 9987-keycloak-auth-flow-fix-config.yaml
+      - 9992-filtertypeerror.yml
+    plugins:
+      connection:
+        - description: Run tasks in WSL distribution using wsl.exe CLI via SSH.
+          name: wsl
+          namespace: null
+    release_date: '2025-04-21'
+  10.7.0:
+    changes:
+      bugfixes:
+        - cobbler_system - fix bug with Cobbler >= 3.4.0 caused by giving more than
+          2 positional arguments to ``CobblerXMLRPCInterface.get_system_handle()``
+          (https://github.com/ansible-collections/community.general/issues/8506, https://github.com/ansible-collections/community.general/pull/10145).
+        - kdeconfig - allow option values beginning with a dash (https://github.com/ansible-collections/community.general/issues/10127,
+          https://github.com/ansible-collections/community.general/pull/10128).
+        - keycloak_user_rolemapping - fix ``--diff`` mode (https://github.com/ansible-collections/community.general/issues/10067,
+          https://github.com/ansible-collections/community.general/pull/10075).
+        - pickle cache plugin - avoid extra JSON serialization with ansible-core >=
+          2.19 (https://github.com/ansible-collections/community.general/pull/10136).
+        - proxmox - fix crash in module when the used on an existing LXC container
+          with ``state=present`` and ``force=true`` (https://github.com/ansible-collections/community.proxmox/pull/91,
+          https://github.com/ansible-collections/community.general/pull/10155).
+        - rundeck_acl_policy - ensure that project ACLs are sent to the correct endpoint
+          (https://github.com/ansible-collections/community.general/pull/10097).
+        - sysrc - split the output of ``sysrc -e -a`` on the first ``=`` only (https://github.com/ansible-collections/community.general/issues/10120,
+          https://github.com/ansible-collections/community.general/pull/10121).
+      deprecated_features:
+        - The proxmox content (modules and plugins) is being moved to the `new collection
+          community.proxmox <https://github.com/ansible-collections/community.proxmox>`__.
+          In community.general 11.0.0, these modules and plugins will be replaced
+          by deprecated redirections to community.proxmox. You need to explicitly
+          install community.proxmox, for example with ``ansible-galaxy collection
+          install community.proxmox``. We suggest to update your roles and playbooks
+          to use the new FQCNs as soon as possible to avoid getting deprecation messages
+          (https://github.com/ansible-collections/community.general/pull/10109).
+        - pipx module_utils - function ``make_process_list()`` is deprecated and will
+          be removed in community.general 13.0.0 (https://github.com/ansible-collections/community.general/pull/10031).
+      minor_changes:
+        - cobbler inventory plugin - add ``connection_timeout`` option to specify
+          the connection timeout to the cobbler server (https://github.com/ansible-collections/community.general/pull/11063).
+        - cobbler inventory plugin - add ``facts_level`` option to allow requesting
+          fully rendered variables for Cobbler systems (https://github.com/ansible-collections/community.general/issues/9419,
+          https://github.com/ansible-collections/community.general/pull/9975).
+        - ini_file - modify an inactive option also when there are spaces in front
+          of the comment symbol (https://github.com/ansible-collections/community.general/pull/10102,
+          https://github.com/ansible-collections/community.general/issues/8539).
+        - 'pipx - parameter ``name`` now accepts Python package specifiers (https://github.com/ansible-collections/community.general/issues/7815,
+          https://github.com/ansible-collections/community.general/pull/10031).
+
+          '
+        - pipx module_utils - filtering application list by name now happens in the
+          modules (https://github.com/ansible-collections/community.general/pull/10031).
+        - pipx_info - filtering application list by name now happens in the module  (https://github.com/ansible-collections/community.general/pull/10031).
+      release_summary: 'Bugfix and feature release.
+
+        Note that this is the final minor 10.x.0 release.
+
+        The next release with new features will be 11.0.0.
+
+        From now on, there will only be bugfix 10.7.x releases for the community.general
+        10 release train.
+
+        '
+    fragments:
+      - 10.7.0.yml
+      - 10031-pipx-python-version.yml
+      - 10063-cobbler-add-connection-timeout.yml
+      - 10075-keycloak_user_rolemapping-diff.yml
+      - 10097-fix-rundeck_acl_policy-project-endpoint.yml
+      - 10102-ini_file-fix-unmatched-whitespace-before-comment.yml
+      - 10121-sysrc-fix-split-first-separator.yml
+      - 10128-mark-end-of-options.yml
+      - 10136-cache-pickle-json.yml
+      - 10145-fix-typeerror-cobbler-xmlrpc.yml
+      - 10155-proxmox-bugfix.yml
+      - 9975-inventory-cobbler-as-rendered.yml
+      - proxmox-deprecation.yml
+    modules:
+      - description: Set default handler for MIME types, for applications using XDG
+          tools.
+        name: xdg_mime
+        namespace: ''
+    plugins:
+      callback:
+        - description: Prints playbook task snippet to job output.
+          name: print_task
+          namespace: null
+      filter:
+        - description: Format a list of dictionaries as an ASCII table.
+          name: to_prettytable
+          namespace: null
+    release_date: '2025-05-19'
+  10.7.1:
+    changes:
+      bugfixes:
+        - cobbler_system - update minimum version number to avoid wrong comparisons
+          that happen in some cases using LooseVersion class which results in TypeError
+          (https://github.com/ansible-collections/community.general/issues/8506, https://github.com/ansible-collections/community.general/pull/10145,
+          https://github.com/ansible-collections/community.general/pull/10178).
+        - gitlab_group_access_token, gitlab_project_access_token - fix handling of
+          group and project access tokens for changes in GitLab 17.10 (https://github.com/ansible-collections/community.general/pull/10196).
+        - keycloak - update more than 10 sub-groups (https://github.com/ansible-collections/community.general/issues/9690,
+          https://github.com/ansible-collections/community.general/pull/9692).
+        - yaml callback plugin - adjust to latest changes in ansible-core devel (https://github.com/ansible-collections/community.general/pull/10212).
+        - yaml callback plugin - when using ansible-core 2.19.0b2 or newer, uses a
+          new utility provided by ansible-core. This allows us to remove all hacks
+          and vendored code that was part of the plugin for ansible-core versions
+          with Data Tagging so far (https://github.com/ansible-collections/community.general/pull/10242).
+        - zypper_repository - make compatible with Python 3.12+ (https://github.com/ansible-collections/community.general/issues/10222,
+          https://github.com/ansible-collections/community.general/pull/10223).
+        - zypper_repository - use ``metalink`` attribute to identify repositories
+          without ``<url/>`` element (https://github.com/ansible-collections/community.general/issues/10224,
+          https://github.com/ansible-collections/community.general/pull/10225).
+      deprecated_features:
+        - yaml callback plugin - the YAML callback plugin was deprecated for removal
+          in community.general 13.0.0. Since it needs to use ansible-core internals
+          since ansible-core 2.19 that are changing a lot, we will remove this plugin
+          already from community.general 12.0.0 to ease the maintenance burden (https://github.com/ansible-collections/community.general/pull/10213).
+      minor_changes:
+        - git_config - remove redundant ``required=False`` from ``argument_spec``
+          (https://github.com/ansible-collections/community.general/pull/10177).
+        - proxmox_snap - correctly handle proxmox_snap timeout parameter (https://github.com/ansible-collections/community.proxmox/issues/73,
+          https://github.com/ansible-collections/community.proxmox/issues/95, https://github.com/ansible-collections/community.general/pull/10176).
+      release_summary: Regular bugfix release.
+    fragments:
+      - 10.7.1.yml
+      - 10176-fix-proxmox_snap_timeout.yml
+      - 10177-git-config-required.yml
+      - 10178-update-minimum-version-number-to-avoid-wrong-comparisons-cobbler-xmlrpc.yml
+      - 10196-fix-gitlab-access-tokens.yml
+      - 10212-yaml.yml
+      - 10213-yaml-deprecation.yml
+      - 10222-zypper_repository-readfp.yml
+      - 10224-zypper_repository-metalink.yml
+      - 10242-yaml.yml
+      - 9692-update-more-than-10-keycloak-sub-groups.yml
+    release_date: '2025-06-16'
+  10.7.2:
+    changes:
+      bugfixes:
+        - dependent lookup plugin - avoid deprecated ansible-core 2.19 functionality
+          (https://github.com/ansible-collections/community.general/pull/10359).
+        - github_release - support multiple types of GitHub tokens; no longer failing
+          when ``ghs_`` token type is provided (https://github.com/ansible-collections/community.general/issues/10338,
+          https://github.com/ansible-collections/community.general/pull/10339).
+        - icinga2 inventory plugin - avoid using deprecated option when templating
+          options (https://github.com/ansible-collections/community.general/pull/10271).
+        - incus connection plugin - fix error handling to return more useful Ansible
+          errors to the user (https://github.com/ansible-collections/community.general/issues/10344,
+          https://github.com/ansible-collections/community.general/pull/10349).
+        - linode inventory plugin - avoid using deprecated option when templating
+          options (https://github.com/ansible-collections/community.general/pull/10271).
+        - logstash callback plugin - remove reference to Python 2 library (https://github.com/ansible-collections/community.general/pull/10345).
+      release_summary: Regular bugfix release.
+    fragments:
+      - 10.7.2.yml
+      - 10271--disable_lookups.yml
+      - 10339-github_app_access_token.yml
+      - 10349-incus_connection-error-handling.yml
+      - 10359-dependent.yml
+      - logstash.yml
+    release_date: '2025-07-14'
--- a/docs/docsite/extra-docs.yml
+++ b/docs/docsite/extra-docs.yml
@@ -20,3 +20,4 @@ sections:
      - guide_vardict
      - guide_cmdrunner
      - guide_modulehelper
+      - guide_uthelper
--- a/docs/docsite/rst/filter_guide.rst
+++ b/docs/docsite/rst/filter_guide.rst
@@ -8,7 +8,7 @@
 community.general Filter Guide
 ==============================

-The :ref:`community.general collection <plugins_in_community.general>` offers several useful filter plugins.
+The :anscollection:`community.general collection <community.general#collection>` offers several useful filter plugins.

 .. toctree::
   :maxdepth: 2
--- a/docs/docsite/rst/filter_guide_abstract_informations_dictionaries.rst
+++ b/docs/docsite/rst/filter_guide_abstract_informations_dictionaries.rst
@@ -26,8 +26,8 @@ You can use the :ansplugin:`community.general.dict_kv filter <community.general.
          type: host
          database: all
        myservers:
-        - server1
-        - server2
+          - server1
+          - server2

 This produces:

--- a/docs/docsite/rst/filter_guide_selecting_json_data.rst
+++ b/docs/docsite/rst/filter_guide_selecting_json_data.rst
@@ -17,50 +17,50 @@ Consider this data structure:
 .. code-block:: yaml+jinja

    {
-        "domain_definition": {
-            "domain": {
-                "cluster": [
-                    {
-                        "name": "cluster1"
-                    },
-                    {
-                        "name": "cluster2"
-                    }
-                ],
-                "server": [
-                    {
-                        "name": "server11",
-                        "cluster": "cluster1",
-                        "port": "8080"
-                    },
-                    {
-                        "name": "server12",
-                        "cluster": "cluster1",
-                        "port": "8090"
-                    },
-                    {
-                        "name": "server21",
-                        "cluster": "cluster2",
-                        "port": "9080"
-                    },
-                    {
-                        "name": "server22",
-                        "cluster": "cluster2",
-                        "port": "9090"
-                    }
-                ],
-                "library": [
-                    {
-                        "name": "lib1",
-                        "target": "cluster1"
-                    },
-                    {
-                        "name": "lib2",
-                        "target": "cluster2"
-                    }
-                ]
+      "domain_definition": {
+        "domain": {
+          "cluster": [
+            {
+              "name": "cluster1"
+            },
+            {
+              "name": "cluster2"
            }
+          ],
+          "server": [
+            {
+              "name": "server11",
+              "cluster": "cluster1",
+              "port": "8080"
+            },
+            {
+              "name": "server12",
+              "cluster": "cluster1",
+              "port": "8090"
+            },
+            {
+              "name": "server21",
+              "cluster": "cluster2",
+              "port": "9080"
+            },
+            {
+              "name": "server22",
+              "cluster": "cluster2",
+              "port": "9090"
+            }
+          ],
+          "library": [
+            {
+              "name": "lib1",
+              "target": "cluster1"
+            },
+            {
+              "name": "lib2",
+              "target": "cluster2"
+            }
+          ]
        }
+      }
    }

 To extract all clusters from this structure, you can use the following query:
@@ -124,7 +124,7 @@ To get a hash map with all ports and names of a cluster:
        var: item
      loop: "{{ domain_definition | community.general.json_query(server_name_cluster1_query) }}"
      vars:
-        server_name_cluster1_query: "domain.server[?cluster=='cluster2'].{name: name, port: port}"
+        server_name_cluster1_query: "domain.server[?cluster=='cluster1'].{name: name, port: port}"

 To extract ports from all clusters with name starting with 'server1':

--- a/docs/docsite/rst/guide_alicloud.rst
+++ b/docs/docsite/rst/guide_alicloud.rst
@@ -78,17 +78,17 @@ If you do not specify a ``count_tag``, the task creates the number of instances
      tasks:
        - name: Create a set of instances
          community.general.ali_instance:
-             instance_type: ecs.n4.small
-             image_id: "{{ ami_id }}"
-             instance_name: "My-new-instance"
-             instance_tags:
-                 Name: NewECS
-                 Version: 0.0.1
-             count: 5
-             count_tag:
-                 Name: NewECS
-             allocate_public_ip: true
-             max_bandwidth_out: 50
+            instance_type: ecs.n4.small
+            image_id: "{{ ami_id }}"
+            instance_name: "My-new-instance"
+            instance_tags:
+              Name: NewECS
+              Version: 0.0.1
+            count: 5
+            count_tag:
+              Name: NewECS
+            allocate_public_ip: true
+            max_bandwidth_out: 50
          register: create_instance

 In the example playbook above, data about the instances created by this playbook is saved in the variable defined by the ``register`` keyword in the task.
--- a/docs/docsite/rst/guide_cmdrunner.rst
+++ b/docs/docsite/rst/guide_cmdrunner.rst
@@ -267,24 +267,54 @@ In these descriptions ``value`` refers to the single parameter passed to the for
        +------------+-------------------------+

 - ``cmd_runner_fmt.as_fixed()``
-    This method receives one parameter ``arg``, the function expects no ``value`` - if one
-    is provided then it is ignored.
-    The function returns ``arg`` as-is.
+    This method defines one or more fixed arguments that are returned by the generated function
+    regardless whether ``value`` is passed to it or not.

-    - Creation:
-        ``cmd_runner_fmt.as_fixed("--version")``
+    This method accepts these arguments in one of three forms:
+
+        * one scalar parameter ``arg``, which will be returned as ``[arg]`` by the function, or
+        * one sequence parameter, such as a list, ``arg``, which will be returned by the function as ``arg[0]``, or
+        * multiple parameters ``args``, which will be returned as ``args`` directly by the function.
+
+    See the examples below for each one of those forms. And, stressing that the generated function expects no ``value`` - if one
+    is provided then it is ignored.
+
+    - Creation (one scalar argument):
+        * ``cmd_runner_fmt.as_fixed("--version")``
    - Examples:
-        +---------+-----------------------+
-        | Value   | Outcome               |
-        +=========+=======================+
-        |         | ``["--version"]``     |
-        +---------+-----------------------+
-        | 57      | ``["--version"]``     |
-        +---------+-----------------------+
+        +---------+--------------------------------------+
+        | Value   | Outcome                              |
+        +=========+======================================+
+        |         | * ``["--version"]``                  |
+        +---------+--------------------------------------+
+        | 57      | * ``["--version"]``                  |
+        +---------+--------------------------------------+
+
+    - Creation (one sequence argument):
+        * ``cmd_runner_fmt.as_fixed(["--list", "--json"])``
+    - Examples:
+        +---------+--------------------------------------+
+        | Value   | Outcome                              |
+        +=========+======================================+
+        |         | * ``["--list", "--json"]``           |
+        +---------+--------------------------------------+
+        | True    | * ``["--list", "--json"]``           |
+        +---------+--------------------------------------+
+
+    - Creation (multiple arguments):
+        * ``cmd_runner_fmt.as_fixed("--one", "--two", "--three")``
+    - Examples:
+        +---------+--------------------------------------+
+        | Value   | Outcome                              |
+        +=========+======================================+
+        |         | * ``["--one", "--two", "--three"]``  |
+        +---------+--------------------------------------+
+        | False   | * ``["--one", "--two", "--three"]``  |
+        +---------+--------------------------------------+

    - Note:
        This is the only special case in which a value can be missing for the formatting function.
-        The example also comes from the code in `Quickstart`_.
+        The first example here comes from the code in `Quickstart`_.
        In that case, the module has code to determine the command's version so that it can assert compatibility.
        There is no *value* to be passed for that CLI argument.

--- a/docs/docsite/rst/guide_modulehelper.rst
+++ b/docs/docsite/rst/guide_modulehelper.rst
@@ -76,13 +76,18 @@ section above, but there are more elements that will take part in it.
    from ansible_collections.community.general.plugins.module_utils.module_helper import ModuleHelper

    class MyTest(ModuleHelper):
+        # behavior for module paramaters ONLY, see below for further information
        output_params = ()
        change_params = ()
        diff_params = ()
-        facts_name = None
        facts_params = ()
+
+        facts_name = None   # used if generating facts, from parameters or otherwise
+
+        # transitional variables for the new VarDict implementation, see information below
        use_old_vardict = True
        mute_vardict_deprecation = False
+
        module = dict(
            argument_spec=dict(...),
            # ...
@@ -211,9 +216,10 @@ One of the attributes in that metadata marks the variable for output, and MH mak
    There are two ways to prevent that from happening:

        #.  Set ``mute_vardict_deprecation = True`` and the deprecation will be silenced. If the module still uses the old ``VarDict``,
-            it will not be able to update to community.general 11.0.0 (Spring 2026) upon its release.
-        #.  Set ``use_old_vardict = False`` to make the MH module use the new ``VarDict`` immediatelly.
-            The new ``VarDict`` and its use is documented and this is the recommended way to handle this.
+            it will not be able to update to community.general 11.0.0 (Spring 2025) upon its release.
+        #.  Set ``use_old_vardict = False`` to make the MH module use the new ``VarDict`` immediately.
+            We strongly recommend you use the new ``VarDict``, for that you make sure to consult its documentation at
+            :ref:`ansible_collections.community.general.docsite.guide_vardict`.

    .. code-block:: python

@@ -233,6 +239,11 @@ If you want to include some module parameters in the output, list them in the ``
        output_params = ('state', 'name')
        ...

+.. important::
+
+    The variable names listed in ``output_params`` **must be module parameters**, as in parameters listed in the module's ``argument_spec``.
+    Names not found in ``argument_spec`` are silently ignored.
+
 Another neat feature provided by MH by using ``VarDict`` is the automatic tracking of changes when setting the metadata ``change=True``.
 Again, to enable this feature for module parameters, you must list them in the ``change_params`` class variable.

@@ -243,6 +254,11 @@ Again, to enable this feature for module parameters, you must list them in the `
        change_params = ('value', )
        ...

+.. important::
+
+    The variable names listed in ``change_params`` **must be module parameters**, as in parameters listed in the module's ``argument_spec``.
+    Names not found in ``argument_spec`` are silently ignored.
+
 .. seealso::

    See more about this in
@@ -260,6 +276,11 @@ With that, MH will automatically generate the diff output for variables that hav
        # example from community.general.gio_mime
        self.vars.set_meta("handler", initial_value=gio_mime_get(self.runner, self.vars.mime_type), diff=True, change=True)

+.. important::
+
+    The variable names listed in ``diff_params`` **must be module parameters**, as in parameters listed in the module's ``argument_spec``.
+    Names not found in ``argument_spec`` are silently ignored.
+
 Moreover, if a module is set to return *facts* instead of return values, then again use the metadata ``fact=True`` and ``fact_params`` for module parameters.
 Additionally, you must specify ``facts_name``, as in:

@@ -283,6 +304,11 @@ That generates an Ansible fact like:
      debug:
        msg: Volume fact is {{ ansible_facts.volume_facts.volume }}

+.. important::
+
+    The variable names listed in ``fact_params`` **must be module parameters**, as in parameters listed in the module's ``argument_spec``.
+    Names not found in ``argument_spec`` are silently ignored.
+
 .. important::

    If ``facts_name`` is not set, the module does not generate any facts.
--- a/docs/docsite/rst/guide_packet.rst
+++ b/docs/docsite/rst/guide_packet.rst
@@ -67,16 +67,16 @@ The following code block is a simple playbook that creates one `Type 0 <https://
      hosts: localhost
      tasks:

-      - community.general.packet_sshkey:
-          key_file: ./id_rsa.pub
-          label: tutorial key
+        - community.general.packet_sshkey:
+            key_file: ./id_rsa.pub
+            label: tutorial key

-      - community.general.packet_device:
-          project_id: <your_project_id>
-          hostnames: myserver
-          operating_system: ubuntu_16_04
-          plan: baremetal_0
-          facility: sjc1
+        - community.general.packet_device:
+            project_id: <your_project_id>
+            hostnames: myserver
+            operating_system: ubuntu_16_04
+            plan: baremetal_0
+            facility: sjc1

 After running ``ansible-playbook playbook_create.yml``, you should have a server provisioned on Packet. You can verify through a CLI or in the `Packet portal <https://app.packet.net/portal#/projects/list/table>`__.

@@ -110,10 +110,10 @@ If your playbook acts on existing Packet devices, you can only pass the ``hostna
      hosts: localhost
      tasks:

-      - community.general.packet_device:
-          project_id: <your_project_id>
-          hostnames: myserver
-          state: rebooted
+        - community.general.packet_device:
+            project_id: <your_project_id>
+            hostnames: myserver
+            state: rebooted

 You can also identify specific Packet devices with the ``device_ids`` parameter. The device's UUID can be found in the `Packet Portal <https://app.packet.net/portal>`_ or by using a `CLI <https://www.packet.net/developers/integrations/>`_. The following playbook removes a Packet device using the ``device_ids`` field:

@@ -125,10 +125,10 @@ You can also identify specific Packet devices with the ``device_ids`` parameter.
      hosts: localhost
      tasks:

-      - community.general.packet_device:
-          project_id: <your_project_id>
-          device_ids: <myserver_device_id>
-          state: absent
+        - community.general.packet_device:
+            project_id: <your_project_id>
+            device_ids: <myserver_device_id>
+            state: absent


 More Complex Playbooks
@@ -153,43 +153,43 @@ The following playbook will create an SSH key, 3 Packet servers, and then wait u
      hosts: localhost
      tasks:

-      - community.general.packet_sshkey:
-          key_file: ./id_rsa.pub
-          label: new
+        - community.general.packet_sshkey:
+            key_file: ./id_rsa.pub
+            label: new

-      - community.general.packet_device:
-          hostnames: [coreos-one, coreos-two, coreos-three]
-          operating_system: coreos_beta
-          plan: baremetal_0
-          facility: ewr1
-          project_id: <your_project_id>
-          wait_for_public_IPv: 4
-          user_data: |
-            #cloud-config
-            coreos:
-              etcd2:
-                discovery: https://discovery.etcd.io/<token>
-                advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
-                initial-advertise-peer-urls: http://$private_ipv4:2380
-                listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
-                listen-peer-urls: http://$private_ipv4:2380
-              fleet:
-                public-ip: $private_ipv4
-              units:
-                - name: etcd2.service
-                  command: start
-                - name: fleet.service
-                  command: start
-        register: newhosts
+        - community.general.packet_device:
+            hostnames: [coreos-one, coreos-two, coreos-three]
+            operating_system: coreos_beta
+            plan: baremetal_0
+            facility: ewr1
+            project_id: <your_project_id>
+            wait_for_public_IPv: 4
+            user_data: |
+              # cloud-config
+              coreos:
+                etcd2:
+                  discovery: https://discovery.etcd.io/<token>
+                  advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+                  initial-advertise-peer-urls: http://$private_ipv4:2380
+                  listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+                  listen-peer-urls: http://$private_ipv4:2380
+                fleet:
+                  public-ip: $private_ipv4
+                units:
+                  - name: etcd2.service
+                    command: start
+                  - name: fleet.service
+                    command: start
+          register: newhosts

-      - name: wait for ssh
-        ansible.builtin.wait_for:
-          delay: 1
-          host: "{{ item.public_ipv4 }}"
-          port: 22
-          state: started
-          timeout: 500
-        loop: "{{ newhosts.results[0].devices }}"
+        - name: wait for ssh
+          ansible.builtin.wait_for:
+            delay: 1
+            host: "{{ item.public_ipv4 }}"
+            port: 22
+            state: started
+            timeout: 500
+          loop: "{{ newhosts.results[0].devices }}"


 As with most Ansible modules, the default states of the Packet modules are idempotent, meaning the resources in your project will remain the same after re-runs of a playbook. Thus, we can keep the ``packet_sshkey`` module call in our playbook. If the public key is already in your Packet account, the call will have no effect.
--- a/docs/docsite/rst/guide_uthelper.rst
+++ b/docs/docsite/rst/guide_uthelper.rst
@@ -0,0 +1,394 @@
+..
+  Copyright (c) Ansible Project
+  GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+  SPDX-License-Identifier: GPL-3.0-or-later
+
+.. _ansible_collections.community.general.docsite.guide_uthelper:
+
+UTHelper Guide
+==============
+
+Introduction
+^^^^^^^^^^^^
+
+``UTHelper`` was written to reduce the boilerplate code used in unit tests for modules.
+It was originally written to handle tests of modules that run external commands using ``AnsibleModule.run_command()``.
+At the time of writing (Feb 2025) that remains the only type of tests you can use
+``UTHelper`` for, but it aims to provide support for other types of interactions.
+
+Until now, there are many different ways to implement unit tests that validate a module based on the execution of external commands. See some examples:
+
+* `test_apk.py <https://github.com/ansible-collections/community.general/blob/10.3.0/tests/unit/plugins/modules/test_apk.py>`_ - A very simple one
+* `test_bootc_manage.py <https://github.com/ansible-collections/community.general/blob/10.3.0/tests/unit/plugins/modules/test_bootc_manage.py>`_ -
+  This one has more test cases, but do notice how the code is repeated amongst them.
+* `test_modprobe.py <https://github.com/ansible-collections/community.general/blob/10.3.0/tests/unit/plugins/modules/test_modprobe.py>`_ -
+  This one has 15 tests in it, but to achieve that it declares 8 classes repeating quite a lot of code.
+
+As you can notice, there is no consistency in the way these tests are executed -
+they all do the same thing eventually, but each one is written in a very distinct way.
+
+``UTHelper`` aims to:
+
+* provide a consistent idiom to define unit tests
+* reduce the code to a bare minimal, and
+* define tests as data instead
+* allow the test cases definition to be expressed not only as a Python data structure but also as YAML content
+
+Quickstart
+""""""""""
+
+To use UTHelper, your test module will need only a bare minimal of code:
+
+.. code-block:: python
+
+    # tests/unit/plugin/modules/test_ansible_module.py
+    from ansible_collections.community.general.plugins.modules import ansible_module
+    from .uthelper import UTHelper, RunCommandMock
+
+
+    UTHelper.from_module(ansible_module, __name__, mocks=[RunCommandMock])
+
+Then, in the test specification file, you have:
+
+.. code-block:: yaml
+
+    # tests/unit/plugin/modules/test_ansible_module.yaml
+    test_cases:
+      - id: test_ansible_module
+        flags:
+          diff: true
+        input:
+          state: present
+          name: Roger the Shrubber
+        output:
+          shrubbery:
+            looks: nice
+            price: not too expensive
+          changed: true
+          diff:
+            before:
+              shrubbery: null
+            after:
+              shrubbery:
+                looks: nice
+                price: not too expensive
+        mocks:
+          run_command:
+            - command: [/testbin/shrubber, --version]
+              rc: 0
+              out: "2.80.0\n"
+              err: ''
+            - command: [/testbin/shrubber, --make-shrubbery]
+              rc: 0
+              out: 'Shrubbery created'
+              err: ''
+
+.. note::
+
+    If you prefer to pick a different YAML file for the test cases, or if you prefer to define them in plain Python,
+    you can use the convenience methods ``UTHelper.from_file()`` and ``UTHelper.from_spec()``, respectively.
+    See more details below.
+
+
+Using ``UTHelper``
+^^^^^^^^^^^^^^^^^^
+
+Test Module
+"""""""""""
+
+``UTHelper`` is **strictly for unit tests**. To use it, you import the ``.uthelper.UTHelper`` class.
+As mentioned in different parts of this guide, there are three different mechanisms to load the test cases.
+
+.. seealso::
+
+    See the UTHelper class reference below for API details on the three different mechanisms.
+
+
+The easies and most recommended way of using ``UTHelper`` is literally the example shown.
+See a real world example at
+`test_gconftool2.py <https://github.com/ansible-collections/community.general/blob/10.3.0/tests/unit/plugins/modules/test_gconftool2.py>`_.
+
+The ``from_module()`` method will pick the filename of the test module up (in the example above, ``tests/unit/plugins/modules/test_gconftool2.py``)
+and it will search for ``tests/unit/plugins/modules/test_gconftool2.yaml`` (or ``.yml`` if that is not found).
+In that file it will expect to find the test specification expressed in YAML format, conforming to the structure described below LINK LINK LINK.
+
+If you prefer to read the test specifications a different file path, use ``from_file()`` passing the file handle for the YAML file.
+
+And, if for any reason you prefer or need to pass the data structure rather than dealing with YAML files, use the ``from_spec()`` method.
+A real world example for that can be found at
+`test_snap.py <https://github.com/ansible-collections/community.general/blob/main/tests/unit/plugins/modules/test_snap.py>`_.
+
+
+Test Specification
+""""""""""""""""""
+
+The structure of the test specification data is described below.
+
+Top level
+---------
+
+At the top level there are two accepted keys:
+
+- ``anchors: dict``
+    Optional. Placeholder for you to define YAML anchors that can be repeated in the test cases.
+    Its contents are never accessed directly by test Helper.
+- ``test_cases: list``
+    Mandatory. List of test cases, see below for definition.
+
+Test cases
+----------
+
+You write the test cases with five elements:
+
+- ``id: str``
+    Mandatory. Used to identify the test case.
+
+- ``flags: dict``
+    Optional. Flags controling the behavior of the test case. All flags are optional. Accepted flags:
+
+    * ``check: bool``: set to ``true`` if the module is to be executed in **check mode**.
+    * ``diff: bool``: set to ``true`` if the module is to be executed in **diff mode**.
+    * ``skip: str``: set the test case to be skipped, providing the message for ``pytest.skip()``.
+    * ``xfail: str``: set the test case to expect failure, providing the message for ``pytest.xfail()``.
+
+- ``input: dict``
+    Optional. Parameters for the Ansible module, it can be empty.
+
+- ``output: dict``
+    Optional. Expected return values from the Ansible module.
+    All RV names are used here are expected to be found in the module output, but not all RVs in the output must be here.
+    It can include special RVs such as ``changed`` and ``diff``.
+    It can be empty.
+
+- ``mocks: dict``
+    Optional. Mocked interactions, ``run_command`` being the only one supported for now.
+    Each key in this dictionary refers to one subclass of ``TestCaseMock`` and its
+    structure is dictated by the ``TestCaseMock`` subclass implementation.
+    All keys are expected to be named using snake case, as in ``run_command``.
+    The ``TestCaseMock`` subclass is responsible for defining the name used in the test specification.
+    The structure for that specification is dependent on the implementing class.
+    See more details below for the implementation of ``RunCommandMock``
+
+Example using YAML
+------------------
+
+We recommend you use ``UTHelper`` reading the test specifications from a YAML file.
+See an example below of how one actually looks like (excerpt from ``test_opkg.yaml``):
+
+..  code-block:: yaml
+
+  ---
+  anchors:
+    environ: &env-def {environ_update: {LANGUAGE: C, LC_ALL: C}, check_rc: false}
+  test_cases:
+    - id: install_zlibdev
+      input:
+        name: zlib-dev
+        state: present
+      output:
+        msg: installed 1 package(s)
+      mocks:
+        run_command:
+          - command: [/testbin/opkg, --version]
+            environ: *env-def
+            rc: 0
+            out: ''
+            err: ''
+          - command: [/testbin/opkg, list-installed, zlib-dev]
+            environ: *env-def
+            rc: 0
+            out: ''
+            err: ''
+          - command: [/testbin/opkg, install, zlib-dev]
+            environ: *env-def
+            rc: 0
+            out: |
+              Installing zlib-dev (1.2.11-6) to root...
+              Downloading https://downloads.openwrt.org/releases/22.03.0/packages/mips_24kc/base/zlib-dev_1.2.11-6_mips_24kc.ipk
+              Installing zlib (1.2.11-6) to root...
+              Downloading https://downloads.openwrt.org/releases/22.03.0/packages/mips_24kc/base/zlib_1.2.11-6_mips_24kc.ipk
+              Configuring zlib.
+              Configuring zlib-dev.
+            err: ''
+          - command: [/testbin/opkg, list-installed, zlib-dev]
+            environ: *env-def
+            rc: 0
+            out: |
+              zlib-dev - 1.2.11-6
+            err: ''
+    - id: install_zlibdev_present
+      input:
+        name: zlib-dev
+        state: present
+      output:
+        msg: package(s) already present
+      mocks:
+        run_command:
+          - command: [/testbin/opkg, --version]
+            environ: *env-def
+            rc: 0
+            out: ''
+            err: ''
+          - command: [/testbin/opkg, list-installed, zlib-dev]
+            environ: *env-def
+            rc: 0
+            out: |
+              zlib-dev - 1.2.11-6
+            err: ''
+
+TestCaseMocks Specifications
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The ``TestCaseMock`` subclass is free to define the expected data structure.
+
+RunCommandMock Specification
+""""""""""""""""""""""""""""
+
+``RunCommandMock`` mocks can be specified with the key ``run_command`` and it expects a ``list`` in which elements follow the structure:
+
+- ``command: Union[list, str]``
+    Mandatory. The command that is expected to be executed by the module. It corresponds to the parameter ``args`` of the ``AnsibleModule.run_command()`` call.
+    It can be either a list or a string, though the list form is generally recommended.
+- ``environ: dict``
+    Mandatory. All other parameters passed to the ``AnsibleModule.run_command()`` call.
+    Most commonly used are ``environ_update`` and ``check_rc``.
+    Must include all parameters the Ansible module uses in the ``AnsibleModule.run_command()`` call, otherwise the test will fail.
+- ``rc: int``
+    Mandatory. The return code for the command execution.
+    As per usual in bash scripting, a value of ``0`` means success, whereas any other number is an error code.
+- ``out: str``
+    Mandatory. The *stdout* result of the command execution, as one single string containing zero or more lines.
+- ``err: str``
+    Mandatory. The *stderr* result of the command execution, as one single string containing zero or more lines.
+
+
+``UTHelper`` Reference
+^^^^^^^^^^^^^^^^^^^^^^
+
+.. py:module:: .uthelper
+
+  .. py:class:: UTHelper
+
+    A class to encapsulate unit tests.
+
+    .. py:staticmethod:: from_spec(ansible_module, test_module, test_spec, mocks=None)
+
+      Creates an ``UTHelper`` instance from a given test specification.
+
+      :param ansible_module: The Ansible module to be tested.
+      :type ansible_module: module
+      :param test_module: The test module.
+      :type test_module: module
+      :param test_spec: The test specification.
+      :type test_spec: dict
+      :param mocks: List of ``TestCaseMocks`` to be used during testing. Currently only ``RunCommandMock`` exists.
+      :type mocks: list or None
+      :return: An ``UTHelper`` instance.
+      :rtype: UTHelper
+
+      Example usage of ``from_spec()``:
+
+      .. code-block:: python
+
+          import sys
+
+          from ansible_collections.community.general.plugins.modules import ansible_module
+          from .uthelper import UTHelper, RunCommandMock
+
+          TEST_SPEC = dict(
+              test_cases=[
+                  ...
+              ]
+          )
+
+          helper = UTHelper.from_spec(ansible_module, sys.modules[__name__], TEST_SPEC, mocks=[RunCommandMock])
+
+    .. py:staticmethod:: from_file(ansible_module, test_module, test_spec_filehandle, mocks=None)
+
+      Creates an ``UTHelper`` instance from a test specification file.
+
+      :param ansible_module: The Ansible module to be tested.
+      :type ansible_module: module
+      :param test_module: The test module.
+      :type test_module: module
+      :param test_spec_filehandle: A file handle to an file stream handle providing the test specification in YAML format.
+      :type test_spec_filehandle: file
+      :param mocks: List of ``TestCaseMocks`` to be used during testing. Currently only ``RunCommandMock`` exists.
+      :type mocks: list or None
+      :return: An ``UTHelper`` instance.
+      :rtype: UTHelper
+
+      Example usage of ``from_file()``:
+
+      .. code-block:: python
+
+          import sys
+
+          from ansible_collections.community.general.plugins.modules import ansible_module
+          from .uthelper import UTHelper, RunCommandMock
+
+          with open("test_spec.yaml", "r") as test_spec_filehandle:
+              helper = UTHelper.from_file(ansible_module, sys.modules[__name__], test_spec_filehandle, mocks=[RunCommandMock])
+
+    .. py:staticmethod:: from_module(ansible_module, test_module_name, mocks=None)
+
+      Creates an ``UTHelper`` instance from a given Ansible module and test module.
+
+      :param ansible_module: The Ansible module to be tested.
+      :type ansible_module: module
+      :param test_module_name: The name of the test module. It works if passed ``__name__``.
+      :type test_module_name: str
+      :param mocks: List of ``TestCaseMocks`` to be used during testing. Currently only ``RunCommandMock`` exists.
+      :type mocks: list or None
+      :return: An ``UTHelper`` instance.
+      :rtype: UTHelper
+
+      Example usage of ``from_module()``:
+
+      .. code-block:: python
+
+          from ansible_collections.community.general.plugins.modules import ansible_module
+          from .uthelper import UTHelper, RunCommandMock
+
+          # Example usage
+          helper = UTHelper.from_module(ansible_module, __name__, mocks=[RunCommandMock])
+
+
+Creating TestCaseMocks
+^^^^^^^^^^^^^^^^^^^^^^
+
+To create a new ``TestCaseMock`` you must extend that class and implement the relevant parts:
+
+.. code-block:: python
+
+    class ShrubberyMock(TestCaseMock):
+        # this name is mandatory, it is the name used in the test specification
+        name = "shrubbery"
+
+        def setup(self, mocker):
+            # perform setup, commonly using mocker to patch some other piece of code
+            ...
+
+        def check(self, test_case, results):
+            # verify the tst execution met the expectations of the test case
+            # for example the function was called as many times as it should
+            ...
+
+        def fixtures(self):
+            # returns a dict mapping names to pytest fixtures that should be used for the test case
+            # for example, in RunCommandMock it creates a fixture that patches AnsibleModule.get_bin_path
+            ...
+
+Caveats
+^^^^^^^
+
+Known issues/opportunities for improvement:
+
+* Only one ``UTHelper`` per test module: UTHelper injects a test function with a fixed name into the module's namespace,
+  so placing a second ``UTHelper`` instance is going to overwrite the function created by the first one.
+* Order of elements in module's namespace is not consistent across executions in Python 3.5, so if adding more tests to the test module
+  might make Test Helper add its function before or after the other test functions.
+  In the community.general collection the CI processes uses ``pytest-xdist`` to paralellize and distribute the tests,
+  and it requires the order of the tests to be consistent.
+
+.. versionadded:: 7.5.0
--- a/docs/docsite/rst/guide_vardict.rst
+++ b/docs/docsite/rst/guide_vardict.rst
@@ -51,7 +51,7 @@ And by the time the module is about to exit:

 That makes the return value of the module:

-.. code-block:: javascript
+.. code-block:: json

    {
        "abc": 123,
--- a/docs/docsite/rst/test_guide.rst
+++ b/docs/docsite/rst/test_guide.rst
@@ -8,7 +8,7 @@
 community.general Test (Plugin) Guide
 =====================================

-The :ref:`community.general collection <plugins_in_community.general>` offers currently one test plugin.
+The :anscollection:`community.general collection <community.general#collection>` offers currently one test plugin.

 .. contents:: Topics

--- a/galaxy.yml
+++ b/galaxy.yml
@@ -5,7 +5,7 @@

 namespace: community
 name: general
-version: 10.3.1
+version: 10.7.2
 readme: README.md
 authors:
  - Ansible (https://github.com/ansible)
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@@ -17,7 +17,7 @@ action_groups:
  proxmox:
    - proxmox
    - proxmox_backup
-    - proxmox_backup_info    
+    - proxmox_backup_info
    - proxmox_disk
    - proxmox_domain_info
    - proxmox_group_info
@@ -86,8 +86,9 @@ plugin_routing:
          = yes' option.
    yaml:
      deprecation:
-        removal_version: 13.0.0
-        warning_text: The plugin has been superseded by the the option `result_format=yaml` in callback plugin ansible.builtin.default from ansible-core 2.13 onwards.
+        removal_version: 12.0.0
+        warning_text: >-
+          The plugin has been superseded by the the option `result_format=yaml` in callback plugin ansible.builtin.default from ansible-core 2.13 onwards.
  connection:
    docker:
      redirect: community.docker.docker
@@ -98,6 +99,10 @@ plugin_routing:
      redirect: community.google.gcp_storage_file
    hashi_vault:
      redirect: community.hashi_vault.hashi_vault
+    manifold:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: Company was acquired in 2021 and service was ceased afterwards.
    nios:
      redirect: infoblox.nios_modules.nios_lookup
    nios_next_ip:
@@ -112,17 +117,53 @@ plugin_routing:
    atomic_container:
      deprecation:
        removal_version: 13.0.0
-        warning_text: Poject Atomic was sunset by the end of 2019.
+        warning_text: Project Atomic was sunset by the end of 2019.
    atomic_host:
      deprecation:
        removal_version: 13.0.0
-        warning_text: Poject Atomic was sunset by the end of 2019.
+        warning_text: Project Atomic was sunset by the end of 2019.
    atomic_image:
      deprecation:
        removal_version: 13.0.0
-        warning_text: Poject Atomic was sunset by the end of 2019.
+        warning_text: Project Atomic was sunset by the end of 2019.
    cisco_spark:
      redirect: community.general.cisco_webex
+    clc_alert_policy:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
+    clc_blueprint_package:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
+    clc_firewall_policy:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
+    clc_group:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
+    clc_loadbalancer:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
+    clc_modify_server:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
+    clc_publicip:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
+    clc_server:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
+    clc_server_snapshot:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: CenturyLink Cloud services went EOL in September 2023.
    consul_acl:
      tombstone:
        removal_version: 10.0.0
@@ -603,6 +644,26 @@ plugin_routing:
      redirect: community.postgresql.postgresql_user
    postgresql_user_obj_stat_info:
      redirect: community.postgresql.postgresql_user_obj_stat_info
+    profitbricks:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: Supporting library is unsupported since 2021.
+    profitbricks_datacenter:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: Supporting library is unsupported since 2021.
+    profitbricks_nic:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: Supporting library is unsupported since 2021.
+    profitbricks_volume:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: Supporting library is unsupported since 2021.
+    profitbricks_volume_attachments:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: Supporting library is unsupported since 2021.
    purefa_facts:
      tombstone:
        removal_version: 3.0.0
@@ -908,6 +969,10 @@ plugin_routing:
      redirect: community.docker.docker_swarm
    kubevirt:
      redirect: community.kubevirt.kubevirt
+    stackpath_compute:
+      deprecation:
+        removal_version: 11.0.0
+        warning_text: The company and the service were sunset in June 2024.
  filter:
    path_join:
      # The ansible.builtin.path_join filter has been added in ansible-base 2.10.
--- a/noxfile.py
+++ b/noxfile.py
@@ -0,0 +1,38 @@
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+# SPDX-FileCopyrightText: 2025 Felix Fontein <felix@fontein.de>
+
+# /// script
+# dependencies = ["nox>=2025.02.09", "antsibull-nox"]
+# ///
+
+import sys
+
+import nox
+
+
+try:
+    import antsibull_nox
+except ImportError:
+    print("You need to install antsibull-nox in the same Python environment as nox.")
+    sys.exit(1)
+
+
+antsibull_nox.load_antsibull_nox_toml()
+
+
+@nox.session(name="aliases", python=False, default=True)
+def aliases(session: nox.Session) -> None:
+    session.run("python", "tests/sanity/extra/aliases.py")
+
+
+@nox.session(name="botmeta", default=True)
+def botmeta(session: nox.Session) -> None:
+    session.install("PyYAML", "voluptuous")
+    session.run("python", "tests/sanity/extra/botmeta.py")
+
+
+# Allow to run the noxfile with `python noxfile.py`, `pipx run noxfile.py`, or similar.
+# Requires nox >= 2025.02.09
+if __name__ == "__main__":
+    nox.main()
--- a/plugins/cache/pickle.py
+++ b/plugins/cache/pickle.py
@@ -56,6 +56,7 @@ class CacheModule(BaseFileCacheModule):
    """
    A caching module backed by pickle files.
    """
+    _persistent = False  # prevent unnecessary JSON serialization and key munging

    def _load(self, filepath):
        # Pickle is a binary format
--- a/plugins/callback/diy.py
+++ b/plugins/callback/diy.py
@@ -785,6 +785,12 @@ from ansible.vars.manager import VariableManager
 from ansible.plugins.callback.default import CallbackModule as Default
 from ansible.module_utils.common.text.converters import to_text

+try:
+    from ansible.template import trust_as_template  # noqa: F401, pylint: disable=unused-import
+    SUPPORTS_DATA_TAGGING = True
+except ImportError:
+    SUPPORTS_DATA_TAGGING = False
+

 class DummyStdout(object):
    def flush(self):
@@ -838,7 +844,10 @@ class CallbackModule(Default):
        return _ret

    def _using_diy(self, spec):
-        return (spec['msg'] is not None) and (spec['msg'] != spec['vars']['omit'])
+        sentinel = object()
+        omit = spec['vars'].get('omit', sentinel)
+        # With Data Tagging, omit is sentinel
+        return (spec['msg'] is not None) and (spec['msg'] != omit or omit is sentinel)

    def _parent_has_callback(self):
        return hasattr(super(CallbackModule, self), sys._getframe(1).f_code.co_name)
@@ -894,7 +903,7 @@ class CallbackModule(Default):
            )
        _ret.update(_all)

-        _ret.update(_ret.get(self.DIY_NS, {self.DIY_NS: CallbackDIYDict()}))
+        _ret.update(_ret.get(self.DIY_NS, {self.DIY_NS: {} if SUPPORTS_DATA_TAGGING else CallbackDIYDict()}))

        _ret[self.DIY_NS].update({'playbook': {}})
        _playbook_attributes = ['entries', 'file_name', 'basedir']
--- a/plugins/callback/logstash.py
+++ b/plugins/callback/logstash.py
@@ -127,9 +127,7 @@ class CallbackModule(CallbackBase):

        if not HAS_LOGSTASH:
            self.disabled = True
-            self._display.warning("The required python-logstash/python3-logstash is not installed. "
-                                  "pip install python-logstash for Python 2"
-                                  "pip install python3-logstash for Python 3")
+            self._display.warning("The required python3-logstash is not installed.")

        self.start_time = now()

--- a/plugins/callback/print_task.py
+++ b/plugins/callback/print_task.py
@@ -0,0 +1,64 @@
+# -*- coding: utf-8 -*-
+# Copyright (c) 2025, Max Mitschke <maxmitschke@fastmail.com>
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = r'''
+name: print_task
+type: aggregate
+short_description: Prints playbook task snippet to job output
+description:
+  - This plugin prints the currently executing playbook task to the job output.
+version_added: 10.7.0
+requirements:
+  - enable in configuration
+'''
+
+EXAMPLES = r'''
+ansible.cfg: >
+    # Enable plugin
+    [defaults]
+    callbacks_enabled=community.general.print_task
+'''
+
+from yaml import load, dump
+
+try:
+    from yaml import CSafeDumper as SafeDumper
+    from yaml import CSafeLoader as SafeLoader
+except ImportError:
+    from yaml import SafeDumper, SafeLoader
+
+from ansible.plugins.callback import CallbackBase
+
+
+class CallbackModule(CallbackBase):
+    """
+    This callback module tells you how long your plays ran for.
+    """
+    CALLBACK_VERSION = 2.0
+    CALLBACK_TYPE = 'aggregate'
+    CALLBACK_NAME = 'community.general.print_task'
+
+    CALLBACK_NEEDS_ENABLED = True
+
+    def __init__(self):
+        super(CallbackModule, self).__init__()
+        self._printed_message = False
+
+    def _print_task(self, task):
+        if hasattr(task, '_ds'):
+            task_snippet = load(str([task._ds.copy()]), Loader=SafeLoader)
+            task_yaml = dump(task_snippet, sort_keys=False, Dumper=SafeDumper)
+            self._display.display(f"\n{task_yaml}\n")
+            self._printed_message = True
+
+    def v2_playbook_on_task_start(self, task, is_conditional):
+        self._printed_message = False
+
+    def v2_runner_on_start(self, host, task):
+        if not self._printed_message:
+            self._print_task(task)
--- a/plugins/callback/slack.py
+++ b/plugins/callback/slack.py
@@ -18,6 +18,11 @@ short_description: Sends play events to a Slack channel
 description:
  - This is an ansible callback plugin that sends status updates to a Slack channel during playbook execution.
 options:
+  http_agent:
+    description:
+      - HTTP user agent to use for requests to Slack.
+    type: string
+    version_added: "10.5.0"
  webhook_url:
    required: true
    description: Slack Webhook URL.
@@ -106,7 +111,7 @@ class CallbackModule(CallbackBase):
        self.username = self.get_option('username')
        self.show_invocation = (self._display.verbosity > 1)
        self.validate_certs = self.get_option('validate_certs')
-
+        self.http_agent = self.get_option('http_agent')
        if self.webhook_url is None:
            self.disabled = True
            self._display.warning('Slack Webhook URL was not provided. The '
@@ -132,8 +137,13 @@ class CallbackModule(CallbackBase):
        self._display.debug(data)
        self._display.debug(self.webhook_url)
        try:
-            response = open_url(self.webhook_url, data=data, validate_certs=self.validate_certs,
-                                headers=headers)
+            response = open_url(
+                self.webhook_url,
+                data=data,
+                validate_certs=self.validate_certs,
+                headers=headers,
+                http_agent=self.http_agent,
+            )
            return response.read()
        except Exception as e:
            self._display.warning(f'Could not submit message to Slack: {e}')
--- a/plugins/callback/yaml.py
+++ b/plugins/callback/yaml.py
@@ -12,7 +12,7 @@ name: yaml
 type: stdout
 short_description: YAML-ized Ansible screen output
 deprecated:
-  removed_in: 13.0.0
+  removed_in: 12.0.0
  why: Starting in ansible-core 2.13, the P(ansible.builtin.default#callback) callback has support for printing output in
    YAML format.
  alternative: Use O(ansible.builtin.default#callback:result_format=yaml).
@@ -37,9 +37,9 @@ import yaml
 import json
 import re
 import string
+from collections.abc import Mapping, Sequence

 from ansible.module_utils.common.text.converters import to_text
-from ansible.parsing.yaml.dumper import AnsibleDumper
 from ansible.plugins.callback import strip_internal_keys, module_response_deepcopy
 from ansible.plugins.callback.default import CallbackModule as Default

@@ -53,29 +53,77 @@ def should_use_block(value):
    return False


-class MyDumper(AnsibleDumper):
-    def represent_scalar(self, tag, value, style=None):
-        """Uses block style for multi-line strings"""
-        if style is None:
-            if should_use_block(value):
-                style = '|'
-                # we care more about readable than accuracy, so...
-                # ...no trailing space
-                value = value.rstrip()
-                # ...and non-printable characters
-                value = ''.join(x for x in value if x in string.printable or ord(x) >= 0xA0)
-                # ...tabs prevent blocks from expanding
-                value = value.expandtabs()
-                # ...and odd bits of whitespace
-                value = re.sub(r'[\x0b\x0c\r]', '', value)
-                # ...as does trailing space
-                value = re.sub(r' +\n', '\n', value)
-            else:
-                style = self.default_style
-        node = yaml.representer.ScalarNode(tag, value, style=style)
-        if self.alias_key is not None:
-            self.represented_objects[self.alias_key] = node
-        return node
+def adjust_str_value_for_block(value):
+    # we care more about readable than accuracy, so...
+    # ...no trailing space
+    value = value.rstrip()
+    # ...and non-printable characters
+    value = ''.join(x for x in value if x in string.printable or ord(x) >= 0xA0)
+    # ...tabs prevent blocks from expanding
+    value = value.expandtabs()
+    # ...and odd bits of whitespace
+    value = re.sub(r'[\x0b\x0c\r]', '', value)
+    # ...as does trailing space
+    value = re.sub(r' +\n', '\n', value)
+    return value
+
+
+def create_string_node(tag, value, style, default_style):
+    if style is None:
+        if should_use_block(value):
+            style = '|'
+            value = adjust_str_value_for_block(value)
+        else:
+            style = default_style
+    return yaml.representer.ScalarNode(tag, value, style=style)
+
+
+try:
+    from ansible.module_utils.common.yaml import HAS_LIBYAML
+    # import below was added in https://github.com/ansible/ansible/pull/85039,
+    # first contained in ansible-core 2.19.0b2:
+    from ansible.utils.vars import transform_to_native_types
+
+    if HAS_LIBYAML:
+        from yaml.cyaml import CSafeDumper as SafeDumper
+    else:
+        from yaml import SafeDumper
+
+    class MyDumper(SafeDumper):
+        def represent_scalar(self, tag, value, style=None):
+            """Uses block style for multi-line strings"""
+            node = create_string_node(tag, value, style, self.default_style)
+            if self.alias_key is not None:
+                self.represented_objects[self.alias_key] = node
+            return node
+
+except ImportError:
+    # In case transform_to_native_types cannot be imported, we either have ansible-core 2.19.0b1
+    # (or some random commit from the devel or stable-2.19 branch after merging the DT changes
+    # and before transform_to_native_types was added), or we have a version without the DT changes.
+
+    # Here we simply assume we have a version without the DT changes, and thus can continue as
+    # with ansible-core 2.18 and before.
+
+    transform_to_native_types = None
+
+    from ansible.parsing.yaml.dumper import AnsibleDumper
+
+    class MyDumper(AnsibleDumper):  # pylint: disable=inherit-non-class
+        def represent_scalar(self, tag, value, style=None):
+            """Uses block style for multi-line strings"""
+            node = create_string_node(tag, value, style, self.default_style)
+            if self.alias_key is not None:
+                self.represented_objects[self.alias_key] = node
+            return node
+
+
+def transform_recursively(value, transform):
+    if isinstance(value, Mapping):
+        return {transform(k): transform(v) for k, v in value.items()}
+    if isinstance(value, Sequence) and not isinstance(value, (str, bytes)):
+        return [transform(e) for e in value]
+    return transform(value)


 class CallbackModule(Default):
@@ -132,6 +180,8 @@ class CallbackModule(Default):

        if abridged_result:
            dumped += '\n'
+            if transform_to_native_types is not None:
+                abridged_result = transform_recursively(abridged_result, lambda v: transform_to_native_types(v, redact=False))
            dumped += to_text(yaml.dump(abridged_result, allow_unicode=True, width=1000, Dumper=MyDumper, default_flow_style=False))

        # indent by a couple of spaces
--- a/plugins/connection/incus.py
+++ b/plugins/connection/incus.py
@@ -32,6 +32,15 @@ options:
    vars:
      - name: ansible_executable
      - name: ansible_incus_executable
+  incus_become_method:
+    description:
+      - Become command used to switch to a non-root user.
+      - Is only used when O(remote_user) is not V(root).
+    type: str
+    default: /bin/su
+    vars:
+      - name: incus_become_method
+    version_added: 10.4.0
  remote:
    description:
      - The name of the Incus remote to use (per C(incus remote list)).
@@ -40,6 +49,22 @@ options:
    default: local
    vars:
      - name: ansible_incus_remote
+  remote_user:
+    description:
+      - User to login/authenticate as.
+      - Can be set from the CLI via the C(--user) or C(-u) options.
+    type: string
+    default: root
+    vars:
+      - name: ansible_user
+    env:
+      - name: ANSIBLE_REMOTE_USER
+    ini:
+      - section: defaults
+        key: remote_user
+    keyword:
+      - name: remote_user
+    version_added: 10.4.0
  project:
    description:
      - The name of the Incus project to use (per C(incus project list)).
@@ -64,7 +89,6 @@ class Connection(ConnectionBase):

    transport = "incus"
    has_pipelining = True
-    default_user = 'root'

    def __init__(self, play_context, new_stdin, *args, **kwargs):
        super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)
@@ -79,10 +103,34 @@ class Connection(ConnectionBase):
        super(Connection, self)._connect()

        if not self._connected:
-            self._display.vvv("ESTABLISH Incus CONNECTION FOR USER: root",
+            self._display.vvv(f"ESTABLISH Incus CONNECTION FOR USER: {self.get_option('remote_user')}",
                              host=self._instance())
            self._connected = True

+    def _build_command(self, cmd) -> str:
+        """build the command to execute on the incus host"""
+
+        exec_cmd = [
+            self._incus_cmd,
+            "--project", self.get_option("project"),
+            "exec",
+            f"{self.get_option('remote')}:{self._instance()}",
+            "--"]
+
+        if self.get_option("remote_user") != "root":
+            self._display.vvv(
+                f"INFO: Running as non-root user: {self.get_option('remote_user')}, \
+                trying to run 'incus exec' with become method: {self.get_option('incus_become_method')}",
+                host=self._instance(),
+            )
+            exec_cmd.extend(
+                [self.get_option("incus_become_method"), self.get_option("remote_user"), "-c"]
+            )
+
+        exec_cmd.extend([self.get_option("executable"), "-c", cmd])
+
+        return exec_cmd
+
    def _instance(self):
        # Return only the leading part of the FQDN as the instance name
        # as Incus instance names cannot be a FQDN.
@@ -95,13 +143,8 @@ class Connection(ConnectionBase):
        self._display.vvv(f"EXEC {cmd}",
                          host=self._instance())

-        local_cmd = [
-            self._incus_cmd,
-            "--project", self.get_option("project"),
-            "exec",
-            f"{self.get_option('remote')}:{self._instance()}",
-            "--",
-            self._play_context.executable, "-c", cmd]
+        local_cmd = self._build_command(cmd)
+        self._display.vvvvv(f"EXEC {local_cmd}", host=self._instance())

        local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
        in_data = to_bytes(in_data, errors='surrogate_or_strict', nonstring='passthru')
@@ -112,14 +155,57 @@ class Connection(ConnectionBase):
        stdout = to_text(stdout)
        stderr = to_text(stderr)

-        if stderr == "Error: Instance is not running.\n":
-            raise AnsibleConnectionFailure(f"instance not running: {self._instance()}")
+        if stderr.startswith("Error: ") and stderr.rstrip().endswith(
+            ": Instance is not running"
+        ):
+            raise AnsibleConnectionFailure(
+                f"instance not running: {self._instance()} (remote={self.get_option('remote')}, project={self.get_option('project')})"
+            )

-        if stderr == "Error: Instance not found\n":
-            raise AnsibleConnectionFailure(f"instance not found: {self._instance()}")
+        if stderr.startswith("Error: ") and stderr.rstrip().endswith(
+            ": Instance not found"
+        ):
+            raise AnsibleConnectionFailure(
+                f"instance not found: {self._instance()} (remote={self.get_option('remote')}, project={self.get_option('project')})"
+            )
+
+        if (
+            stderr.startswith("Error: ")
+            and ": User does not have permission " in stderr
+        ):
+            raise AnsibleConnectionFailure(
+                f"instance access denied: {self._instance()} (remote={self.get_option('remote')}, project={self.get_option('project')})"
+            )
+
+        if (
+            stderr.startswith("Error: ")
+            and ": User does not have entitlement " in stderr
+        ):
+            raise AnsibleConnectionFailure(
+                f"instance access denied: {self._instance()} (remote={self.get_option('remote')}, project={self.get_option('project')})"
+            )

        return process.returncode, stdout, stderr

+    def _get_remote_uid_gid(self) -> tuple[int, int]:
+        """Get the user and group ID of 'remote_user' from the instance."""
+
+        rc, uid_out, err = self.exec_command("/bin/id -u")
+        if rc != 0:
+            raise AnsibleError(
+                f"Failed to get remote uid for user {self.get_option('remote_user')}: {err}"
+            )
+        uid = uid_out.strip()
+
+        rc, gid_out, err = self.exec_command("/bin/id -g")
+        if rc != 0:
+            raise AnsibleError(
+                f"Failed to get remote gid for user {self.get_option('remote_user')}: {err}"
+            )
+        gid = gid_out.strip()
+
+        return int(uid), int(gid)
+
    def put_file(self, in_path, out_path):
        """ put a file from local to Incus """
        super(Connection, self).put_file(in_path, out_path)
@@ -130,12 +216,35 @@ class Connection(ConnectionBase):
        if not os.path.isfile(to_bytes(in_path, errors='surrogate_or_strict')):
            raise AnsibleFileNotFound(f"input path is not a file: {in_path}")

-        local_cmd = [
-            self._incus_cmd,
-            "--project", self.get_option("project"),
-            "file", "push", "--quiet",
-            in_path,
-            f"{self.get_option('remote')}:{self._instance()}/{out_path}"]
+        if self.get_option("remote_user") != "root":
+            uid, gid = self._get_remote_uid_gid()
+            local_cmd = [
+                self._incus_cmd,
+                "--project",
+                self.get_option("project"),
+                "file",
+                "push",
+                "--uid",
+                str(uid),
+                "--gid",
+                str(gid),
+                "--quiet",
+                in_path,
+                f"{self.get_option('remote')}:{self._instance()}/{out_path}",
+            ]
+        else:
+            local_cmd = [
+                self._incus_cmd,
+                "--project",
+                self.get_option("project"),
+                "file",
+                "push",
+                "--quiet",
+                in_path,
+                f"{self.get_option('remote')}:{self._instance()}/{out_path}",
+            ]
+
+        self._display.vvvvv(f"PUT {local_cmd}", host=self._instance())

        local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]

--- a/plugins/connection/lxd.py
+++ b/plugins/connection/lxd.py
@@ -32,6 +32,15 @@ options:
    vars:
      - name: ansible_executable
      - name: ansible_lxd_executable
+  lxd_become_method:
+    description:
+      - Become command used to switch to a non-root user.
+      - Is only used when O(remote_user) is not V(root).
+    type: str
+    default: /bin/su
+    vars:
+      - name: lxd_become_method
+    version_added: 10.4.0
  remote:
    description:
      - Name of the LXD remote to use.
@@ -40,6 +49,22 @@ options:
    vars:
      - name: ansible_lxd_remote
    version_added: 2.0.0
+  remote_user:
+    description:
+      - User to login/authenticate as.
+      - Can be set from the CLI via the C(--user) or C(-u) options.
+    type: string
+    default: root
+    vars:
+      - name: ansible_user
+    env:
+      - name: ANSIBLE_REMOTE_USER
+    ini:
+      - section: defaults
+        key: remote_user
+    keyword:
+      - name: remote_user
+    version_added: 10.4.0
  project:
    description:
      - Name of the LXD project to use.
@@ -63,7 +88,6 @@ class Connection(ConnectionBase):

    transport = 'community.general.lxd'
    has_pipelining = True
-    default_user = 'root'

    def __init__(self, play_context, new_stdin, *args, **kwargs):
        super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)
@@ -73,9 +97,6 @@ class Connection(ConnectionBase):
        except ValueError:
            raise AnsibleError("lxc command not found in PATH")

-        if self._play_context.remote_user is not None and self._play_context.remote_user != 'root':
-            self._display.warning('lxd does not support remote_user, using default: root')
-
    def _host(self):
        """ translate remote_addr to lxd (short) hostname """
        return self.get_option("remote_addr").split(".", 1)[0]
@@ -85,25 +106,40 @@ class Connection(ConnectionBase):
        super(Connection, self)._connect()

        if not self._connected:
-            self._display.vvv("ESTABLISH LXD CONNECTION FOR USER: root", host=self._host())
+            self._display.vvv(f"ESTABLISH LXD CONNECTION FOR USER: {self.get_option('remote_user')}", host=self._host())
            self._connected = True

+    def _build_command(self, cmd) -> str:
+        """build the command to execute on the lxd host"""
+
+        exec_cmd = [self._lxc_cmd]
+
+        if self.get_option("project"):
+            exec_cmd.extend(["--project", self.get_option("project")])
+
+        exec_cmd.extend(["exec", f"{self.get_option('remote')}:{self._host()}", "--"])
+
+        if self.get_option("remote_user") != "root":
+            self._display.vvv(
+                f"INFO: Running as non-root user: {self.get_option('remote_user')}, \
+                trying to run 'lxc exec' with become method: {self.get_option('lxd_become_method')}",
+                host=self._host(),
+            )
+            exec_cmd.extend(
+                [self.get_option("lxd_become_method"), self.get_option("remote_user"), "-c"]
+            )
+
+        exec_cmd.extend([self.get_option("executable"), "-c", cmd])
+
+        return exec_cmd
+
    def exec_command(self, cmd, in_data=None, sudoable=True):
        """ execute a command on the lxd host """
        super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable)

        self._display.vvv(f"EXEC {cmd}", host=self._host())

-        local_cmd = [self._lxc_cmd]
-        if self.get_option("project"):
-            local_cmd.extend(["--project", self.get_option("project")])
-        local_cmd.extend([
-            "exec",
-            f"{self.get_option('remote')}:{self._host()}",
-            "--",
-            self.get_option("executable"), "-c", cmd
-        ])
-
+        local_cmd = self._build_command(cmd)
        self._display.vvvvv(f"EXEC {local_cmd}", host=self._host())

        local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]
@@ -125,6 +161,25 @@ class Connection(ConnectionBase):

        return process.returncode, stdout, stderr

+    def _get_remote_uid_gid(self) -> tuple[int, int]:
+        """Get the user and group ID of 'remote_user' from the instance."""
+
+        rc, uid_out, err = self.exec_command("/bin/id -u")
+        if rc != 0:
+            raise AnsibleError(
+                f"Failed to get remote uid for user {self.get_option('remote_user')}: {err}"
+            )
+        uid = uid_out.strip()
+
+        rc, gid_out, err = self.exec_command("/bin/id -g")
+        if rc != 0:
+            raise AnsibleError(
+                f"Failed to get remote gid for user {self.get_option('remote_user')}: {err}"
+            )
+        gid = gid_out.strip()
+
+        return int(uid), int(gid)
+
    def put_file(self, in_path, out_path):
        """ put a file from local to lxd """
        super(Connection, self).put_file(in_path, out_path)
@@ -137,11 +192,32 @@ class Connection(ConnectionBase):
        local_cmd = [self._lxc_cmd]
        if self.get_option("project"):
            local_cmd.extend(["--project", self.get_option("project")])
-        local_cmd.extend([
-            "file", "push",
-            in_path,
-            f"{self.get_option('remote')}:{self._host()}/{out_path}"
-        ])
+
+        if self.get_option("remote_user") != "root":
+            uid, gid = self._get_remote_uid_gid()
+            local_cmd.extend(
+                [
+                    "file",
+                    "push",
+                    "--uid",
+                    str(uid),
+                    "--gid",
+                    str(gid),
+                    in_path,
+                    f"{self.get_option('remote')}:{self._host()}/{out_path}",
+                ]
+            )
+        else:
+            local_cmd.extend(
+                [
+                    "file",
+                    "push",
+                    in_path,
+                    f"{self.get_option('remote')}:{self._host()}/{out_path}",
+                ]
+            )
+
+        self._display.vvvvv(f"PUT {local_cmd}", host=self._host())

        local_cmd = [to_bytes(i, errors='surrogate_or_strict') for i in local_cmd]

--- a/plugins/connection/wsl.py
+++ b/plugins/connection/wsl.py
@@ -0,0 +1,786 @@
+# -*- coding: utf-8 -*-
+# Derived from ansible/plugins/connection/proxmox_pct_remote.py (c) 2024 Nils Stein (@mietzen) <github.nstein@mailbox.org>
+# Derived from ansible/plugins/connection/paramiko_ssh.py (c) 2012, Michael DeHaan <michael.dehaan@gmail.com>
+# Copyright (c) 2025 Rui Lopes (@rgl) <ruilopes.com>
+# Copyright (c) 2025 Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import annotations
+
+DOCUMENTATION = r"""
+author: Rui Lopes (@rgl) <ruilopes.com>
+name: wsl
+short_description: Run tasks in WSL distribution using wsl.exe CLI via SSH
+requirements:
+  - paramiko
+description:
+  - Run commands or put/fetch files to an existing WSL distribution using wsl.exe CLI via SSH.
+  - Uses the Python SSH implementation (Paramiko) to connect to the WSL host.
+version_added: "10.6.0"
+options:
+  remote_addr:
+    description:
+      - Address of the remote target.
+    default: inventory_hostname
+    type: string
+    vars:
+      - name: inventory_hostname
+      - name: ansible_host
+      - name: ansible_ssh_host
+      - name: ansible_paramiko_host
+  port:
+    description: Remote port to connect to.
+    type: int
+    default: 22
+    ini:
+      - section: defaults
+        key: remote_port
+      - section: paramiko_connection
+        key: remote_port
+    env:
+      - name: ANSIBLE_REMOTE_PORT
+      - name: ANSIBLE_REMOTE_PARAMIKO_PORT
+    vars:
+      - name: ansible_port
+      - name: ansible_ssh_port
+      - name: ansible_paramiko_port
+    keyword:
+      - name: port
+  remote_user:
+    description:
+      - User to login/authenticate as.
+      - Can be set from the CLI via the C(--user) or C(-u) options.
+    type: string
+    vars:
+      - name: ansible_user
+      - name: ansible_ssh_user
+      - name: ansible_paramiko_user
+    env:
+      - name: ANSIBLE_REMOTE_USER
+      - name: ANSIBLE_PARAMIKO_REMOTE_USER
+    ini:
+      - section: defaults
+        key: remote_user
+      - section: paramiko_connection
+        key: remote_user
+    keyword:
+      - name: remote_user
+  password:
+    description:
+      - Secret used to either login the SSH server or as a passphrase for SSH keys that require it.
+      - Can be set from the CLI via the C(--ask-pass) option.
+    type: string
+    vars:
+      - name: ansible_password
+      - name: ansible_ssh_pass
+      - name: ansible_ssh_password
+      - name: ansible_paramiko_pass
+      - name: ansible_paramiko_password
+  use_rsa_sha2_algorithms:
+    description:
+      - Whether or not to enable RSA SHA2 algorithms for pubkeys and hostkeys.
+      - On paramiko versions older than 2.9, this only affects hostkeys.
+      - For behavior matching paramiko<2.9 set this to V(false).
+    vars:
+      - name: ansible_paramiko_use_rsa_sha2_algorithms
+    ini:
+      - {key: use_rsa_sha2_algorithms, section: paramiko_connection}
+    env:
+      - {name: ANSIBLE_PARAMIKO_USE_RSA_SHA2_ALGORITHMS}
+    default: true
+    type: boolean
+  host_key_auto_add:
+    description: "Automatically add host keys to C(~/.ssh/known_hosts)."
+    env:
+      - name: ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD
+    ini:
+      - key: host_key_auto_add
+        section: paramiko_connection
+    type: boolean
+  look_for_keys:
+    default: true
+    description: "Set to V(false) to disable searching for private key files in C(~/.ssh/)."
+    env:
+      - name: ANSIBLE_PARAMIKO_LOOK_FOR_KEYS
+    ini:
+      - {key: look_for_keys, section: paramiko_connection}
+    type: boolean
+  proxy_command:
+    default: ""
+    description:
+      - Proxy information for running the connection via a jumphost.
+      - This option is supported by paramiko version 1.9.0 or newer.
+    type: string
+    env:
+      - name: ANSIBLE_PARAMIKO_PROXY_COMMAND
+    ini:
+      - {key: proxy_command, section: paramiko_connection}
+    vars:
+      - name: ansible_paramiko_proxy_command
+  record_host_keys:
+    default: true
+    description: "Save the host keys to a file."
+    env:
+      - name: ANSIBLE_PARAMIKO_RECORD_HOST_KEYS
+    ini:
+      - section: paramiko_connection
+        key: record_host_keys
+    type: boolean
+  host_key_checking:
+    description: "Set this to V(false) if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host."
+    type: boolean
+    default: true
+    env:
+      - name: ANSIBLE_HOST_KEY_CHECKING
+      - name: ANSIBLE_SSH_HOST_KEY_CHECKING
+      - name: ANSIBLE_PARAMIKO_HOST_KEY_CHECKING
+    ini:
+      - section: defaults
+        key: host_key_checking
+      - section: paramiko_connection
+        key: host_key_checking
+    vars:
+      - name: ansible_host_key_checking
+      - name: ansible_ssh_host_key_checking
+      - name: ansible_paramiko_host_key_checking
+  use_persistent_connections:
+    description: "Toggles the use of persistence for connections."
+    type: boolean
+    default: false
+    env:
+      - name: ANSIBLE_USE_PERSISTENT_CONNECTIONS
+    ini:
+      - section: defaults
+        key: use_persistent_connections
+  banner_timeout:
+    type: float
+    default: 30
+    description:
+      - Configures, in seconds, the amount of time to wait for the SSH
+        banner to be presented.
+      - This option is supported by paramiko version 1.15.0 or newer.
+    ini:
+      - section: paramiko_connection
+        key: banner_timeout
+    env:
+      - name: ANSIBLE_PARAMIKO_BANNER_TIMEOUT
+  timeout:
+    type: int
+    default: 10
+    description:
+      - Number of seconds until the plugin gives up on failing to establish a TCP connection.
+      - This option is supported by paramiko version 2.2.0 or newer.
+    ini:
+      - section: defaults
+        key: timeout
+      - section: ssh_connection
+        key: timeout
+      - section: paramiko_connection
+        key: timeout
+    env:
+      - name: ANSIBLE_TIMEOUT
+      - name: ANSIBLE_SSH_TIMEOUT
+      - name: ANSIBLE_PARAMIKO_TIMEOUT
+    vars:
+      - name: ansible_ssh_timeout
+      - name: ansible_paramiko_timeout
+    cli:
+      - name: timeout
+  lock_file_timeout:
+    type: int
+    default: 60
+    description: Number of seconds until the plugin gives up on trying to write a lock file when writing SSH known host keys.
+    vars:
+      - name: ansible_lock_file_timeout
+    env:
+      - name: ANSIBLE_LOCK_FILE_TIMEOUT
+  private_key_file:
+    description:
+      - Path to private key file to use for authentication.
+    type: path
+    ini:
+      - section: defaults
+        key: private_key_file
+      - section: paramiko_connection
+        key: private_key_file
+    env:
+      - name: ANSIBLE_PRIVATE_KEY_FILE
+      - name: ANSIBLE_PARAMIKO_PRIVATE_KEY_FILE
+    vars:
+      - name: ansible_private_key_file
+      - name: ansible_ssh_private_key_file
+      - name: ansible_paramiko_private_key_file
+    cli:
+      - name: private_key_file
+        option: "--private-key"
+  user_known_hosts_file:
+    description:
+      - Path to the user known hosts file.
+      - Used to verify the ssh hosts keys.
+    type: path
+    default: ~/.ssh/known_hosts
+    ini:
+      - section: paramiko_connection
+        key: user_known_hosts_file
+    vars:
+      - name: ansible_paramiko_user_known_hosts_file
+  wsl_distribution:
+    description:
+      - WSL distribution name
+    type: string
+    required: true
+    vars:
+      - name: wsl_distribution
+  wsl_user:
+    description:
+      - WSL distribution user
+    type: string
+    vars:
+      - name: wsl_user
+  become_user:
+    description:
+      - WSL distribution user
+    type: string
+    default: root
+    vars:
+      - name: become_user
+      - name: ansible_become_user
+  become:
+    description:
+      - whether to use the user defined by ansible_become_user.
+    type: bool
+    default: false
+    vars:
+      - name: become
+      - name: ansible_become
+"""
+
+EXAMPLES = r"""
+# ------------------------
+# Inventory: inventory.yml
+# ------------------------
+---
+all:
+  children:
+    wsl:
+      hosts:
+        example-wsl-ubuntu:
+          ansible_host: 10.0.0.10
+          wsl_distribution: ubuntu
+          wsl_user: ubuntu
+      vars:
+        ansible_connection: community.general.wsl
+        ansible_user: vagrant
+# ----------------------
+# Playbook: playbook.yml
+# ----------------------
+---
+- name: WSL Example
+  hosts: wsl
+  gather_facts: true
+  become: true
+  tasks:
+    - name: Ping
+      ansible.builtin.ping:
+    - name: Id (with become false)
+      become: false
+      changed_when: false
+      args:
+        executable: /bin/bash
+      ansible.builtin.shell: |
+        exec 2>&1
+        set -x
+        echo "$0"
+        pwd
+        id
+    - name: Id (with become true)
+      changed_when: false
+      args:
+        executable: /bin/bash
+      ansible.builtin.shell: |
+        exec 2>&1
+        set -x
+        echo "$0"
+        pwd
+        id
+    - name: Reboot
+      ansible.builtin.reboot:
+        boot_time_command: systemctl show -p ActiveEnterTimestamp init.scope
+"""
+
+import io
+import os
+import pathlib
+import shlex
+import socket
+import tempfile
+import typing as t
+
+from ansible.errors import (
+    AnsibleAuthenticationFailure,
+    AnsibleConnectionFailure,
+    AnsibleError,
+)
+from ansible_collections.community.general.plugins.module_utils._filelock import FileLock, LockTimeout
+from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text
+from ansible.module_utils.compat.paramiko import PARAMIKO_IMPORT_ERR, paramiko
+from ansible.module_utils.compat.version import LooseVersion
+from ansible.playbook.play_context import PlayContext
+from ansible.plugins.connection import ConnectionBase
+from ansible.utils.display import Display
+from ansible.utils.path import makedirs_safe
+from binascii import hexlify
+from subprocess import list2cmdline
+
+
+if t.TYPE_CHECKING and paramiko:
+    from paramiko import MissingHostKeyPolicy
+    from paramiko.client import SSHClient
+    from paramiko.pkey import PKey
+else:
+    MissingHostKeyPolicy: type = object
+    SSHClient: type = object
+    PKey: type = object
+
+
+display = Display()
+
+
+def authenticity_msg(hostname: str, ktype: str, fingerprint: str) -> str:
+    msg = f"""
+    paramiko: The authenticity of host '{hostname}' can't be established.
+    The {ktype} key fingerprint is {fingerprint}.
+    Are you sure you want to continue connecting (yes/no)?
+    """
+    return msg
+
+
+class MyAddPolicy(MissingHostKeyPolicy):
+    """
+    Based on AutoAddPolicy in paramiko so we can determine when keys are added
+
+    and also prompt for input.
+
+    Policy for automatically adding the hostname and new host key to the
+    local L{HostKeys} object, and saving it. This is used by L{SSHClient}.
+    """
+
+    def __init__(self, connection: Connection) -> None:
+        self.connection = connection
+        self._options = connection._options
+
+    def missing_host_key(self, client: SSHClient, hostname: str, key: PKey) -> None:
+
+        if all((self.connection.get_option('host_key_checking'), not self.connection.get_option('host_key_auto_add'))):
+
+            fingerprint = hexlify(key.get_fingerprint())
+            ktype = key.get_name()
+
+            if self.connection.get_option('use_persistent_connections') or self.connection.force_persistence:
+                # don't print the prompt string since the user cannot respond
+                # to the question anyway
+                raise AnsibleError(authenticity_msg(hostname, ktype, fingerprint)[1:92])
+
+            inp = to_text(
+                display.prompt_until(authenticity_msg(hostname, ktype, fingerprint), private=False),
+                errors='surrogate_or_strict'
+            )
+
+            if inp.lower() not in ['yes', 'y', '']:
+                raise AnsibleError('host connection rejected by user')
+
+        key._added_by_ansible_this_time = True
+
+        # existing implementation below:
+        client._host_keys.add(hostname, key.get_name(), key)
+
+        # host keys are actually saved in close() function below
+        # in order to control ordering.
+
+
+class Connection(ConnectionBase):
+    """ SSH based connections (paramiko) to WSL """
+
+    transport = 'community.general.wsl'
+    _log_channel: str | None = None
+
+    def __init__(self, play_context: PlayContext, new_stdin: io.TextIOWrapper | None = None, *args: t.Any, **kwargs: t.Any):
+        super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)
+
+    def _set_log_channel(self, name: str) -> None:
+        """ Mimic paramiko.SSHClient.set_log_channel """
+        self._log_channel = name
+
+    def _parse_proxy_command(self, port: int = 22) -> dict[str, t.Any]:
+        proxy_command = self.get_option('proxy_command') or None
+
+        sock_kwarg = {}
+        if proxy_command:
+            replacers: t.Dict[str, str] = {
+                '%h': self.get_option('remote_addr'),
+                '%p': str(port),
+                '%r': self.get_option('remote_user')
+            }
+            for find, replace in replacers.items():
+                proxy_command = proxy_command.replace(find, replace)
+            try:
+                sock_kwarg = {'sock': paramiko.ProxyCommand(proxy_command)}
+                display.vvv(f'CONFIGURE PROXY COMMAND FOR CONNECTION: {proxy_command}', host=self.get_option('remote_addr'))
+            except AttributeError:
+                display.warning('Paramiko ProxyCommand support unavailable. '
+                                'Please upgrade to Paramiko 1.9.0 or newer. '
+                                'Not using configured ProxyCommand')
+
+        return sock_kwarg
+
+    def _connect(self) -> Connection:
+        """ activates the connection object """
+
+        if paramiko is None:
+            raise AnsibleError(f'paramiko is not installed: {to_native(PARAMIKO_IMPORT_ERR)}')
+
+        port = self.get_option('port')
+        display.vvv(f'ESTABLISH PARAMIKO SSH CONNECTION FOR USER: {self.get_option("remote_user")} on PORT {to_text(port)} TO {self.get_option("remote_addr")}',
+                    host=self.get_option('remote_addr'))
+
+        ssh = paramiko.SSHClient()
+
+        # Set pubkey and hostkey algorithms to disable, the only manipulation allowed currently
+        # is keeping or omitting rsa-sha2 algorithms
+        # default_keys: t.Tuple[str] = ()
+        paramiko_preferred_pubkeys = getattr(paramiko.Transport, '_preferred_pubkeys', ())
+        paramiko_preferred_hostkeys = getattr(paramiko.Transport, '_preferred_keys', ())
+        use_rsa_sha2_algorithms = self.get_option('use_rsa_sha2_algorithms')
+        disabled_algorithms: t.Dict[str, t.Iterable[str]] = {}
+        if not use_rsa_sha2_algorithms:
+            if paramiko_preferred_pubkeys:
+                disabled_algorithms['pubkeys'] = tuple(a for a in paramiko_preferred_pubkeys if 'rsa-sha2' in a)
+            if paramiko_preferred_hostkeys:
+                disabled_algorithms['keys'] = tuple(a for a in paramiko_preferred_hostkeys if 'rsa-sha2' in a)
+
+        # override paramiko's default logger name
+        if self._log_channel is not None:
+            ssh.set_log_channel(self._log_channel)
+
+        self.keyfile = os.path.expanduser(self.get_option('user_known_hosts_file'))
+
+        if self.get_option('host_key_checking'):
+            for ssh_known_hosts in ('/etc/ssh/ssh_known_hosts', '/etc/openssh/ssh_known_hosts', self.keyfile):
+                try:
+                    ssh.load_system_host_keys(ssh_known_hosts)
+                    break
+                except IOError:
+                    pass  # file was not found, but not required to function
+                except paramiko.hostkeys.InvalidHostKey as e:
+                    raise AnsibleConnectionFailure(f'Invalid host key: {to_text(e.line)}')
+            try:
+                ssh.load_system_host_keys()
+            except paramiko.hostkeys.InvalidHostKey as e:
+                raise AnsibleConnectionFailure(f'Invalid host key: {to_text(e.line)}')
+
+        ssh_connect_kwargs = self._parse_proxy_command(port)
+        ssh.set_missing_host_key_policy(MyAddPolicy(self))
+        conn_password = self.get_option('password')
+        allow_agent = True
+
+        if conn_password is not None:
+            allow_agent = False
+
+        try:
+            key_filename = None
+            if self.get_option('private_key_file'):
+                key_filename = os.path.expanduser(self.get_option('private_key_file'))
+
+            # paramiko 2.2 introduced auth_timeout parameter
+            if LooseVersion(paramiko.__version__) >= LooseVersion('2.2.0'):
+                ssh_connect_kwargs['auth_timeout'] = self.get_option('timeout')
+
+            # paramiko 1.15 introduced banner timeout parameter
+            if LooseVersion(paramiko.__version__) >= LooseVersion('1.15.0'):
+                ssh_connect_kwargs['banner_timeout'] = self.get_option('banner_timeout')
+
+            ssh.connect(
+                self.get_option('remote_addr').lower(),
+                username=self.get_option('remote_user'),
+                allow_agent=allow_agent,
+                look_for_keys=self.get_option('look_for_keys'),
+                key_filename=key_filename,
+                password=conn_password,
+                timeout=self.get_option('timeout'),
+                port=port,
+                disabled_algorithms=disabled_algorithms,
+                **ssh_connect_kwargs,
+            )
+        except paramiko.ssh_exception.BadHostKeyException as e:
+            raise AnsibleConnectionFailure(f'host key mismatch for {to_text(e.hostname)}')
+        except paramiko.ssh_exception.AuthenticationException as e:
+            msg = f'Failed to authenticate: {e}'
+            raise AnsibleAuthenticationFailure(msg)
+        except Exception as e:
+            msg = to_text(e)
+            if u'PID check failed' in msg:
+                raise AnsibleError('paramiko version issue, please upgrade paramiko on the machine running ansible')
+            elif u'Private key file is encrypted' in msg:
+                msg = f'ssh {self.get_option("remote_user")}@{self.get_options("remote_addr")}:{port} : ' + \
+                    f'{msg}\nTo connect as a different user, use -u <username>.'
+                raise AnsibleConnectionFailure(msg)
+            else:
+                raise AnsibleConnectionFailure(msg)
+        self.ssh = ssh
+        self._connected = True
+        return self
+
+    def _any_keys_added(self) -> bool:
+        for hostname, keys in self.ssh._host_keys.items():
+            for keytype, key in keys.items():
+                added_this_time = getattr(key, '_added_by_ansible_this_time', False)
+                if added_this_time:
+                    return True
+        return False
+
+    def _save_ssh_host_keys(self, filename: str) -> None:
+        """
+        not using the paramiko save_ssh_host_keys function as we want to add new SSH keys at the bottom so folks
+        don't complain about it :)
+        """
+
+        if not self._any_keys_added():
+            return
+
+        path = os.path.expanduser('~/.ssh')
+        makedirs_safe(path)
+
+        with open(filename, 'w') as f:
+            for hostname, keys in self.ssh._host_keys.items():
+                for keytype, key in keys.items():
+                    # was f.write
+                    added_this_time = getattr(key, '_added_by_ansible_this_time', False)
+                    if not added_this_time:
+                        f.write(f'{hostname} {keytype} {key.get_base64()}\n')
+
+            for hostname, keys in self.ssh._host_keys.items():
+                for keytype, key in keys.items():
+                    added_this_time = getattr(key, '_added_by_ansible_this_time', False)
+                    if added_this_time:
+                        f.write(f'{hostname} {keytype} {key.get_base64()}\n')
+
+    def _build_wsl_command(self, cmd: str) -> str:
+        wsl_distribution = self.get_option('wsl_distribution')
+        become = self.get_option('become')
+        become_user = self.get_option('become_user')
+        if become and become_user:
+            wsl_user = become_user
+        else:
+            wsl_user = self.get_option('wsl_user')
+        args = ['wsl.exe', '--distribution', wsl_distribution]
+        if wsl_user:
+            args.extend(['--user', wsl_user])
+        args.extend(['--'])
+        args.extend(shlex.split(cmd))
+        if os.getenv('_ANSIBLE_TEST_WSL_CONNECTION_PLUGIN_Waeri5tepheeSha2fae8'):
+            return shlex.join(args)
+        return list2cmdline(args)   # see https://github.com/python/cpython/blob/3.11/Lib/subprocess.py#L576
+
+    def exec_command(self, cmd: str, in_data: bytes | None = None, sudoable: bool = True) -> tuple[int, bytes, bytes]:
+        """ run a command on inside a WSL distribution """
+
+        cmd = self._build_wsl_command(cmd)
+
+        super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable)
+
+        bufsize = 4096
+
+        try:
+            self.ssh.get_transport().set_keepalive(5)
+            chan = self.ssh.get_transport().open_session()
+        except Exception as e:
+            text_e = to_text(e)
+            msg = 'Failed to open session'
+            if text_e:
+                msg += f': {text_e}'
+            raise AnsibleConnectionFailure(to_native(msg))
+
+        display.vvv(f'EXEC {cmd}', host=self.get_option('remote_addr'))
+
+        cmd = to_bytes(cmd, errors='surrogate_or_strict')
+
+        no_prompt_out = b''
+        no_prompt_err = b''
+        become_output = b''
+
+        try:
+            chan.exec_command(cmd)
+            if self.become and self.become.expect_prompt():
+                password_prompt = False
+                become_success = False
+                while not (become_success or password_prompt):
+                    display.debug('Waiting for Privilege Escalation input')
+
+                    chunk = chan.recv(bufsize)
+                    display.debug(f'chunk is: {to_text(chunk)}')
+                    if not chunk:
+                        if b'unknown user' in become_output:
+                            n_become_user = to_native(self.become.get_option('become_user'))
+                            raise AnsibleError(f'user {n_become_user} does not exist')
+                        else:
+                            break
+                            # raise AnsibleError('ssh connection closed waiting for password prompt')
+                    become_output += chunk
+
+                    # need to check every line because we might get lectured
+                    # and we might get the middle of a line in a chunk
+                    for line in become_output.splitlines(True):
+                        if self.become.check_success(line):
+                            become_success = True
+                            break
+                        elif self.become.check_password_prompt(line):
+                            password_prompt = True
+                            break
+
+                if password_prompt:
+                    if self.become:
+                        become_pass = self.become.get_option('become_pass')
+                        chan.sendall(to_bytes(become_pass + '\n', errors='surrogate_or_strict'))
+                    else:
+                        raise AnsibleError('A password is required but none was supplied')
+                else:
+                    no_prompt_out += become_output
+                    no_prompt_err += become_output
+
+            if in_data:
+                for i in range(0, len(in_data), bufsize):
+                    chan.send(in_data[i:i + bufsize])
+                chan.shutdown_write()
+            elif in_data == b'':
+                chan.shutdown_write()
+
+        except socket.timeout:
+            raise AnsibleError('ssh timed out waiting for privilege escalation.\n' + to_text(become_output))
+
+        stdout = b''.join(chan.makefile('rb', bufsize))
+        stderr = b''.join(chan.makefile_stderr('rb', bufsize))
+        returncode = chan.recv_exit_status()
+
+        # NB the full english error message is:
+        #     'wsl.exe' is not recognized as an internal or external command,
+        #     operable program or batch file.
+        if "'wsl.exe' is not recognized" in stderr.decode('utf-8'):
+            raise AnsibleError(
+                f'wsl.exe not found in path of host: {to_text(self.get_option("remote_addr"))}')
+
+        return (returncode, no_prompt_out + stdout, no_prompt_out + stderr)
+
+    def put_file(self, in_path: str, out_path: str) -> None:
+        """ transfer a file from local to remote """
+
+        display.vvv(f'PUT {in_path} TO {out_path}', host=self.get_option('remote_addr'))
+        try:
+            with open(in_path, 'rb') as f:
+                data = f.read()
+                returncode, stdout, stderr = self.exec_command(
+                    ' '.join([
+                        self._shell.executable, '-c',
+                        self._shell.quote(f'cat > {out_path}')]),
+                    in_data=data,
+                    sudoable=False)
+            if returncode != 0:
+                if 'cat: not found' in stderr.decode('utf-8'):
+                    raise AnsibleError(
+                        f'cat not found in path of WSL distribution: {to_text(self.get_option("wsl_distribution"))}')
+                raise AnsibleError(
+                    f'{to_text(stdout)}\n{to_text(stderr)}')
+        except Exception as e:
+            raise AnsibleError(
+                f'error occurred while putting file from {in_path} to {out_path}!\n{to_text(e)}')
+
+    def fetch_file(self, in_path: str, out_path: str) -> None:
+        """ save a remote file to the specified path """
+
+        display.vvv(f'FETCH {in_path} TO {out_path}', host=self.get_option('remote_addr'))
+        try:
+            returncode, stdout, stderr = self.exec_command(
+                ' '.join([
+                    self._shell.executable, '-c',
+                    self._shell.quote(f'cat {in_path}')]),
+                sudoable=False)
+            if returncode != 0:
+                if 'cat: not found' in stderr.decode('utf-8'):
+                    raise AnsibleError(
+                        f'cat not found in path of WSL distribution: {to_text(self.get_option("wsl_distribution"))}')
+                raise AnsibleError(
+                    f'{to_text(stdout)}\n{to_text(stderr)}')
+            with open(out_path, 'wb') as f:
+                f.write(stdout)
+        except Exception as e:
+            raise AnsibleError(
+                f'error occurred while fetching file from {in_path} to {out_path}!\n{to_text(e)}')
+
+    def reset(self) -> None:
+        """ reset the connection """
+
+        if not self._connected:
+            return
+        self.close()
+        self._connect()
+
+    def close(self) -> None:
+        """ terminate the connection """
+
+        if self.get_option('host_key_checking') and self.get_option('record_host_keys') and self._any_keys_added():
+            # add any new SSH host keys -- warning -- this could be slow
+            # (This doesn't acquire the connection lock because it needs
+            # to exclude only other known_hosts writers, not connections
+            # that are starting up.)
+            lockfile = os.path.basename(self.keyfile)
+            dirname = os.path.dirname(self.keyfile)
+            makedirs_safe(dirname)
+            tmp_keyfile_name = None
+            try:
+                with FileLock().lock_file(lockfile, dirname, self.get_option('lock_file_timeout')):
+                    # just in case any were added recently
+
+                    self.ssh.load_system_host_keys()
+                    self.ssh._host_keys.update(self.ssh._system_host_keys)
+
+                    # gather information about the current key file, so
+                    # we can ensure the new file has the correct mode/owner
+
+                    key_dir = os.path.dirname(self.keyfile)
+                    if os.path.exists(self.keyfile):
+                        key_stat = os.stat(self.keyfile)
+                        mode = key_stat.st_mode & 0o777
+                        uid = key_stat.st_uid
+                        gid = key_stat.st_gid
+                    else:
+                        mode = 0o644
+                        uid = os.getuid()
+                        gid = os.getgid()
+
+                    # Save the new keys to a temporary file and move it into place
+                    # rather than rewriting the file. We set delete=False because
+                    # the file will be moved into place rather than cleaned up.
+
+                    with tempfile.NamedTemporaryFile(dir=key_dir, delete=False) as tmp_keyfile:
+                        tmp_keyfile_name = tmp_keyfile.name
+                        os.chmod(tmp_keyfile_name, mode)
+                        os.chown(tmp_keyfile_name, uid, gid)
+                        self._save_ssh_host_keys(tmp_keyfile_name)
+
+                    os.rename(tmp_keyfile_name, self.keyfile)
+            except LockTimeout:
+                raise AnsibleError(
+                    f'writing lock file for {self.keyfile} ran in to the timeout of {self.get_option("lock_file_timeout")}s')
+            except paramiko.hostkeys.InvalidHostKey as e:
+                raise AnsibleConnectionFailure(f'Invalid host key: {e.line}')
+            except Exception as e:
+                # unable to save keys, including scenario when key was invalid
+                # and caught earlier
+                raise AnsibleError(
+                    f'error occurred while writing SSH host keys!\n{to_text(e)}')
+            finally:
+                if tmp_keyfile_name is not None:
+                    pathlib.Path(tmp_keyfile_name).unlink(missing_ok=True)
+
+        self.ssh.close()
+        self._connected = False
--- a/plugins/doc_fragments/attributes.py
+++ b/plugins/doc_fragments/attributes.py
@@ -32,14 +32,14 @@ attributes:
    INFO_MODULE = r'''
 options: {}
 attributes:
-    check_mode:
-      support: full
-      details:
-        - This action does not modify state.
-    diff_mode:
-      support: N/A
-      details:
-        - This action does not modify state.
+  check_mode:
+    support: full
+    details:
+      - This action does not modify state.
+  diff_mode:
+    support: N/A
+    details:
+      - This action does not modify state.
 '''

    CONN = r"""
@@ -64,16 +64,16 @@ attributes:
    FACTS_MODULE = r'''
 options: {}
 attributes:
-    check_mode:
-      support: full
-      details:
-        - This action does not modify state.
-    diff_mode:
-      support: N/A
-      details:
-        - This action does not modify state.
-    facts:
-      support: full
+  check_mode:
+    support: full
+    details:
+      - This action does not modify state.
+  diff_mode:
+    support: N/A
+    details:
+      - This action does not modify state.
+  facts:
+    support: full
 '''

    FILES = r"""
--- a/plugins/doc_fragments/emc.py
+++ b/plugins/doc_fragments/emc.py
@@ -13,21 +13,21 @@ class ModuleDocFragment(object):
    # Documentation fragment for VNX (emc_vnx)
    EMC_VNX = r'''
 options:
-    sp_address:
-        description:
-            - Address of the SP of target/secondary storage.
-        type: str
-        required: true
-    sp_user:
-        description:
-            - Username for accessing SP.
-        type: str
-        default: sysadmin
-    sp_password:
-        description:
-            - password for accessing SP.
-        type: str
-        default: sysadmin
+  sp_address:
+    description:
+      - Address of the SP of target/secondary storage.
+    type: str
+    required: true
+  sp_user:
+    description:
+      - Username for accessing SP.
+    type: str
+    default: sysadmin
+  sp_password:
+    description:
+      - password for accessing SP.
+    type: str
+    default: sysadmin
 requirements:
  - An EMC VNX Storage device.
  - storops (0.5.10 or greater). Install using C(pip install storops).
--- a/plugins/doc_fragments/redfish.py
+++ b/plugins/doc_fragments/redfish.py
@@ -0,0 +1,37 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (c) 2025 Ansible community
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+
+class ModuleDocFragment(object):
+
+    # Use together with the community.general.redfish module utils' REDFISH_COMMON_ARGUMENT_SPEC
+    DOCUMENTATION = r"""
+options:
+  validate_certs:
+    description:
+      - If V(false), TLS/SSL certificates will not be validated.
+      - Set this to V(true) to enable certificate checking. Should be used together with O(ca_path).
+    type: bool
+    default: false
+  ca_path:
+    description:
+      - PEM formatted file that contains a CA certificate to be used for validation.
+      - Only used if O(validate_certs=true).
+    type: path
+  ciphers:
+    required: false
+    description:
+      - TLS/SSL Ciphers to use for the request.
+      - When a list is provided, all ciphers are joined in order with V(:).
+      - See the L(OpenSSL Cipher List Format,https://www.openssl.org/docs/manmaster/man1/openssl-ciphers.html#CIPHER-LIST-FORMAT)
+        for more details.
+      - The available ciphers is dependent on the Python and OpenSSL/LibreSSL versions.
+    type: list
+    elements: str
+"""
--- a/plugins/filter/hashids.py
+++ b/plugins/filter/hashids.py
@@ -9,12 +9,16 @@ from __future__ import annotations
 from ansible.errors import (
    AnsibleError,
    AnsibleFilterError,
-    AnsibleFilterTypeError,
 )

 from ansible.module_utils.common.text.converters import to_native
 from ansible.module_utils.common.collections import is_sequence

+try:
+    from ansible.errors import AnsibleTypeError
+except ImportError:
+    from ansible.errors import AnsibleFilterTypeError as AnsibleTypeError
+
 try:
    from hashids import Hashids
    HAS_HASHIDS = True
@@ -63,7 +67,7 @@ def hashids_encode(nums, salt=None, alphabet=None, min_length=None):
    try:
        hashid = hashids.encode(*nums)
    except TypeError as e:
-        raise AnsibleFilterTypeError(
+        raise AnsibleTypeError(
            "Data to encode must by a tuple or list of ints: %s" % to_native(e)
        )

--- a/plugins/filter/json_patch.yml
+++ b/plugins/filter/json_patch.yml
@@ -64,7 +64,7 @@ EXAMPLES: |
    ansible.builtin.debug:
      msg: "{{ input | community.general.json_patch('add', '/1', {'baz': 'qux'}) }}"
    vars:
-        input: ["foo": { "one": 1 }, "bar": { "two": 2 }]
+      input: ["foo": { "one": 1 }, "bar": { "two": 2 }]
    # => [{"foo": {"one": 1}}, {"baz": "qux"}, {"bar": {"two": 2}}]

  - name: Insert a new key into a dictionary
@@ -94,7 +94,7 @@ EXAMPLES: |
    vars:
      input: {}
    # => {"~/": "qux"}
-    
+
  - name: Add at the end of the array
    ansible.builtin.debug:
      msg: "{{ input | community.general.json_patch('add', '/-', 4) }}"
@@ -136,7 +136,7 @@ EXAMPLES: |
    vars:
      input: { "foo": { "one": 1 }, "bar": { "two": 2 } }
    # => OK
-  
+
  - name: Unuccessful test
    ansible.builtin.debug:
      msg: "{{ input | community.general.json_patch('test', '/bar/two', 9) | ternary('OK', 'Failed') }}"
--- a/plugins/filter/lists_difference.yml
+++ b/plugins/filter/lists_difference.yml
@@ -31,7 +31,7 @@ EXAMPLES: |
      list1: [1, 2, 5, 3, 4, 10]
      list2: [1, 2, 3, 4, 5, 11, 99]
  # => [10]
-  
+
  - name: Return the difference of list1, list2 and list3.
    ansible.builtin.debug:
      msg: "{{ [list1, list2, list3] | community.general.lists_difference(flatten=true) }}"
--- a/plugins/filter/lists_intersect.yml
+++ b/plugins/filter/lists_intersect.yml
@@ -31,7 +31,7 @@ EXAMPLES: |
      list1: [1, 2, 5, 3, 4, 10]
      list2: [1, 2, 3, 4, 5, 11, 99]
  # => [1, 2, 5, 3, 4]
-  
+
  - name: Return the intersection of list1, list2 and list3.
    ansible.builtin.debug:
      msg: "{{ [list1, list2, list3] | community.general.lists_intersect(flatten=true) }}"
--- a/plugins/filter/lists_symmetric_difference.yml
+++ b/plugins/filter/lists_symmetric_difference.yml
@@ -31,7 +31,7 @@ EXAMPLES: |
      list1: [1, 2, 5, 3, 4, 10]
      list2: [1, 2, 3, 4, 5, 11, 99]
  # => [10, 11, 99]
-  
+
  - name: Return the symmetric difference of list1, list2 and list3.
    ansible.builtin.debug:
      msg: "{{ [list1, list2, list3] | community.general.lists_symmetric_difference(flatten=true) }}"
--- a/plugins/filter/lists_union.yml
+++ b/plugins/filter/lists_union.yml
@@ -32,7 +32,7 @@ EXAMPLES: |
      list2: [1, 2, 3, 4, 5, 11, 99]
      list3: [1, 2, 3, 4, 5, 10, 99, 101]
  # => [1, 2, 5, 3, 4, 10, 11, 99, 101]
-  
+
  - name: Return the union of list1 and list2.
    ansible.builtin.debug:
      msg: "{{ [list1, list2] | community.general.lists_union(flatten=true) }}"
--- a/plugins/filter/reveal_ansible_type.py
+++ b/plugins/filter/reveal_ansible_type.py
@@ -23,29 +23,29 @@ options:
 """

 EXAMPLES = r"""
-# Substitution converts str to AnsibleUnicode
-# -------------------------------------------
+# Substitution converts str to AnsibleUnicode or _AnsibleTaggedStr
+# ----------------------------------------------------------------

-# String. AnsibleUnicode.
+# String. AnsibleUnicode or _AnsibleTaggedStr.
 - data: "abc"
  result: '{{ data | community.general.reveal_ansible_type }}'
-# result => AnsibleUnicode
+# result => AnsibleUnicode (or _AnsibleTaggedStr)

-# String. AnsibleUnicode alias str.
- alias: {"AnsibleUnicode": "str"}
+# String. AnsibleUnicode/_AnsibleTaggedStr alias str.
+- alias: {"AnsibleUnicode": "str", "_AnsibleTaggedStr": "str"}
  data: "abc"
  result: '{{ data | community.general.reveal_ansible_type(alias) }}'
 # result => str

-# List. All items are AnsibleUnicode.
+# List. All items are AnsibleUnicode/_AnsibleTaggedStr.
 - data: ["a", "b", "c"]
  result: '{{ data | community.general.reveal_ansible_type }}'
-# result => list[AnsibleUnicode]
+# result => list[AnsibleUnicode] or list[_AnsibleTaggedStr]

-# Dictionary. All keys are AnsibleUnicode. All values are AnsibleUnicode.
+# Dictionary. All keys and values are AnsibleUnicode/_AnsibleTaggedStr.
 - data: {"a": "foo", "b": "bar", "c": "baz"}
  result: '{{ data | community.general.reveal_ansible_type }}'
-# result => dict[AnsibleUnicode, AnsibleUnicode]
+# result => dict[AnsibleUnicode, AnsibleUnicode] or dict[_AnsibleTaggedStr, _AnsibleTaggedStr]

 # No substitution and no alias. Type of strings is str
 # ----------------------------------------------------
@@ -82,29 +82,43 @@ EXAMPLES = r"""
 - result: '{{ {"a": 1, "b": 2} | community.general.reveal_ansible_type }}'
 # result => dict[str, int]

-# Type of strings is AnsibleUnicode or str
-# ----------------------------------------
+# Type of strings is AnsibleUnicode, _AnsibleTaggedStr, or str
+# ------------------------------------------------------------

 # Dictionary. The keys are integers or strings. All values are strings.
- alias: {"AnsibleUnicode": "str"}
+- alias:
+    AnsibleUnicode: str
+    _AnsibleTaggedStr: str
+    _AnsibleTaggedInt: int
  data: {1: 'a', 'b': 'b'}
  result: '{{ data | community.general.reveal_ansible_type(alias) }}'
 # result => dict[int|str, str]

 # Dictionary. All keys are integers. All values are keys.
- alias: {"AnsibleUnicode": "str"}
+- alias:
+    AnsibleUnicode: str
+    _AnsibleTaggedStr: str
+    _AnsibleTaggedInt: int
  data: {1: 'a', 2: 'b'}
  result: '{{ data | community.general.reveal_ansible_type(alias) }}'
 # result => dict[int, str]

 # Dictionary. All keys are strings. Multiple types values.
- alias: {"AnsibleUnicode": "str"}
+- alias:
+    AnsibleUnicode: str
+    _AnsibleTaggedStr: str
+    _AnsibleTaggedInt: int
+    _AnsibleTaggedFloat: float
  data: {'a': 1, 'b': 1.1, 'c': 'abc', 'd': true, 'e': ['x', 'y', 'z'], 'f': {'x': 1, 'y': 2}}
  result: '{{ data | community.general.reveal_ansible_type(alias) }}'
 # result => dict[str, bool|dict|float|int|list|str]

 # List. Multiple types items.
- alias: {"AnsibleUnicode": "str"}
+- alias:
+    AnsibleUnicode: str
+    _AnsibleTaggedStr: str
+    _AnsibleTaggedInt: int
+    _AnsibleTaggedFloat: float
  data: [1, 2, 1.1, 'abc', true, ['x', 'y', 'z'], {'x': 1, 'y': 2}]
  result: '{{ data | community.general.reveal_ansible_type(alias) }}'
 # result => list[bool|dict|float|int|list|str]
@@ -122,6 +136,7 @@ from ansible_collections.community.general.plugins.plugin_utils.ansible_type imp
 def reveal_ansible_type(data, alias=None):
    """Returns data type"""

+    # TODO: expose use_native_type parameter
    return _ansible_type(data, alias)


--- a/plugins/filter/to_days.yml
+++ b/plugins/filter/to_days.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_days
-  short_description: Converte a duration string to days
+  short_description: Converts a duration string to days
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to days.
--- a/plugins/filter/to_hours.yml
+++ b/plugins/filter/to_hours.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_hours
-  short_description: Converte a duration string to hours
+  short_description: Converts a duration string to hours
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to hours.
--- a/plugins/filter/to_milliseconds.yml
+++ b/plugins/filter/to_milliseconds.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_milliseconds
-  short_description: Converte a duration string to milliseconds
+  short_description: Converts a duration string to milliseconds
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to milliseconds.
--- a/plugins/filter/to_minutes.yml
+++ b/plugins/filter/to_minutes.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_minutes
-  short_description: Converte a duration string to minutes
+  short_description: Converts a duration string to minutes
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to minutes.
--- a/plugins/filter/to_months.yml
+++ b/plugins/filter/to_months.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_months
-  short_description: Converte a duration string to months
+  short_description: Convert a duration string to months
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to months.
--- a/plugins/filter/to_prettytable.py
+++ b/plugins/filter/to_prettytable.py
@@ -0,0 +1,414 @@
+# -*- coding: utf-8 -*-
+# Copyright (c) 2025, Timur Gadiev <tgadiev@gmail.com>
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import (absolute_import, division, print_function)
+
+DOCUMENTATION = r"""
+name: to_prettytable
+short_description: Format a list of dictionaries as an ASCII table
+version_added: "10.7.0"
+author: Timur Gadiev (@tgadiev)
+description:
+  - This filter takes a list of dictionaries and formats it as an ASCII table using the I(prettytable) Python library.
+requirements:
+  - prettytable
+options:
+  _input:
+    description: A list of dictionaries to format.
+    type: list
+    elements: dictionary
+    required: true
+  column_order:
+    description: List of column names to specify the order of columns in the table.
+    type: list
+    elements: string
+  header_names:
+    description: List of custom header names to use instead of dictionary keys.
+    type: list
+    elements: string
+  column_alignments:
+    description:
+      - >-
+          Dictionary where keys are column names and values are alignment settings.
+          Valid alignment values are C(left), C(center), C(right), C(l), C(c), or C(r).
+      - >-
+          For example, V({'name': 'left', 'id': 'right'}) will align the C(name) column to the left
+          and the C(id) column to the right.
+    type: dictionary
+"""
+
+EXAMPLES = r"""
+---
+- name: Set a list of users
+  ansible.builtin.set_fact:
+    users:
+      - name: Alice
+        age: 25
+        role: admin
+      - name: Bob
+        age: 30
+        role: user
+
+- name: Display a list of users as a table
+  ansible.builtin.debug:
+    msg: >-
+      {{
+        users | community.general.to_prettytable
+      }}
+
+- name: Display a table with custom column ordering
+  ansible.builtin.debug:
+    msg: >-
+      {{
+        users | community.general.to_prettytable(
+          column_order=['role', 'name', 'age']
+        )
+      }}
+
+- name: Display a table with selective column output (only show name and role fields)
+  ansible.builtin.debug:
+    msg: >-
+      {{
+        users | community.general.to_prettytable(
+          column_order=['name', 'role']
+        )
+      }}
+
+- name: Display a table with custom headers
+  ansible.builtin.debug:
+    msg: >-
+      {{
+        users | community.general.to_prettytable(
+          header_names=['User Name', 'User Age', 'User Role']
+        )
+      }}
+
+- name: Display a table with custom alignments
+  ansible.builtin.debug:
+    msg: >-
+      {{
+        users | community.general.to_prettytable(
+          column_alignments={'name': 'center', 'age': 'right', 'role': 'left'}
+        )
+      }}
+
+- name: Combine multiple options
+  ansible.builtin.debug:
+    msg: >-
+      {{
+        users | community.general.to_prettytable(
+          column_order=['role', 'name', 'age'],
+          header_names=['Position', 'Full Name', 'Years'],
+          column_alignments={'name': 'center', 'age': 'right', 'role': 'left'}
+        )
+      }}
+"""
+
+RETURN = r"""
+_value:
+  description: The formatted ASCII table.
+  type: string
+"""
+
+try:
+    import prettytable
+    HAS_PRETTYTABLE = True
+except ImportError:
+    HAS_PRETTYTABLE = False
+
+from ansible.errors import AnsibleFilterError
+from ansible.module_utils._text import to_text
+from ansible.module_utils.six import string_types
+
+
+class TypeValidationError(AnsibleFilterError):
+    """Custom exception for type validation errors.
+
+    Args:
+        obj: The object with incorrect type
+        expected: Description of expected type
+    """
+    def __init__(self, obj, expected):
+        type_name = "string" if isinstance(obj, string_types) else type(obj).__name__
+        super().__init__(f"Expected {expected}, got a {type_name}")
+
+
+def _validate_list_param(param, param_name, ensure_strings=True):
+    """Validate a parameter is a list and optionally ensure all elements are strings.
+
+    Args:
+        param: The parameter to validate
+        param_name: The name of the parameter for error messages
+        ensure_strings: Whether to check that all elements are strings
+
+    Raises:
+        AnsibleFilterError: If validation fails
+    """
+    # Map parameter names to their original error message format
+    error_messages = {
+        "column_order": "a list of column names",
+        "header_names": "a list of header names"
+    }
+
+    # Use the specific error message if available, otherwise use a generic one
+    error_msg = error_messages.get(param_name, f"a list for {param_name}")
+
+    if not isinstance(param, list):
+        raise TypeValidationError(param, error_msg)
+
+    if ensure_strings:
+        for item in param:
+            if not isinstance(item, string_types):
+                # Maintain original error message format
+                if param_name == "column_order":
+                    error_msg = "a string for column name"
+                elif param_name == "header_names":
+                    error_msg = "a string for header name"
+                else:
+                    error_msg = f"a string for {param_name} element"
+                raise TypeValidationError(item, error_msg)
+
+
+def _match_key(item_dict, lookup_key):
+    """Find a matching key in a dictionary, handling type conversion.
+
+    Args:
+        item_dict: Dictionary to search in
+        lookup_key: Key to look for, possibly needing type conversion
+
+    Returns:
+        The matching key or None if no match found
+    """
+    # Direct key match
+    if lookup_key in item_dict:
+        return lookup_key
+
+    # Try boolean conversion for 'true'/'false' strings
+    if isinstance(lookup_key, string_types):
+        if lookup_key.lower() == 'true' and True in item_dict:
+            return True
+        if lookup_key.lower() == 'false' and False in item_dict:
+            return False
+
+        # Try numeric conversion for string numbers
+        if lookup_key.isdigit() and int(lookup_key) in item_dict:
+            return int(lookup_key)
+
+    # No match found
+    return None
+
+
+def _build_key_maps(data):
+    """Build mappings between string keys and original keys.
+
+    Args:
+        data: List of dictionaries with keys to map
+
+    Returns:
+        Tuple of (key_map, reverse_key_map)
+    """
+    key_map = {}
+    reverse_key_map = {}
+
+    # Check if the data list is not empty
+    if not data:
+        return key_map, reverse_key_map
+
+    first_dict = data[0]
+    for orig_key in first_dict.keys():
+        # Store string version of the key
+        str_key = to_text(orig_key)
+        key_map[str_key] = orig_key
+        # Also store lowercase version for case-insensitive lookups
+        reverse_key_map[str_key.lower()] = orig_key
+
+    return key_map, reverse_key_map
+
+
+def _configure_alignments(table, field_names, column_alignments):
+    """Configure column alignments for the table.
+
+    Args:
+        table: The PrettyTable instance to configure
+        field_names: List of field names to align
+        column_alignments: Dict of column alignments
+    """
+    valid_alignments = {"left", "center", "right", "l", "c", "r"}
+
+    if not isinstance(column_alignments, dict):
+        return
+
+    for col_name, alignment in column_alignments.items():
+        if col_name in field_names:
+            # We already validated alignment is a string and a valid value in the main function
+            # Just apply it here
+            alignment = alignment.lower()
+            table.align[col_name] = alignment[0]
+
+
+def to_prettytable(data, *args, **kwargs):
+    """Convert a list of dictionaries to an ASCII table.
+
+    Args:
+        data: List of dictionaries to format
+        *args: Optional list of column names to specify column order
+        **kwargs: Optional keyword arguments:
+            - column_order: List of column names to specify the order
+            - header_names: List of custom header names
+            - column_alignments: Dict of column alignments (left, center, right)
+
+    Returns:
+        String containing the ASCII table
+    """
+    if not HAS_PRETTYTABLE:
+        raise AnsibleFilterError(
+            'You need to install "prettytable" Python module to use this filter'
+        )
+
+    # === Input validation ===
+    # Validate list type
+    if not isinstance(data, list):
+        raise TypeValidationError(data, "a list of dictionaries")
+
+    # Validate dictionary items if list is not empty
+    if data and not all(isinstance(item, dict) for item in data):
+        invalid_item = next((item for item in data if not isinstance(item, dict)), None)
+        raise TypeValidationError(invalid_item, "all items in the list to be dictionaries")
+
+    # Get sample dictionary to determine fields - empty if no data
+    sample_dict = data[0] if data else {}
+    max_fields = len(sample_dict)
+
+    # === Process column order ===
+    # Handle both positional and keyword column_order
+    column_order = kwargs.pop('column_order', None)
+
+    # Check for conflict between args and column_order
+    if args and column_order is not None:
+        raise AnsibleFilterError("Cannot use both positional arguments and the 'column_order' keyword argument")
+
+    # Use positional args if provided
+    if args:
+        column_order = list(args)
+
+    # Validate column_order
+    if column_order is not None:
+        _validate_list_param(column_order, "column_order")
+
+        # Validate column_order doesn't exceed the number of fields (skip if data is empty)
+        if data and len(column_order) > max_fields:
+            raise AnsibleFilterError(
+                f"'column_order' has more elements ({len(column_order)}) than available fields in data ({max_fields})")
+
+    # === Process headers ===
+    # Determine field names and ensure they are strings
+    if column_order:
+        field_names = column_order
+    else:
+        # Use field names from first dictionary, ensuring all are strings
+        field_names = [to_text(k) for k in sample_dict]
+
+    # Process custom headers
+    header_names = kwargs.pop('header_names', None)
+    if header_names is not None:
+        _validate_list_param(header_names, "header_names")
+
+        # Validate header_names doesn't exceed the number of fields (skip if data is empty)
+        if data and len(header_names) > max_fields:
+            raise AnsibleFilterError(
+                f"'header_names' has more elements ({len(header_names)}) than available fields in data ({max_fields})")
+
+        # Validate that column_order and header_names have the same size if both provided
+        if column_order is not None and len(column_order) != len(header_names):
+            raise AnsibleFilterError(
+                f"'column_order' and 'header_names' must have the same number of elements. "
+                f"Got {len(column_order)} columns and {len(header_names)} headers.")
+
+    # === Process alignments ===
+    # Get column alignments and validate
+    column_alignments = kwargs.pop('column_alignments', {})
+    valid_alignments = {"left", "center", "right", "l", "c", "r"}
+
+    # Validate column_alignments is a dictionary
+    if not isinstance(column_alignments, dict):
+        raise TypeValidationError(column_alignments, "a dictionary for column_alignments")
+
+    # Validate column_alignments keys and values
+    for key, value in column_alignments.items():
+        # Check that keys are strings
+        if not isinstance(key, string_types):
+            raise TypeValidationError(key, "a string for column_alignments key")
+
+        # Check that values are strings
+        if not isinstance(value, string_types):
+            raise TypeValidationError(value, "a string for column_alignments value")
+
+        # Check that values are valid alignments
+        if value.lower() not in valid_alignments:
+            raise AnsibleFilterError(
+                f"Invalid alignment '{value}' in 'column_alignments'. "
+                f"Valid alignments are: {', '.join(sorted(valid_alignments))}")
+
+    # Validate column_alignments doesn't have more keys than fields (skip if data is empty)
+    if data and len(column_alignments) > max_fields:
+        raise AnsibleFilterError(
+            f"'column_alignments' has more elements ({len(column_alignments)}) than available fields in data ({max_fields})")
+
+    # Check for unknown parameters
+    if kwargs:
+        raise AnsibleFilterError(f"Unknown parameter(s) for to_prettytable filter: {', '.join(sorted(kwargs))}")
+
+    # === Build the table ===
+    table = prettytable.PrettyTable()
+
+    # Set the field names for display
+    display_names = header_names if header_names is not None else field_names
+    table.field_names = [to_text(name) for name in display_names]
+
+    # Configure alignments after setting field_names
+    _configure_alignments(table, display_names, column_alignments)
+
+    # Build key maps only if not using explicit column_order and we have data
+    key_map = {}
+    reverse_key_map = {}
+    if not column_order and data:  # Only needed when using original dictionary keys and we have data
+        key_map, reverse_key_map = _build_key_maps(data)
+
+    # If we have an empty list with no custom parameters, return a simple empty table
+    if not data and not column_order and not header_names and not column_alignments:
+        return "++\n++"
+
+    # Process each row if we have data
+    for item in data:
+        row = []
+        for col in field_names:
+            # Try direct mapping first
+            if col in key_map:
+                row.append(item.get(key_map[col], ""))
+            else:
+                # Try to find a matching key in the item
+                matched_key = _match_key(item, col)
+                if matched_key is not None:
+                    row.append(item.get(matched_key, ""))
+                else:
+                    # Try case-insensitive lookup as last resort
+                    lower_col = col.lower() if isinstance(col, string_types) else str(col).lower()
+                    if lower_col in reverse_key_map:
+                        row.append(item.get(reverse_key_map[lower_col], ""))
+                    else:
+                        # No match found
+                        row.append("")
+        table.add_row(row)
+
+    return to_text(table)
+
+
+class FilterModule(object):
+    """Ansible core jinja2 filters."""
+
+    def filters(self):
+        return {
+            'to_prettytable': to_prettytable
+        }
--- a/plugins/filter/to_seconds.yml
+++ b/plugins/filter/to_seconds.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_seconds
-  short_description: Converte a duration string to seconds
+  short_description: Converts a duration string to seconds
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to seconds.
--- a/plugins/filter/to_time_unit.yml
+++ b/plugins/filter/to_time_unit.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_time_unit
-  short_description: Converte a duration string to the given time unit
+  short_description: Converts a duration string to the given time unit
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to the given time unit.
--- a/plugins/filter/to_weeks.yml
+++ b/plugins/filter/to_weeks.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_weeks
-  short_description: Converte a duration string to weeks
+  short_description: Converts a duration string to weeks
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to weeks.
--- a/plugins/filter/to_years.yml
+++ b/plugins/filter/to_years.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_years
-  short_description: Converte a duration string to years
+  short_description: Converts a duration string to years
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to years.
--- a/plugins/filter/unicode_normalize.py
+++ b/plugins/filter/unicode_normalize.py
@@ -48,9 +48,14 @@ _value:

 from unicodedata import normalize

-from ansible.errors import AnsibleFilterError, AnsibleFilterTypeError
+from ansible.errors import AnsibleFilterError
 from ansible.module_utils.six import text_type

+try:
+    from ansible.errors import AnsibleTypeError
+except ImportError:
+    from ansible.errors import AnsibleFilterTypeError as AnsibleTypeError
+

 def unicode_normalize(data, form='NFC'):
    """Applies normalization to 'unicode' strings.
@@ -65,7 +70,7 @@ def unicode_normalize(data, form='NFC'):
    """

    if not isinstance(data, text_type):
-        raise AnsibleFilterTypeError("%s is not a valid input type" % type(data))
+        raise AnsibleTypeError("%s is not a valid input type" % type(data))

    if form not in ('NFC', 'NFD', 'NFKC', 'NFKD'):
        raise AnsibleFilterError("%s is not a valid form" % form)
--- a/plugins/inventory/cobbler.py
+++ b/plugins/inventory/cobbler.py
@@ -5,114 +5,127 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 from __future__ import annotations

-DOCUMENTATION = '''
-    author: Orion Poplawski (@opoplawski)
-    name: cobbler
-    short_description: Cobbler inventory source
-    version_added: 1.0.0
+DOCUMENTATION = r"""
+author: Orion Poplawski (@opoplawski)
+name: cobbler
+short_description: Cobbler inventory source
+version_added: 1.0.0
+description:
+  - Get inventory hosts from the cobbler service.
+  - "Uses a configuration file as an inventory source, it must end in C(.cobbler.yml) or C(.cobbler.yaml) and have a C(plugin: cobbler) entry."
+  - Adds the primary IP addresses to C(cobbler_ipv4_address) and C(cobbler_ipv6_address) host variables if defined in Cobbler.  The primary IP address is
+    defined as the management interface if defined, or the interface who's DNS name matches the hostname of the system, or else the first interface found.
+extends_documentation_fragment:
+  - inventory_cache
+options:
+  plugin:
+    description: The name of this plugin, it should always be set to V(community.general.cobbler) for this plugin to recognize it as its own.
+    type: string
+    required: true
+    choices: ['cobbler', 'community.general.cobbler']
+  url:
+    description: URL to cobbler.
+    type: string
+    default: 'http://cobbler/cobbler_api'
+    env:
+      - name: COBBLER_SERVER
+  user:
+    description: Cobbler authentication user.
+    type: string
+    required: false
+    env:
+      - name: COBBLER_USER
+  password:
+    description: Cobbler authentication password.
+    type: string
+    required: false
+    env:
+      - name: COBBLER_PASSWORD
+  cache_fallback:
+    description: Fallback to cached results if connection to cobbler fails.
+    type: boolean
+    default: false
+  connection_timeout:
+    description: Timeout to connect to cobbler server.
+    type: int
+    required: false
+    version_added: 10.7.0
+  exclude_mgmt_classes:
+    description: Management classes to exclude from inventory.
+    type: list
+    default: []
+    elements: str
+    version_added: 7.4.0
+  exclude_profiles:
    description:
-        - Get inventory hosts from the cobbler service.
-        - "Uses a configuration file as an inventory source, it must end in C(.cobbler.yml) or C(.cobbler.yaml) and have a C(plugin: cobbler) entry."
-        - Adds the primary IP addresses to C(cobbler_ipv4_address) and C(cobbler_ipv6_address) host variables if defined in Cobbler.  The primary IP address is
-          defined as the management interface if defined, or the interface who's DNS name matches the hostname of the system, or else the first interface found.
-    extends_documentation_fragment:
-        - inventory_cache
-    options:
-      plugin:
-        description: The name of this plugin, it should always be set to V(community.general.cobbler) for this plugin to recognize it as its own.
-        type: string
-        required: true
-        choices: [ 'cobbler', 'community.general.cobbler' ]
-      url:
-        description: URL to cobbler.
-        type: string
-        default: 'http://cobbler/cobbler_api'
-        env:
-            - name: COBBLER_SERVER
-      user:
-        description: Cobbler authentication user.
-        type: string
-        required: false
-        env:
-            - name: COBBLER_USER
-      password:
-        description: Cobbler authentication password.
-        type: string
-        required: false
-        env:
-            - name: COBBLER_PASSWORD
-      cache_fallback:
-        description: Fallback to cached results if connection to cobbler fails.
-        type: boolean
-        default: false
-      exclude_mgmt_classes:
-        description: Management classes to exclude from inventory.
-        type: list
-        default: []
-        elements: str
-        version_added: 7.4.0
-      exclude_profiles:
-        description:
-          - Profiles to exclude from inventory.
-          - Ignored if O(include_profiles) is specified.
-        type: list
-        default: []
-        elements: str
-      include_mgmt_classes:
-        description: Management classes to include from inventory.
-        type: list
-        default: []
-        elements: str
-        version_added: 7.4.0
-      include_profiles:
-        description:
-          - Profiles to include from inventory.
-          - If specified, all other profiles will be excluded.
-          - O(exclude_profiles) is ignored if O(include_profiles) is specified.
-        type: list
-        default: []
-        elements: str
-        version_added: 4.4.0
-      inventory_hostname:
-        description:
-          - What to use for the ansible inventory hostname.
-          - By default the networking hostname is used if defined, otherwise the DNS name of the management or first non-static interface.
-          - If set to V(system), the cobbler system name is used.
-        type: str
-        choices: [ 'hostname', 'system' ]
-        default: hostname
-        version_added: 7.1.0
-      group_by:
-        description: Keys to group hosts by.
-        type: list
-        elements: string
-        default: [ 'mgmt_classes', 'owners', 'status' ]
-      group:
-        description: Group to place all hosts into.
-        default: cobbler
-      group_prefix:
-        description: Prefix to apply to cobbler groups.
-        default: cobbler_
-      want_facts:
-        description: Toggle, if V(true) the plugin will retrieve host facts from the server.
-        type: boolean
-        default: true
-      want_ip_addresses:
-        description:
-          - Toggle, if V(true) the plugin will add a C(cobbler_ipv4_addresses) and C(cobbleer_ipv6_addresses) dictionary to the defined O(group) mapping
-            interface DNS names to IP addresses.
-        type: boolean
-        default: true
-        version_added: 7.1.0
-'''
+      - Profiles to exclude from inventory.
+      - Ignored if O(include_profiles) is specified.
+    type: list
+    default: []
+    elements: str
+  include_mgmt_classes:
+    description: Management classes to include from inventory.
+    type: list
+    default: []
+    elements: str
+    version_added: 7.4.0
+  include_profiles:
+    description:
+      - Profiles to include from inventory.
+      - If specified, all other profiles will be excluded.
+      - O(exclude_profiles) is ignored if O(include_profiles) is specified.
+    type: list
+    default: []
+    elements: str
+    version_added: 4.4.0
+  inventory_hostname:
+    description:
+      - What to use for the ansible inventory hostname.
+      - By default the networking hostname is used if defined, otherwise the DNS name of the management or first non-static interface.
+      - If set to V(system), the cobbler system name is used.
+    type: str
+    choices: ['hostname', 'system']
+    default: hostname
+    version_added: 7.1.0
+  group_by:
+    description: Keys to group hosts by.
+    type: list
+    elements: string
+    default: ['mgmt_classes', 'owners', 'status']
+  group:
+    description: Group to place all hosts into.
+    default: cobbler
+  group_prefix:
+    description: Prefix to apply to cobbler groups.
+    default: cobbler_
+  want_facts:
+    description: Toggle, if V(true) the plugin will retrieve all host facts from the server.
+    type: boolean
+    default: true
+  want_ip_addresses:
+    description:
+      - Toggle, if V(true) the plugin will add a C(cobbler_ipv4_addresses) and C(cobbler_ipv6_addresses) dictionary to the defined O(group) mapping
+        interface DNS names to IP addresses.
+    type: boolean
+    default: true
+    version_added: 7.1.0
+  facts_level:
+    description:
+      - "Set to V(normal) to gather only system-level variables."
+      - "Set to V(as_rendered) to gather all variables as rolled up by Cobbler."
+    type: string
+    choices: ['normal', 'as_rendered']
+    default: normal
+    version_added: 10.7.0
+"""

-EXAMPLES = '''
+EXAMPLES = r"""
 # my.cobbler.yml
 plugin: community.general.cobbler
 url: http://cobbler/cobbler_api
 user: ansible-tester
 password: secure
-'''
+"""

 import socket

@@ -134,6 +147,18 @@ except ImportError:
        HAS_XMLRPC_CLIENT = False


+class TimeoutTransport (xmlrpc_client.SafeTransport):
+    def __init__(self, timeout=socket._GLOBAL_DEFAULT_TIMEOUT):
+        super(TimeoutTransport, self).__init__()
+        self._timeout = timeout
+        self.context = None
+
+    def make_connection(self, host):
+        conn = xmlrpc_client.SafeTransport.make_connection(self, host)
+        conn.timeout = self._timeout
+        return conn
+
+
 class InventoryModule(BaseInventoryPlugin, Cacheable):
    ''' Host inventory parser for ansible using cobbler as source. '''

@@ -142,7 +167,9 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
    def __init__(self):
        super(InventoryModule, self).__init__()
        self.cache_key = None
-        self.connection = None
+
+        if not HAS_XMLRPC_CLIENT:
+            raise AnsibleError('Could not import xmlrpc client library')

    def verify_file(self, path):
        valid = False
@@ -153,18 +180,6 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
                self.display.vvv('Skipping due to inventory source not ending in "cobbler.yaml" nor "cobbler.yml"')
        return valid

-    def _get_connection(self):
-        if not HAS_XMLRPC_CLIENT:
-            raise AnsibleError('Could not import xmlrpc client library')
-
-        if self.connection is None:
-            self.display.vvvv(f'Connecting to {self.cobbler_url}\n')
-            self.connection = xmlrpc_client.Server(self.cobbler_url, allow_none=True)
-            self.token = None
-            if self.get_option('user') is not None:
-                self.token = self.connection.login(text_type(self.get_option('user')), text_type(self.get_option('password')))
-        return self.connection
-
    def _init_cache(self):
        if self.cache_key not in self._cache:
            self._cache[self.cache_key] = {}
@@ -178,12 +193,11 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):

    def _get_profiles(self):
        if not self.use_cache or 'profiles' not in self._cache.get(self.cache_key, {}):
-            c = self._get_connection()
            try:
                if self.token is not None:
-                    data = c.get_profiles(self.token)
+                    data = self.cobbler.get_profiles(self.token)
                else:
-                    data = c.get_profiles()
+                    data = self.cobbler.get_profiles()
            except (socket.gaierror, socket.error, xmlrpc_client.ProtocolError):
                self._reload_cache()
            else:
@@ -194,12 +208,20 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):

    def _get_systems(self):
        if not self.use_cache or 'systems' not in self._cache.get(self.cache_key, {}):
-            c = self._get_connection()
            try:
                if self.token is not None:
-                    data = c.get_systems(self.token)
+                    data = self.cobbler.get_systems(self.token)
                else:
-                    data = c.get_systems()
+                    data = self.cobbler.get_systems()
+
+                # If more facts are requested, gather them all from Cobbler
+                if self.facts_level == "as_rendered":
+                    for i, host in enumerate(data):
+                        self.display.vvvv(f"Gathering all facts for {host['name']}\n")
+                        if self.token is not None:
+                            data[i] = self.cobbler.get_system_as_rendered(host['name'], self.token)
+                        else:
+                            data[i] = self.cobbler.get_system_as_rendered(host['name'])
            except (socket.gaierror, socket.error, xmlrpc_client.ProtocolError):
                self._reload_cache()
            else:
@@ -229,6 +251,17 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):

        # get connection host
        self.cobbler_url = self.get_option('url')
+        self.display.vvvv(f'Connecting to {self.cobbler_url}\n')
+
+        if 'connection_timeout' in self._options:
+            self.cobbler = xmlrpc_client.Server(self.cobbler_url, allow_none=True,
+                                                transport=TimeoutTransport(timeout=self.get_option('connection_timeout')))
+        else:
+            self.cobbler = xmlrpc_client.Server(self.cobbler_url, allow_none=True)
+        self.token = None
+        if self.get_option('user') is not None:
+            self.token = self.cobbler.login(text_type(self.get_option('user')), text_type(self.get_option('password')))
+
        self.cache_key = self.get_cache_key(path)
        self.use_cache = cache and self.get_option('cache')

@@ -238,6 +271,7 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
        self.include_profiles = self.get_option('include_profiles')
        self.group_by = self.get_option('group_by')
        self.inventory_hostname = self.get_option('inventory_hostname')
+        self.facts_level = self.get_option('facts_level')

        for profile in self._get_profiles():
            if profile['parent']:
@@ -319,7 +353,7 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):

            # Add host to groups specified by group_by fields
            for group_by in self.group_by:
-                if host[group_by] == '<<inherit>>':
+                if host[group_by] == '<<inherit>>' or host[group_by] == '':
                    groups = []
                else:
                    groups = [host[group_by]] if isinstance(host[group_by], str) else host[group_by]
--- a/plugins/inventory/gitlab_runners.py
+++ b/plugins/inventory/gitlab_runners.py
@@ -7,56 +7,56 @@
 from __future__ import annotations


-DOCUMENTATION = '''
-    name: gitlab_runners
-    author:
-      - Stefan Heitmüller (@morph027) <stefan.heitmueller@gmx.com>
-    short_description: Ansible dynamic inventory plugin for GitLab runners.
-    requirements:
-        - python-gitlab > 1.8.0
-    extends_documentation_fragment:
-        - constructed
-    description:
-        - Reads inventories from the GitLab API.
-        - Uses a YAML configuration file gitlab_runners.[yml|yaml].
-    options:
-        plugin:
-            description: The name of this plugin, it should always be set to 'gitlab_runners' for this plugin to recognize it as its own.
-            type: str
-            required: true
-            choices:
-              - gitlab_runners
-              - community.general.gitlab_runners
-        server_url:
-            description: The URL of the GitLab server, with protocol (i.e. http or https).
-            env:
-              - name: GITLAB_SERVER_URL
-                version_added: 1.0.0
-            type: str
-            required: true
-        api_token:
-            description: GitLab token for logging in.
-            env:
-              - name: GITLAB_API_TOKEN
-                version_added: 1.0.0
-            type: str
-            aliases:
-              - private_token
-              - access_token
-        filter:
-            description: filter runners from GitLab API
-            env:
-              - name: GITLAB_FILTER
-                version_added: 1.0.0
-            type: str
-            choices: ['active', 'paused', 'online', 'specific', 'shared']
-        verbose_output:
-            description: Toggle to (not) include all available nodes metadata
-            type: bool
-            default: true
-'''
+DOCUMENTATION = r"""
+name: gitlab_runners
+author:
+  - Stefan Heitmüller (@morph027) <stefan.heitmueller@gmx.com>
+short_description: Ansible dynamic inventory plugin for GitLab runners.
+requirements:
+  - python-gitlab > 1.8.0
+extends_documentation_fragment:
+  - constructed
+description:
+  - Reads inventories from the GitLab API.
+  - Uses a YAML configuration file gitlab_runners.[yml|yaml].
+options:
+  plugin:
+    description: The name of this plugin, it should always be set to 'gitlab_runners' for this plugin to recognize it as its own.
+    type: str
+    required: true
+    choices:
+      - gitlab_runners
+      - community.general.gitlab_runners
+  server_url:
+    description: The URL of the GitLab server, with protocol (i.e. http or https).
+    env:
+      - name: GITLAB_SERVER_URL
+        version_added: 1.0.0
+    type: str
+    required: true
+  api_token:
+    description: GitLab token for logging in.
+    env:
+      - name: GITLAB_API_TOKEN
+        version_added: 1.0.0
+    type: str
+    aliases:
+      - private_token
+      - access_token
+  filter:
+    description: filter runners from GitLab API
+    env:
+      - name: GITLAB_FILTER
+        version_added: 1.0.0
+    type: str
+    choices: ['active', 'paused', 'online', 'specific', 'shared']
+  verbose_output:
+    description: Toggle to (not) include all available nodes metadata
+    type: bool
+    default: true
+"""

-EXAMPLES = '''
+EXAMPLES = r"""
 ---
 # gitlab_runners.yml
 plugin: community.general.gitlab_runners
@@ -79,7 +79,7 @@ keyed_groups:
  # hint: labels containing special characters will be converted to safe names
  - key: 'tag_list'
    prefix: tag
-'''
+"""

 from ansible.errors import AnsibleError, AnsibleParserError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
--- a/plugins/inventory/icinga2.py
+++ b/plugins/inventory/icinga2.py
@@ -6,71 +6,71 @@
 from __future__ import annotations


-DOCUMENTATION = '''
-    name: icinga2
-    short_description: Icinga2 inventory source
-    version_added: 3.7.0
-    author:
-        - Cliff Hults (@BongoEADGC6) <cliff.hults@gmail.com>
+DOCUMENTATION = r"""
+name: icinga2
+short_description: Icinga2 inventory source
+version_added: 3.7.0
+author:
+  - Cliff Hults (@BongoEADGC6) <cliff.hults@gmail.com>
+description:
+  - Get inventory hosts from the Icinga2 API.
+  - "Uses a configuration file as an inventory source, it must end in
+    C(.icinga2.yml) or C(.icinga2.yaml)."
+extends_documentation_fragment:
+  - constructed
+options:
+  strict:
+    version_added: 4.4.0
+  compose:
+    version_added: 4.4.0
+  groups:
+    version_added: 4.4.0
+  keyed_groups:
+    version_added: 4.4.0
+  plugin:
+    description: Name of the plugin.
+    required: true
+    type: string
+    choices: ['community.general.icinga2']
+  url:
+    description: Root URL of Icinga2 API.
+    type: string
+    required: true
+  user:
+    description: Username to query the API.
+    type: string
+    required: true
+  password:
+    description: Password to query the API.
+    type: string
+    required: true
+  host_filter:
    description:
-        - Get inventory hosts from the Icinga2 API.
-        - "Uses a configuration file as an inventory source, it must end in
-          C(.icinga2.yml) or C(.icinga2.yaml)."
-    extends_documentation_fragment:
-        - constructed
-    options:
-      strict:
-        version_added: 4.4.0
-      compose:
-        version_added: 4.4.0
-      groups:
-        version_added: 4.4.0
-      keyed_groups:
-        version_added: 4.4.0
-      plugin:
-        description: Name of the plugin.
-        required: true
-        type: string
-        choices: ['community.general.icinga2']
-      url:
-        description: Root URL of Icinga2 API.
-        type: string
-        required: true
-      user:
-        description: Username to query the API.
-        type: string
-        required: true
-      password:
-        description: Password to query the API.
-        type: string
-        required: true
-      host_filter:
-        description:
-          - An Icinga2 API valid host filter. Leave blank for no filtering
-        type: string
-        required: false
-      validate_certs:
-        description: Enables or disables SSL certificate verification.
-        type: boolean
-        default: true
-      inventory_attr:
-        description:
-          - Allows the override of the inventory name based on different attributes.
-          - This allows for changing the way limits are used.
-          - The current default, V(address), is sometimes not unique or present. We recommend to use V(name) instead.
-        type: string
-        default: address
-        choices: ['name', 'display_name', 'address']
-        version_added: 4.2.0
-      group_by_hostgroups:
-        description:
-          - Uses Icinga2 hostgroups as groups.
-        type: boolean
-        default: true
-        version_added: 8.4.0
-'''
+      - An Icinga2 API valid host filter. Leave blank for no filtering
+    type: string
+    required: false
+  validate_certs:
+    description: Enables or disables SSL certificate verification.
+    type: boolean
+    default: true
+  inventory_attr:
+    description:
+      - Allows the override of the inventory name based on different attributes.
+      - This allows for changing the way limits are used.
+      - The current default, V(address), is sometimes not unique or present. We recommend to use V(name) instead.
+    type: string
+    default: address
+    choices: ['name', 'display_name', 'address']
+    version_added: 4.2.0
+  group_by_hostgroups:
+    description:
+      - Uses Icinga2 hostgroups as groups.
+    type: boolean
+    default: true
+    version_added: 8.4.0
+"""

-EXAMPLES = r'''
+EXAMPLES = r"""
 # my.icinga2.yml
 plugin: community.general.icinga2
 url: http://localhost:5665
@@ -93,7 +93,7 @@ compose:
  # set 'ansible_user' and 'ansible_port' from icinga2 host vars
  ansible_user: icinga2_attributes.vars.ansible_user
  ansible_port: icinga2_attributes.vars.ansible_port | default(22)
-'''
+"""

 import json

@@ -291,11 +291,11 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
        self.group_by_hostgroups = self.get_option('group_by_hostgroups')

        if self.templar.is_template(self.icinga2_url):
-            self.icinga2_url = self.templar.template(variable=self.icinga2_url, disable_lookups=False)
+            self.icinga2_url = self.templar.template(variable=self.icinga2_url)
        if self.templar.is_template(self.icinga2_user):
-            self.icinga2_user = self.templar.template(variable=self.icinga2_user, disable_lookups=False)
+            self.icinga2_user = self.templar.template(variable=self.icinga2_user)
        if self.templar.is_template(self.icinga2_password):
-            self.icinga2_password = self.templar.template(variable=self.icinga2_password, disable_lookups=False)
+            self.icinga2_password = self.templar.template(variable=self.icinga2_password)

        self.icinga2_url = f"{self.icinga2_url.rstrip('/')}/v1"

--- a/plugins/inventory/iocage.py
+++ b/plugins/inventory/iocage.py
@@ -6,85 +6,99 @@

 from __future__ import annotations

-DOCUMENTATION = '''
-    name: iocage
-    short_description: iocage inventory source
-    version_added: 10.2.0
-    author:
-        - Vladimir Botka (@vbotka)
-    requirements:
-        - iocage >= 1.8
+DOCUMENTATION = r"""
+name: iocage
+short_description: iocage inventory source
+version_added: 10.2.0
+author:
+  - Vladimir Botka (@vbotka)
+requirements:
+  - iocage >= 1.8
+description:
+  - Get inventory hosts from the iocage jail manager running on O(host).
+  - By default, O(host) is V(localhost). If O(host) is not V(localhost) it
+    is expected that the user running Ansible on the controller can
+    connect to the O(host) account O(user) with SSH non-interactively and
+    execute the command C(iocage list).
+  - Uses a configuration file as an inventory source, it must end
+    in C(.iocage.yml) or C(.iocage.yaml).
+extends_documentation_fragment:
+  - ansible.builtin.constructed
+  - ansible.builtin.inventory_cache
+options:
+  plugin:
    description:
-        - Get inventory hosts from the iocage jail manager running on O(host).
-        - By default, O(host) is V(localhost). If O(host) is not V(localhost) it
-          is expected that the user running Ansible on the controller can
-          connect to the O(host) account O(user) with SSH non-interactively and
-          execute the command C(iocage list).
-        - Uses a configuration file as an inventory source, it must end
-          in C(.iocage.yml) or C(.iocage.yaml).
-    extends_documentation_fragment:
-        - ansible.builtin.constructed
-        - ansible.builtin.inventory_cache
-    options:
-        plugin:
-            description:
-              - The name of this plugin, it should always be set to
-                V(community.general.iocage) for this plugin to recognize
-                it as its own.
-            required: true
-            choices: ['community.general.iocage']
-            type: str
-        host:
-            description: The IP/hostname of the C(iocage) host.
-            type: str
-            default: localhost
-        user:
-            description:
-              - C(iocage) user.
-                It is expected that the O(user) is able to connect to the
-                O(host) with SSH and execute the command C(iocage list).
-                This option is not required if O(host) is V(localhost).
-            type: str
-        sudo:
-            description:
-              - Enable execution as root.
-              - This requires passwordless sudo of the command C(iocage list*).
-            type: bool
-            default: false
-            version_added: 10.3.0
-        sudo_preserve_env:
-            description:
-              - Preserve environment if O(sudo) is enabled.
-              - This requires C(SETENV) sudoers tag.
-            type: bool
-            default: false
-            version_added: 10.3.0
-        get_properties:
-            description:
-              - Get jails' properties.
-                Creates dictionary C(iocage_properties) for each added host.
-            type: bool
-            default: false
-        env:
-            description:
-              - O(user)'s environment on O(host).
-              - Enable O(sudo_preserve_env) if O(sudo) is enabled.
-            type: dict
-            default: {}
-    notes:
-      - You might want to test the command C(ssh user@host iocage list -l) on
-        the controller before using this inventory plugin with O(user) specified
-        and with O(host) other than V(localhost).
-      - If you run this inventory plugin on V(localhost) C(ssh) is not used.
-        In this case, test the command C(iocage list -l).
-      - This inventory plugin creates variables C(iocage_*) for each added host.
-      - The values of these variables are collected from the output of the
-        command C(iocage list -l).
-      - The names of these variables correspond to the output columns.
-      - The column C(NAME) is used to name the added host.
-'''
+      - The name of this plugin, it should always be set to
+        V(community.general.iocage) for this plugin to recognize
+        it as its own.
+    required: true
+    choices: ['community.general.iocage']
+    type: str
+  host:
+    description: The IP/hostname of the C(iocage) host.
+    type: str
+    default: localhost
+  user:
+    description:
+      - C(iocage) user.
+        It is expected that the O(user) is able to connect to the
+        O(host) with SSH and execute the command C(iocage list).
+        This option is not required if O(host) is V(localhost).
+    type: str
+  sudo:
+    description:
+      - Enable execution as root.
+      - This requires passwordless sudo of the command C(iocage list*).
+    type: bool
+    default: false
+    version_added: 10.3.0
+  sudo_preserve_env:
+    description:
+      - Preserve environment if O(sudo) is enabled.
+      - This requires C(SETENV) sudoers tag.
+    type: bool
+    default: false
+    version_added: 10.3.0
+  get_properties:
+    description:
+      - Get jails' properties.
+        Creates dictionary C(iocage_properties) for each added host.
+    type: bool
+    default: false
+  env:
+    description:
+      - O(user)'s environment on O(host).
+      - Enable O(sudo_preserve_env) if O(sudo) is enabled.
+    type: dict
+    default: {}
+  hooks_results:
+    description:
+      - List of paths to the files in a jail.
+      - Content of the files is stored in the items of the list C(iocage_hooks).
+      - If a file is not available the item keeps the dash character C(-).
+      - The variable C(iocage_hooks) is not created if O(hooks_results) is empty.
+    type: list
+    elements: path
+    version_added: 10.4.0
+notes:
+  - You might want to test the command C(ssh user@host iocage list -l) on
+    the controller before using this inventory plugin with O(user) specified
+    and with O(host) other than V(localhost).
+  - If you run this inventory plugin on V(localhost) C(ssh) is not used.
+    In this case, test the command C(iocage list -l).
+  - This inventory plugin creates variables C(iocage_*) for each added host.
+  - The values of these variables are collected from the output of the
+    command C(iocage list -l).
+  - The names of these variables correspond to the output columns.
+  - The column C(NAME) is used to name the added host.
+  - The option O(hooks_results) expects the C(poolname) of a jail is mounted to
+    C(/poolname). For example, if you activate the pool C(iocage) this plugin
+    expects to find the O(hooks_results) items in the path
+    C(/iocage/iocage/jails/<name>/root). If you mount the C(poolname) to a
+    different path the easiest remedy is to create a symlink.
+"""

-EXAMPLES = '''
+EXAMPLES = r"""
 ---
 # file name must end with iocage.yaml or iocage.yml
 plugin: community.general.iocage
@@ -142,7 +156,19 @@ keyed_groups:
    key: iocage_release
  - prefix: state
    key: iocage_state
-'''
+
+---
+# Read the file /var/db/dhclient-hook.address.epair0b in the jails and use it as ansible_host
+plugin: community.general.iocage
+host: 10.1.0.73
+user: admin
+hooks_results:
+  - /var/db/dhclient-hook.address.epair0b
+compose:
+  ansible_host: iocage_hooks.0
+groups:
+  test: inventory_hostname.startswith('test')
+"""

 import re
 import os
@@ -226,6 +252,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
        sudo_preserve_env = self.get_option('sudo_preserve_env')
        env = self.get_option('env')
        get_properties = self.get_option('get_properties')
+        hooks_results = self.get_option('hooks_results')

        cmd = []
        my_env = os.environ.copy()
@@ -286,6 +313,50 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):

                self.get_properties(t_stdout, results, hostname)

+        if hooks_results:
+            cmd_get_pool = cmd.copy()
+            cmd_get_pool.append(self.IOCAGE)
+            cmd_get_pool.append('get')
+            cmd_get_pool.append('--pool')
+            try:
+                p = Popen(cmd_get_pool, stdout=PIPE, stderr=PIPE, env=my_env)
+                stdout, stderr = p.communicate()
+                if p.returncode != 0:
+                    raise AnsibleError(
+                        f'Failed to run cmd={cmd_get_pool}, rc={p.returncode}, stderr={to_native(stderr)}')
+                try:
+                    iocage_pool = to_text(stdout, errors='surrogate_or_strict').strip()
+                except UnicodeError as e:
+                    raise AnsibleError(f'Invalid (non unicode) input returned: {e}') from e
+            except Exception as e:
+                raise AnsibleError(f'Failed to get pool: {e}') from e
+
+            for hostname, host_vars in results['_meta']['hostvars'].items():
+                iocage_hooks = []
+                for hook in hooks_results:
+                    path = "/" + iocage_pool + "/iocage/jails/" + hostname + "/root" + hook
+                    cmd_cat_hook = cmd.copy()
+                    cmd_cat_hook.append('cat')
+                    cmd_cat_hook.append(path)
+                    try:
+                        p = Popen(cmd_cat_hook, stdout=PIPE, stderr=PIPE, env=my_env)
+                        stdout, stderr = p.communicate()
+                        if p.returncode != 0:
+                            iocage_hooks.append('-')
+                            continue
+
+                        try:
+                            iocage_hook = to_text(stdout, errors='surrogate_or_strict').strip()
+                        except UnicodeError as e:
+                            raise AnsibleError(f'Invalid (non unicode) input returned: {e}') from e
+
+                    except Exception:
+                        iocage_hooks.append('-')
+                    else:
+                        iocage_hooks.append(iocage_hook)
+
+                results['_meta']['hostvars'][hostname]['iocage_hooks'] = iocage_hooks
+
        return results

    def get_jails(self, t_stdout, results):
--- a/plugins/inventory/linode.py
+++ b/plugins/inventory/linode.py
@@ -5,79 +5,79 @@

 from __future__ import annotations

-DOCUMENTATION = r'''
-    name: linode
-    author:
-      - Luke Murphy (@decentral1se)
-    short_description: Ansible dynamic inventory plugin for Linode.
-    requirements:
-        - linode_api4 >= 2.0.0
-    description:
-        - Reads inventories from the Linode API v4.
-        - Uses a YAML configuration file that ends with linode.(yml|yaml).
-        - Linode labels are used by default as the hostnames.
-        - The default inventory groups are built from groups (deprecated by
-          Linode) and not tags.
-    extends_documentation_fragment:
-        - constructed
-        - inventory_cache
-    options:
-        cache:
-            version_added: 4.5.0
-        cache_plugin:
-            version_added: 4.5.0
-        cache_timeout:
-            version_added: 4.5.0
-        cache_connection:
-            version_added: 4.5.0
-        cache_prefix:
-            version_added: 4.5.0
-        plugin:
-            description: Marks this as an instance of the 'linode' plugin.
-            type: string
-            required: true
-            choices: ['linode', 'community.general.linode']
-        ip_style:
-            description: Populate hostvars with all information available from the Linode APIv4.
-            type: string
-            default: plain
-            choices:
-                - plain
-                - api
-            version_added: 3.6.0
-        access_token:
-            description: The Linode account personal access token.
-            type: string
-            required: true
-            env:
-                - name: LINODE_ACCESS_TOKEN
-        regions:
-          description: Populate inventory with instances in this region.
-          default: []
-          type: list
-          elements: string
-        tags:
-          description: Populate inventory only with instances which have at least one of the tags listed here.
-          default: []
-          type: list
-          elements: string
-          version_added: 2.0.0
-        types:
-          description: Populate inventory with instances with this type.
-          default: []
-          type: list
-          elements: string
-        strict:
-          version_added: 2.0.0
-        compose:
-          version_added: 2.0.0
-        groups:
-          version_added: 2.0.0
-        keyed_groups:
-          version_added: 2.0.0
-'''
+DOCUMENTATION = r"""
+name: linode
+author:
+  - Luke Murphy (@decentral1se)
+short_description: Ansible dynamic inventory plugin for Linode.
+requirements:
+  - linode_api4 >= 2.0.0
+description:
+  - Reads inventories from the Linode API v4.
+  - Uses a YAML configuration file that ends with linode.(yml|yaml).
+  - Linode labels are used by default as the hostnames.
+  - The default inventory groups are built from groups (deprecated by
+    Linode) and not tags.
+extends_documentation_fragment:
+  - constructed
+  - inventory_cache
+options:
+  cache:
+    version_added: 4.5.0
+  cache_plugin:
+    version_added: 4.5.0
+  cache_timeout:
+    version_added: 4.5.0
+  cache_connection:
+    version_added: 4.5.0
+  cache_prefix:
+    version_added: 4.5.0
+  plugin:
+    description: Marks this as an instance of the 'linode' plugin.
+    type: string
+    required: true
+    choices: ['linode', 'community.general.linode']
+  ip_style:
+    description: Populate hostvars with all information available from the Linode APIv4.
+    type: string
+    default: plain
+    choices:
+      - plain
+      - api
+    version_added: 3.6.0
+  access_token:
+    description: The Linode account personal access token.
+    type: string
+    required: true
+    env:
+      - name: LINODE_ACCESS_TOKEN
+  regions:
+    description: Populate inventory with instances in this region.
+    default: []
+    type: list
+    elements: string
+  tags:
+    description: Populate inventory only with instances which have at least one of the tags listed here.
+    default: []
+    type: list
+    elements: string
+    version_added: 2.0.0
+  types:
+    description: Populate inventory with instances with this type.
+    default: []
+    type: list
+    elements: string
+  strict:
+    version_added: 2.0.0
+  compose:
+    version_added: 2.0.0
+  groups:
+    version_added: 2.0.0
+  keyed_groups:
+    version_added: 2.0.0
+"""

-EXAMPLES = r'''
+EXAMPLES = r"""
 ---
 # Minimal example. `LINODE_ACCESS_TOKEN` is exposed in environment.
 plugin: community.general.linode
@@ -124,7 +124,7 @@ access_token: foobar
 ip_style: api
 compose:
  ansible_host: "ipv4 | community.general.json_query('[?public==`false`].address') | first"
-'''
+"""

 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
@@ -150,7 +150,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):

        access_token = self.get_option('access_token')
        if self.templar.is_template(access_token):
-            access_token = self.templar.template(variable=access_token, disable_lookups=False)
+            access_token = self.templar.template(variable=access_token)

        if access_token is None:
            raise AnsibleError((
--- a/plugins/inventory/lxd.py
+++ b/plugins/inventory/lxd.py
@@ -5,108 +5,108 @@

 from __future__ import annotations

-DOCUMENTATION = r'''
-    name: lxd
-    short_description: Returns Ansible inventory from lxd host
+DOCUMENTATION = r"""
+name: lxd
+short_description: Returns Ansible inventory from lxd host
+description:
+  - Get inventory from the lxd.
+  - Uses a YAML configuration file that ends with 'lxd.(yml|yaml)'.
+version_added: "3.0.0"
+author: "Frank Dornheim (@conloos)"
+requirements:
+  - ipaddress
+  - lxd >= 4.0
+options:
+  plugin:
+    description: Token that ensures this is a source file for the 'lxd' plugin.
+    type: string
+    required: true
+    choices: ['community.general.lxd']
+  url:
    description:
-        - Get inventory from the lxd.
-        - Uses a YAML configuration file that ends with 'lxd.(yml|yaml)'.
-    version_added: "3.0.0"
-    author: "Frank Dornheim (@conloos)"
-    requirements:
-        - ipaddress
-        - lxd >= 4.0
-    options:
-        plugin:
-            description: Token that ensures this is a source file for the 'lxd' plugin.
-            type: string
-            required: true
-            choices: [ 'community.general.lxd' ]
-        url:
-            description:
-            - The unix domain socket path or the https URL for the lxd server.
-            - Sockets in filesystem have to start with C(unix:).
-            - Mostly C(unix:/var/lib/lxd/unix.socket) or C(unix:/var/snap/lxd/common/lxd/unix.socket).
-            type: string
-            default: unix:/var/snap/lxd/common/lxd/unix.socket
-        client_key:
-            description:
-            - The client certificate key file path.
-            aliases: [ key_file ]
-            default: $HOME/.config/lxc/client.key
-            type: path
-        client_cert:
-            description:
-            - The client certificate file path.
-            aliases: [ cert_file ]
-            default: $HOME/.config/lxc/client.crt
-            type: path
-        server_cert:
-            description:
-            - The server certificate file path.
-            type: path
-            version_added: 8.0.0
-        server_check_hostname:
-            description:
-            - This option controls if the server's hostname is checked as part of the HTTPS connection verification.
-              This can be useful to disable, if for example, the server certificate provided (see O(server_cert) option)
-              does not cover a name matching the one used to communicate with the server. Such mismatch is common as LXD
-              generates self-signed server certificates by default.
-            type: bool
-            default: true
-            version_added: 8.0.0
-        trust_password:
-            description:
-            - The client trusted password.
-            - You need to set this password on the lxd server before
-                running this module using the following command
-                C(lxc config set core.trust_password <some random password>)
-                See U(https://documentation.ubuntu.com/lxd/en/latest/authentication/#adding-client-certificates-using-a-trust-password).
-            - If O(trust_password) is set, this module send a request for authentication before sending any requests.
-            type: str
-        state:
-            description: Filter the instance according to the current status.
-            type: str
-            default: none
-            choices: [ 'STOPPED', 'STARTING', 'RUNNING', 'none' ]
-        project:
-            description: Filter the instance according to the given project.
-            type: str
-            default: default
-            version_added: 6.2.0
-        type_filter:
-            description:
-            - Filter the instances by type V(virtual-machine), V(container) or V(both).
-            - The first version of the inventory only supported containers.
-            type: str
-            default: container
-            choices: [ 'virtual-machine', 'container', 'both' ]
-            version_added: 4.2.0
-        prefered_instance_network_interface:
-            description:
-            - If an instance has multiple network interfaces, select which one is the preferred as pattern.
-            - Combined with the first number that can be found e.g. 'eth' + 0.
-            - The option has been renamed from O(prefered_container_network_interface) to O(prefered_instance_network_interface)
-              in community.general 3.8.0. The old name still works as an alias.
-            type: str
-            default: eth
-            aliases:
-              - prefered_container_network_interface
-        prefered_instance_network_family:
-            description:
-            - If an instance has multiple network interfaces, which one is the preferred by family.
-            - Specify V(inet) for IPv4 and V(inet6) for IPv6.
-            type: str
-            default: inet
-            choices: [ 'inet', 'inet6' ]
-        groupby:
-            description:
-            - Create groups by the following keywords C(location), C(network_range), C(os), C(pattern), C(profile), C(release), C(type), C(vlanid).
-            - See example for syntax.
-            type: dict
-'''
+      - The unix domain socket path or the https URL for the lxd server.
+      - Sockets in filesystem have to start with C(unix:).
+      - Mostly C(unix:/var/lib/lxd/unix.socket) or C(unix:/var/snap/lxd/common/lxd/unix.socket).
+    type: string
+    default: unix:/var/snap/lxd/common/lxd/unix.socket
+  client_key:
+    description:
+      - The client certificate key file path.
+    aliases: [key_file]
+    default: $HOME/.config/lxc/client.key
+    type: path
+  client_cert:
+    description:
+      - The client certificate file path.
+    aliases: [cert_file]
+    default: $HOME/.config/lxc/client.crt
+    type: path
+  server_cert:
+    description:
+      - The server certificate file path.
+    type: path
+    version_added: 8.0.0
+  server_check_hostname:
+    description:
+      - This option controls if the server's hostname is checked as part of the HTTPS connection verification.
+        This can be useful to disable, if for example, the server certificate provided (see O(server_cert) option)
+        does not cover a name matching the one used to communicate with the server. Such mismatch is common as LXD
+        generates self-signed server certificates by default.
+    type: bool
+    default: true
+    version_added: 8.0.0
+  trust_password:
+    description:
+      - The client trusted password.
+      - You need to set this password on the lxd server before
+          running this module using the following command
+          C(lxc config set core.trust_password <some random password>)
+          See U(https://documentation.ubuntu.com/lxd/en/latest/authentication/#adding-client-certificates-using-a-trust-password).
+      - If O(trust_password) is set, this module send a request for authentication before sending any requests.
+    type: str
+  state:
+    description: Filter the instance according to the current status.
+    type: str
+    default: none
+    choices: ['STOPPED', 'STARTING', 'RUNNING', 'none']
+  project:
+    description: Filter the instance according to the given project.
+    type: str
+    default: default
+    version_added: 6.2.0
+  type_filter:
+    description:
+      - Filter the instances by type V(virtual-machine), V(container) or V(both).
+      - The first version of the inventory only supported containers.
+    type: str
+    default: container
+    choices: ['virtual-machine', 'container', 'both']
+    version_added: 4.2.0
+  prefered_instance_network_interface:
+    description:
+      - If an instance has multiple network interfaces, select which one is the preferred as pattern.
+      - Combined with the first number that can be found e.g. 'eth' + 0.
+      - The option has been renamed from O(prefered_container_network_interface) to O(prefered_instance_network_interface)
+        in community.general 3.8.0. The old name still works as an alias.
+    type: str
+    default: eth
+    aliases:
+      - prefered_container_network_interface
+  prefered_instance_network_family:
+    description:
+      - If an instance has multiple network interfaces, which one is the preferred by family.
+      - Specify V(inet) for IPv4 and V(inet6) for IPv6.
+    type: str
+    default: inet
+    choices: ['inet', 'inet6']
+  groupby:
+    description:
+      - Create groups by the following keywords C(location), C(network_range), C(os), C(pattern), C(profile), C(release), C(type), C(vlanid).
+      - See example for syntax.
+    type: dict
+"""

-EXAMPLES = '''
+EXAMPLES = r"""
 ---
 # simple lxd.yml
 plugin: community.general.lxd
@@ -165,7 +165,7 @@ groupby:
  projectInternals:
    type: project
    attribute: internals
-'''
+"""

 import json
 import re
--- a/plugins/inventory/nmap.py
+++ b/plugins/inventory/nmap.py
@@ -5,97 +5,102 @@

 from __future__ import annotations

-DOCUMENTATION = '''
-    author: Unknown (!UNKNOWN)
-    name: nmap
-    short_description: Uses nmap to find hosts to target
+DOCUMENTATION = r"""
+author: Unknown (!UNKNOWN)
+name: nmap
+short_description: Uses nmap to find hosts to target
+description:
+  - Uses a YAML configuration file with a valid YAML extension.
+extends_documentation_fragment:
+  - constructed
+  - inventory_cache
+requirements:
+  - nmap CLI installed
+options:
+  plugin:
+    description: token that ensures this is a source file for the 'nmap' plugin.
+    type: string
+    required: true
+    choices: ['nmap', 'community.general.nmap']
+  sudo:
+    description: Set to V(true) to execute a C(sudo nmap) plugin scan.
+    version_added: 4.8.0
+    default: false
+    type: boolean
+  address:
+    description: Network IP or range of IPs to scan, you can use a simple range (10.2.2.15-25) or CIDR notation.
+    type: string
+    required: true
+    env:
+      - name: ANSIBLE_NMAP_ADDRESS
+        version_added: 6.6.0
+  exclude:
    description:
-        - Uses a YAML configuration file with a valid YAML extension.
-    extends_documentation_fragment:
-      - constructed
-      - inventory_cache
-    requirements:
-      - nmap CLI installed
-    options:
-        plugin:
-            description: token that ensures this is a source file for the 'nmap' plugin.
-            type: string
-            required: true
-            choices: ['nmap', 'community.general.nmap']
-        sudo:
-            description: Set to V(true) to execute a C(sudo nmap) plugin scan.
-            version_added: 4.8.0
-            default: false
-            type: boolean
-        address:
-            description: Network IP or range of IPs to scan, you can use a simple range (10.2.2.15-25) or CIDR notation.
-            type: string
-            required: true
-            env:
-                - name: ANSIBLE_NMAP_ADDRESS
-                  version_added: 6.6.0
-        exclude:
-            description:
-              - List of addresses to exclude.
-              - For example V(10.2.2.15-25) or V(10.2.2.15,10.2.2.16).
-            type: list
-            elements: string
-            env:
-                - name: ANSIBLE_NMAP_EXCLUDE
-                  version_added: 6.6.0
-        port:
-            description:
-                - Only scan specific port or port range (C(-p)).
-                - For example, you could pass V(22) for a single port, V(1-65535) for a range of ports,
-                  or V(U:53,137,T:21-25,139,8080,S:9) to check port 53 with UDP, ports 21-25 with TCP, port 9 with SCTP, and ports 137, 139, and 8080 with all.
-            type: string
-            version_added: 6.5.0
-        ports:
-            description: Enable/disable scanning ports.
-            type: boolean
-            default: true
-        ipv4:
-            description: use IPv4 type addresses
-            type: boolean
-            default: true
-        ipv6:
-            description: use IPv6 type addresses
-            type: boolean
-            default: true
-        udp_scan:
-            description:
-                - Scan via UDP.
-                - Depending on your system you might need O(sudo=true) for this to work.
-            type: boolean
-            default: false
-            version_added: 6.1.0
-        icmp_timestamp:
-            description:
-                - Scan via ICMP Timestamp (C(-PP)).
-                - Depending on your system you might need O(sudo=true) for this to work.
-            type: boolean
-            default: false
-            version_added: 6.1.0
-        open:
-            description: Only scan for open (or possibly open) ports.
-            type: boolean
-            default: false
-            version_added: 6.5.0
-        dns_resolve:
-            description: Whether to always (V(true)) or never (V(false)) do DNS resolution.
-            type: boolean
-            default: false
-            version_added: 6.1.0
-        use_arp_ping:
-            description: Whether to always (V(true)) use the quick ARP ping or (V(false)) a slower but more reliable method.
-            type: boolean
-            default: true
-            version_added: 7.4.0
-    notes:
-        - At least one of O(ipv4) or O(ipv6) is required to be V(true); both can be V(true), but they cannot both be V(false).
-        - 'TODO: add OS fingerprinting'
-'''
-EXAMPLES = '''
+      - List of addresses to exclude.
+      - For example V(10.2.2.15-25) or V(10.2.2.15,10.2.2.16).
+    type: list
+    elements: string
+    env:
+      - name: ANSIBLE_NMAP_EXCLUDE
+        version_added: 6.6.0
+  port:
+    description:
+      - Only scan specific port or port range (C(-p)).
+      - For example, you could pass V(22) for a single port, V(1-65535) for a range of ports,
+        or V(U:53,137,T:21-25,139,8080,S:9) to check port 53 with UDP, ports 21-25 with TCP, port 9 with SCTP, and ports 137, 139, and 8080 with all.
+    type: string
+    version_added: 6.5.0
+  ports:
+    description: Enable/disable scanning ports.
+    type: boolean
+    default: true
+  ipv4:
+    description: use IPv4 type addresses
+    type: boolean
+    default: true
+  ipv6:
+    description: use IPv6 type addresses
+    type: boolean
+    default: true
+  udp_scan:
+    description:
+      - Scan via UDP.
+      - Depending on your system you might need O(sudo=true) for this to work.
+    type: boolean
+    default: false
+    version_added: 6.1.0
+  icmp_timestamp:
+    description:
+      - Scan via ICMP Timestamp (C(-PP)).
+      - Depending on your system you might need O(sudo=true) for this to work.
+    type: boolean
+    default: false
+    version_added: 6.1.0
+  open:
+    description: Only scan for open (or possibly open) ports.
+    type: boolean
+    default: false
+    version_added: 6.5.0
+  dns_resolve:
+    description: Whether to always (V(true)) or never (V(false)) do DNS resolution.
+    type: boolean
+    default: false
+    version_added: 6.1.0
+  dns_servers:
+    description: Specify which DNS servers to use for name resolution.
+    type: list
+    elements: string
+    version_added: 10.5.0
+  use_arp_ping:
+    description: Whether to always (V(true)) use the quick ARP ping or (V(false)) a slower but more reliable method.
+    type: boolean
+    default: true
+    version_added: 7.4.0
+notes:
+  - At least one of O(ipv4) or O(ipv6) is required to be V(true); both can be V(true), but they cannot both be V(false).
+  - 'TODO: add OS fingerprinting'
+"""
+EXAMPLES = r"""
 ---
 # inventory.config file in YAML format
 plugin: community.general.nmap
@@ -117,7 +122,7 @@ exclude: 192.168.0.1, web.example.com
 port: 22, 443
 groups:
  web_servers: "ports | selectattr('port', 'equalto', '443')"
-'''
+"""

 import os
 import re
@@ -231,6 +236,10 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
            if self.get_option('dns_resolve'):
                cmd.append('-n')

+            if self.get_option('dns_servers'):
+                cmd.append('--dns-servers')
+                cmd.append(','.join(self.get_option('dns_servers')))
+
            if self.get_option('udp_scan'):
                cmd.append('-sU')

--- a/plugins/inventory/online.py
+++ b/plugins/inventory/online.py
@@ -5,49 +5,49 @@

 from __future__ import annotations

-DOCUMENTATION = r'''
-    name: online
-    author:
-      - Remy Leone (@remyleone)
-    short_description: Scaleway (previously Online SAS or Online.net) inventory source
-    description:
-        - Get inventory hosts from Scaleway (previously Online SAS or Online.net).
-    options:
-        plugin:
-            description: token that ensures this is a source file for the 'online' plugin.
-            type: string
-            required: true
-            choices: ['online', 'community.general.online']
-        oauth_token:
-            required: true
-            description: Online OAuth token.
-            type: string
-            env:
-                # in order of precedence
-                - name: ONLINE_TOKEN
-                - name: ONLINE_API_KEY
-                - name: ONLINE_OAUTH_TOKEN
-        hostnames:
-            description: List of preference about what to use as an hostname.
-            type: list
-            elements: string
-            default:
-                - public_ipv4
-            choices:
-                - public_ipv4
-                - private_ipv4
-                - hostname
-        groups:
-            description: List of groups.
-            type: list
-            elements: string
-            choices:
-                - location
-                - offer
-                - rpn
-'''
+DOCUMENTATION = r"""
+name: online
+author:
+  - Remy Leone (@remyleone)
+short_description: Scaleway (previously Online SAS or Online.net) inventory source
+description:
+  - Get inventory hosts from Scaleway (previously Online SAS or Online.net).
+options:
+  plugin:
+    description: token that ensures this is a source file for the 'online' plugin.
+    type: string
+    required: true
+    choices: ['online', 'community.general.online']
+  oauth_token:
+    required: true
+    description: Online OAuth token.
+    type: string
+    env:
+      # in order of precedence
+      - name: ONLINE_TOKEN
+      - name: ONLINE_API_KEY
+      - name: ONLINE_OAUTH_TOKEN
+  hostnames:
+    description: List of preference about what to use as an hostname.
+    type: list
+    elements: string
+    default:
+      - public_ipv4
+    choices:
+      - public_ipv4
+      - private_ipv4
+      - hostname
+  groups:
+    description: List of groups.
+    type: list
+    elements: string
+    choices:
+      - location
+      - offer
+      - rpn
+"""

-EXAMPLES = r'''
+EXAMPLES = r"""
 # online_inventory.yml file in YAML format
 # Example command line: ansible-inventory --list -i online_inventory.yml

@@ -58,7 +58,7 @@ groups:
  - location
  - offer
  - rpn
-'''
+"""

 import json
 from sys import version as python_version
--- a/plugins/inventory/opennebula.py
+++ b/plugins/inventory/opennebula.py
@@ -6,77 +6,77 @@
 from __future__ import annotations


-DOCUMENTATION = r'''
-    name: opennebula
-    author:
-        - Kristian Feldsam (@feldsam)
-    short_description: OpenNebula inventory source
-    version_added: "3.8.0"
-    extends_documentation_fragment:
-        - constructed
+DOCUMENTATION = r"""
+name: opennebula
+author:
+  - Kristian Feldsam (@feldsam)
+short_description: OpenNebula inventory source
+version_added: "3.8.0"
+extends_documentation_fragment:
+  - constructed
+description:
+  - Get inventory hosts from OpenNebula cloud.
+  - Uses an YAML configuration file ending with either C(opennebula.yml) or C(opennebula.yaml)
+    to set parameter values.
+  - Uses O(api_authfile), C(~/.one/one_auth), or E(ONE_AUTH) pointing to a OpenNebula credentials file.
+options:
+  plugin:
+    description: Token that ensures this is a source file for the 'opennebula' plugin.
+    type: string
+    required: true
+    choices: [community.general.opennebula]
+  api_url:
    description:
-        - Get inventory hosts from OpenNebula cloud.
-        - Uses an YAML configuration file ending with either C(opennebula.yml) or C(opennebula.yaml)
-          to set parameter values.
-        - Uses O(api_authfile), C(~/.one/one_auth), or E(ONE_AUTH) pointing to a OpenNebula credentials file.
-    options:
-        plugin:
-            description: Token that ensures this is a source file for the 'opennebula' plugin.
-            type: string
-            required: true
-            choices: [ community.general.opennebula ]
-        api_url:
-            description:
-              - URL of the OpenNebula RPC server.
-              - It is recommended to use HTTPS so that the username/password are not
-                transferred over the network unencrypted.
-              - If not set then the value of the E(ONE_URL) environment variable is used.
-            env:
-              - name: ONE_URL
-            required: true
-            type: string
-        api_username:
-            description:
-              - Name of the user to login into the OpenNebula RPC server. If not set
-                then the value of the E(ONE_USERNAME) environment variable is used.
-            env:
-              - name: ONE_USERNAME
-            type: string
-        api_password:
-            description:
-              - Password or a token of the user to login into OpenNebula RPC server.
-              - If not set, the value of the E(ONE_PASSWORD) environment variable is used.
-            env:
-              - name: ONE_PASSWORD
-            required: false
-            type: string
-        api_authfile:
-            description:
-              - If both O(api_username) or O(api_password) are not set, then it will try
-                authenticate with ONE auth file. Default path is C(~/.one/one_auth).
-              - Set environment variable E(ONE_AUTH) to override this path.
-            env:
-              - name: ONE_AUTH
-            required: false
-            type: string
-        hostname:
-            description: Field to match the hostname. Note V(v4_first_ip) corresponds to the first IPv4 found on VM.
-            type: string
-            default: v4_first_ip
-            choices:
-                - v4_first_ip
-                - v6_first_ip
-                - name
-        filter_by_label:
-            description: Only return servers filtered by this label.
-            type: string
-        group_by_labels:
-            description: Create host groups by vm labels
-            type: bool
-            default: true
-'''
+      - URL of the OpenNebula RPC server.
+      - It is recommended to use HTTPS so that the username/password are not
+        transferred over the network unencrypted.
+      - If not set then the value of the E(ONE_URL) environment variable is used.
+    env:
+      - name: ONE_URL
+    required: true
+    type: string
+  api_username:
+    description:
+      - Name of the user to login into the OpenNebula RPC server. If not set
+        then the value of the E(ONE_USERNAME) environment variable is used.
+    env:
+      - name: ONE_USERNAME
+    type: string
+  api_password:
+    description:
+      - Password or a token of the user to login into OpenNebula RPC server.
+      - If not set, the value of the E(ONE_PASSWORD) environment variable is used.
+    env:
+      - name: ONE_PASSWORD
+    required: false
+    type: string
+  api_authfile:
+    description:
+      - If both O(api_username) or O(api_password) are not set, then it will try
+        authenticate with ONE auth file. Default path is C(~/.one/one_auth).
+      - Set environment variable E(ONE_AUTH) to override this path.
+    env:
+      - name: ONE_AUTH
+    required: false
+    type: string
+  hostname:
+    description: Field to match the hostname. Note V(v4_first_ip) corresponds to the first IPv4 found on VM.
+    type: string
+    default: v4_first_ip
+    choices:
+      - v4_first_ip
+      - v6_first_ip
+      - name
+  filter_by_label:
+    description: Only return servers filtered by this label.
+    type: string
+  group_by_labels:
+    description: Create host groups by vm labels
+    type: bool
+    default: true
+"""

-EXAMPLES = r'''
+EXAMPLES = r"""
 # inventory_opennebula.yml file in YAML format
 # Example command line: ansible-inventory --list -i inventory_opennebula.yml

@@ -84,7 +84,7 @@ EXAMPLES = r'''
 plugin: community.general.opennebula
 api_url: https://opennebula:2633/RPC2
 filter_by_label: Cache
-'''
+"""

 try:
    import pyone
--- a/plugins/inventory/proxmox.py
+++ b/plugins/inventory/proxmox.py
@@ -155,7 +155,11 @@ user: ci@pve
 token_id: gitlab-1
 token_secret: fa256e9c-26ab-41ec-82da-707a2c079829

+---
 # The secret can also be a vault string or passed via the environment variable TOKEN_SECRET.
+plugin: community.general.proxmox
+user: ci@pve
+token_id: gitlab-1
 token_secret: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          62353634333163633336343265623632626339313032653563653165313262343931643431656138
@@ -216,7 +220,6 @@ password: "{{ lookup('community.general.random_string', base64=True) }}"
 # Note that this can easily give you wrong values as ansible_host. See further up for
 # an example where this is set to `false` and where ansible_host is set with `compose`.
 want_proxmox_nodes_ansible_host: true
-
 '''

 import itertools
@@ -308,12 +311,17 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):

    def _get_json(self, url, ignore_errors=None):

-        if not self.use_cache or url not in self._cache.get(self.cache_key, {}):
+        data = []
+        has_data = False

-            if self.cache_key not in self._cache:
-                self._cache[self.cache_key] = {'url': ''}
+        if self.use_cache:
+            try:
+                data = self._cache[self.cache_key][url]
+                has_data = True
+            except KeyError:
+                self.update_cache = True

-            data = []
+        if not has_data:
            s = self._get_session()
            while True:
                ret = s.get(url, headers=self.headers)
@@ -339,9 +347,8 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
                        data = data + json['data']
                    break

-            self._cache[self.cache_key][url] = data
-
-        return make_unsafe(self._cache[self.cache_key][url])
+        self._results[url] = data
+        return make_unsafe(data)

    def _get_nodes(self):
        return self._get_json(f"{self.proxmox_url}/api2/json/nodes")
@@ -362,11 +369,26 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
    def _get_node_ip(self, node):
        ret = self._get_json(f"{self.proxmox_url}/api2/json/nodes/{node}/network")

+        # sort interface by iface name to make selection as stable as possible
+        ret.sort(key=lambda x: x['iface'])
+
        for iface in ret:
            try:
+                # only process interfaces adhering to these rules
+                if 'active' not in iface:
+                    self.display.vvv(f"Interface {iface['iface']} on node {node} does not have an active state")
+                    continue
+                if 'address' not in iface:
+                    self.display.vvv(f"Interface {iface['iface']} on node {node} does not have an address")
+                    continue
+                if 'gateway' not in iface:
+                    self.display.vvv(f"Interface {iface['iface']} on node {node} does not have a gateway")
+                    continue
+                self.display.vv(f"Using interface {iface['iface']} on node {node} with address {iface['address']} as node ip for ansible_host")
                return iface['address']
            except Exception:
-                return None
+                continue
+        return None

    def _get_lxc_interfaces(self, properties, node, vmid):
        status_key = self._fact('status')
@@ -680,10 +702,14 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
        self.exclude_nodes = self.get_option('exclude_nodes')
        self.cache_key = self.get_cache_key(path)
        self.use_cache = cache and self.get_option('cache')
+        self.update_cache = not cache and self.get_option('cache')
        self.host_filters = self.get_option('filters')
        self.group_prefix = self.get_option('group_prefix')
        self.facts_prefix = self.get_option('facts_prefix')
        self.strict = self.get_option('strict')

        # actually populate inventory
+        self._results = {}
        self._populate()
+        if self.update_cache:
+            self._cache[self.cache_key] = self._results
--- a/plugins/inventory/scaleway.py
+++ b/plugins/inventory/scaleway.py
@@ -6,73 +6,73 @@
 from __future__ import annotations


-DOCUMENTATION = r'''
-    name: scaleway
-    author:
-      - Remy Leone (@remyleone)
-    short_description: Scaleway inventory source
+DOCUMENTATION = r"""
+name: scaleway
+author:
+  - Remy Leone (@remyleone)
+short_description: Scaleway inventory source
+description:
+  - Get inventory hosts from Scaleway.
+requirements:
+  - PyYAML
+options:
+  plugin:
+    description: Token that ensures this is a source file for the 'scaleway' plugin.
+    required: true
+    type: string
+    choices: ['scaleway', 'community.general.scaleway']
+  regions:
+    description: Filter results on a specific Scaleway region.
+    type: list
+    elements: string
+    default:
+      - ams1
+      - par1
+      - par2
+      - waw1
+  tags:
+    description: Filter results on a specific tag.
+    type: list
+    elements: string
+  scw_profile:
    description:
-        - Get inventory hosts from Scaleway.
-    requirements:
-        - PyYAML
-    options:
-        plugin:
-            description: Token that ensures this is a source file for the 'scaleway' plugin.
-            required: true
-            type: string
-            choices: ['scaleway', 'community.general.scaleway']
-        regions:
-            description: Filter results on a specific Scaleway region.
-            type: list
-            elements: string
-            default:
-                - ams1
-                - par1
-                - par2
-                - waw1
-        tags:
-            description: Filter results on a specific tag.
-            type: list
-            elements: string
-        scw_profile:
-            description:
-            - The config profile to use in config file.
-            - By default uses the one specified as C(active_profile) in the config file, or falls back to V(default) if that is not defined.
-            type: string
-            version_added: 4.4.0
-        oauth_token:
-            description:
-            - Scaleway OAuth token.
-            - If not explicitly defined or in environment variables, it will try to lookup in the scaleway-cli configuration file
-              (C($SCW_CONFIG_PATH), C($XDG_CONFIG_HOME/scw/config.yaml), or C(~/.config/scw/config.yaml)).
-            - More details on L(how to generate token, https://www.scaleway.com/en/docs/generate-api-keys/).
-            type: string
-            env:
-                # in order of precedence
-                - name: SCW_TOKEN
-                - name: SCW_API_KEY
-                - name: SCW_OAUTH_TOKEN
-        hostnames:
-            description: List of preference about what to use as an hostname.
-            type: list
-            elements: string
-            default:
-                - public_ipv4
-            choices:
-                - public_ipv4
-                - private_ipv4
-                - public_ipv6
-                - hostname
-                - id
-        variables:
-            description: 'Set individual variables: keys are variable names and
-                          values are templates. Any value returned by the
-                          L(Scaleway API, https://developer.scaleway.com/#servers-server-get)
-                          can be used.'
-            type: dict
-'''
+      - The config profile to use in config file.
+      - By default uses the one specified as C(active_profile) in the config file, or falls back to V(default) if that is not defined.
+    type: string
+    version_added: 4.4.0
+  oauth_token:
+    description:
+      - Scaleway OAuth token.
+      - If not explicitly defined or in environment variables, it will try to lookup in the scaleway-cli configuration file
+        (C($SCW_CONFIG_PATH), C($XDG_CONFIG_HOME/scw/config.yaml), or C(~/.config/scw/config.yaml)).
+      - More details on L(how to generate token, https://www.scaleway.com/en/docs/generate-api-keys/).
+    type: string
+    env:
+      # in order of precedence
+      - name: SCW_TOKEN
+      - name: SCW_API_KEY
+      - name: SCW_OAUTH_TOKEN
+  hostnames:
+    description: List of preference about what to use as an hostname.
+    type: list
+    elements: string
+    default:
+      - public_ipv4
+    choices:
+      - public_ipv4
+      - private_ipv4
+      - public_ipv6
+      - hostname
+      - id
+  variables:
+    description: 'Set individual variables: keys are variable names and
+                  values are templates. Any value returned by the
+                  L(Scaleway API, https://developer.scaleway.com/#servers-server-get)
+                  can be used.'
+    type: dict
+"""

-EXAMPLES = r'''
+EXAMPLES = r"""
 # scaleway_inventory.yml file in YAML format
 # Example command line: ansible-inventory --list -i scaleway_inventory.yml

@@ -110,7 +110,7 @@ variables:
  ansible_host: public_ip.address
  ansible_connection: "'ssh'"
  ansible_user: "'admin'"
-'''
+"""

 import os
 import json
--- a/plugins/inventory/stackpath_compute.py
+++ b/plugins/inventory/stackpath_compute.py
@@ -6,60 +6,60 @@

 from __future__ import annotations

-DOCUMENTATION = '''
-    name: stackpath_compute
-    short_description: StackPath Edge Computing inventory source
-    version_added: 1.2.0
-    author:
-        - UNKNOWN (@shayrybak)
-    extends_documentation_fragment:
-        - inventory_cache
-        - constructed
+DOCUMENTATION = r"""
+name: stackpath_compute
+short_description: StackPath Edge Computing inventory source
+version_added: 1.2.0
+author:
+  - UNKNOWN (@shayrybak)
+deprecated:
+  removed_in: 11.0.0
+  why: Stackpath (the company) ceased its operations in June 2024. The API URL this plugin relies on is not found in DNS.
+  alternative: There is none.
+extends_documentation_fragment:
+  - inventory_cache
+  - constructed
+description:
+  - Get inventory hosts from StackPath Edge Computing.
+  - Uses a YAML configuration file that ends with stackpath_compute.(yml|yaml).
+options:
+  plugin:
    description:
-        - Get inventory hosts from StackPath Edge Computing.
-        - Uses a YAML configuration file that ends with stackpath_compute.(yml|yaml).
-    options:
-        plugin:
-            description:
-                - A token that ensures this is a source file for the plugin.
-            required: true
-            type: string
-            choices: ['community.general.stackpath_compute']
-        client_id:
-            description:
-                - An OAuth client ID generated from the API Management section of the StackPath customer portal
-                  U(https://control.stackpath.net/api-management).
-            required: true
-            type: str
-        client_secret:
-            description:
-                - An OAuth client secret generated from the API Management section of the StackPath customer portal
-                  U(https://control.stackpath.net/api-management).
-            required: true
-            type: str
-        stack_slugs:
-            description:
-                - A list of Stack slugs to query instances in. If no entry then get instances in all stacks on the account.
-            type: list
-            elements: str
-        use_internal_ip:
-            description:
-                - Whether or not to use internal IP addresses, If false, uses external IP addresses, internal otherwise.
-                - If an instance doesn't have an external IP it will not be returned when this option is set to false.
-            type: bool
-'''
+      - A token that ensures this is a source file for the plugin.
+    required: true
+    type: string
+    choices: ['community.general.stackpath_compute']
+  client_id:
+    description:
+      - An OAuth client ID generated from the API Management section of the StackPath customer portal U(https://control.stackpath.net/api-management).
+    required: true
+    type: str
+  client_secret:
+    description:
+      - An OAuth client secret generated from the API Management section of the StackPath customer portal U(https://control.stackpath.net/api-management).
+    required: true
+    type: str
+  stack_slugs:
+    description:
+      - A list of Stack slugs to query instances in. If no entry then get instances in all stacks on the account.
+    type: list
+    elements: str
+  use_internal_ip:
+    description:
+      - Whether or not to use internal IP addresses, If false, uses external IP addresses, internal otherwise.
+      - If an instance doesn't have an external IP it will not be returned when this option is set to false.
+    type: bool
+"""

-EXAMPLES = '''
-# Example using credentials to fetch all workload instances in a stack.
---
+EXAMPLES = r"""
 plugin: community.general.stackpath_compute
 client_id: my_client_id
 client_secret: my_client_secret
 stack_slugs:
- my_first_stack_slug
- my_other_stack_slug
+  - my_first_stack_slug
+  - my_other_stack_slug
 use_internal_ip: false
-'''
+"""

 import traceback
 import json
--- a/plugins/inventory/virtualbox.py
+++ b/plugins/inventory/virtualbox.py
@@ -5,56 +5,56 @@

 from __future__ import annotations

-DOCUMENTATION = '''
-    author: Unknown (!UNKNOWN)
-    name: virtualbox
-    short_description: virtualbox inventory source
+DOCUMENTATION = r"""
+author: Unknown (!UNKNOWN)
+name: virtualbox
+short_description: virtualbox inventory source
+description:
+  - Get inventory hosts from the local virtualbox installation.
+  - Uses a YAML configuration file that ends with virtualbox.(yml|yaml) or vbox.(yml|yaml).
+  - The inventory_hostname is always the 'Name' of the virtualbox instance.
+  - Groups can be assigned to the VMs using C(VBoxManage). Multiple groups can be assigned by using V(/) as a delimeter.
+  - A separate parameter, O(enable_advanced_group_parsing) is exposed to change grouping behaviour. See the parameter documentation for details.
+extends_documentation_fragment:
+  - constructed
+  - inventory_cache
+options:
+  plugin:
+    description: token that ensures this is a source file for the 'virtualbox' plugin
+    type: string
+    required: true
+    choices: ['virtualbox', 'community.general.virtualbox']
+  running_only:
+    description: toggles showing all vms vs only those currently running
+    type: boolean
+    default: false
+  settings_password_file:
+    description: provide a file containing the settings password (equivalent to --settingspwfile)
+    type: string
+  network_info_path:
+    description: property path to query for network information (ansible_host)
+    type: string
+    default: "/VirtualBox/GuestInfo/Net/0/V4/IP"
+  query:
+    description: create vars from virtualbox properties
+    type: dictionary
+    default: {}
+  enable_advanced_group_parsing:
    description:
-        - Get inventory hosts from the local virtualbox installation.
-        - Uses a YAML configuration file that ends with virtualbox.(yml|yaml) or vbox.(yml|yaml).
-        - The inventory_hostname is always the 'Name' of the virtualbox instance.
-        - Groups can be assigned to the VMs using C(VBoxManage). Multiple groups can be assigned by using V(/) as a delimeter.
-        - A separate parameter, O(enable_advanced_group_parsing) is exposed to change grouping behaviour. See the parameter documentation for details.
-    extends_documentation_fragment:
-      - constructed
-      - inventory_cache
-    options:
-        plugin:
-            description: token that ensures this is a source file for the 'virtualbox' plugin
-            type: string
-            required: true
-            choices: ['virtualbox', 'community.general.virtualbox']
-        running_only:
-            description: toggles showing all vms vs only those currently running
-            type: boolean
-            default: false
-        settings_password_file:
-            description: provide a file containing the settings password (equivalent to --settingspwfile)
-            type: string
-        network_info_path:
-            description: property path to query for network information (ansible_host)
-            type: string
-            default: "/VirtualBox/GuestInfo/Net/0/V4/IP"
-        query:
-            description: create vars from virtualbox properties
-            type: dictionary
-            default: {}
-        enable_advanced_group_parsing:
-            description:
-              - The default group parsing rule (when this setting is set to V(false)) is to split the VirtualBox VM's group based on the V(/) character and
-                assign the resulting list elements as an Ansible Group.
-              - Setting O(enable_advanced_group_parsing=true) changes this behaviour to match VirtualBox's interpretation of groups according to
-                U(https://www.virtualbox.org/manual/UserManual.html#gui-vmgroups).
-                Groups are now split using the V(,) character, and the V(/) character indicates nested groups.
-              - When enabled, a VM that's been configured using V(VBoxManage modifyvm "vm01" --groups "/TestGroup/TestGroup2,/TestGroup3") will result in
-                the group C(TestGroup2) being a child group of C(TestGroup); and
-                the VM being a part of C(TestGroup2) and C(TestGroup3).
-            default: false
-            type: bool
-            version_added: 9.2.0
-'''
+      - The default group parsing rule (when this setting is set to V(false)) is to split the VirtualBox VM's group based on the V(/) character and
+        assign the resulting list elements as an Ansible Group.
+      - Setting O(enable_advanced_group_parsing=true) changes this behaviour to match VirtualBox's interpretation of groups according to
+        U(https://www.virtualbox.org/manual/UserManual.html#gui-vmgroups).
+        Groups are now split using the V(,) character, and the V(/) character indicates nested groups.
+      - When enabled, a VM that's been configured using V(VBoxManage modifyvm "vm01" --groups "/TestGroup/TestGroup2,/TestGroup3") will result in
+        the group C(TestGroup2) being a child group of C(TestGroup); and
+        the VM being a part of C(TestGroup2) and C(TestGroup3).
+    default: false
+    type: bool
+    version_added: 9.2.0
+"""

-EXAMPLES = '''
+EXAMPLES = r"""
 ---
 # file must be named vbox.yaml or vbox.yml
 plugin: community.general.virtualbox
@@ -69,7 +69,7 @@ compose:
 plugin: community.general.virtualbox
 groups:
  container: "'minis' in (inventory_hostname)"
-'''
+"""

 import os

--- a/plugins/inventory/xen_orchestra.py
+++ b/plugins/inventory/xen_orchestra.py
@@ -5,62 +5,81 @@

 from __future__ import annotations

-DOCUMENTATION = '''
-    name: xen_orchestra
-    short_description: Xen Orchestra inventory source
-    version_added: 4.1.0
-    author:
-        - Dom Del Nano (@ddelnano) <ddelnano@gmail.com>
-        - Samori Gorse (@shinuza) <samorigorse@gmail.com>
-    requirements:
-        - websocket-client >= 1.0.0
+DOCUMENTATION = r"""
+name: xen_orchestra
+short_description: Xen Orchestra inventory source
+version_added: 4.1.0
+author:
+  - Dom Del Nano (@ddelnano) <ddelnano@gmail.com>
+  - Samori Gorse (@shinuza) <samorigorse@gmail.com>
+requirements:
+  - websocket-client >= 1.0.0
+description:
+  - Get inventory hosts from a Xen Orchestra deployment.
+  - Uses a configuration file as an inventory source, it must end in C(.xen_orchestra.yml) or C(.xen_orchestra.yaml).
+extends_documentation_fragment:
+  - constructed
+  - inventory_cache
+options:
+  plugin:
+    description: The name of this plugin, it should always be set to V(community.general.xen_orchestra) for this plugin to
+      recognize it as its own.
+    required: true
+    choices: ['community.general.xen_orchestra']
+    type: str
+  api_host:
    description:
-        - Get inventory hosts from a Xen Orchestra deployment.
-        - 'Uses a configuration file as an inventory source, it must end in C(.xen_orchestra.yml) or C(.xen_orchestra.yaml).'
-    extends_documentation_fragment:
-        - constructed
-        - inventory_cache
-    options:
-        plugin:
-            description: The name of this plugin, it should always be set to V(community.general.xen_orchestra) for this plugin to recognize it as its own.
-            required: true
-            choices: ['community.general.xen_orchestra']
-            type: str
-        api_host:
-            description:
-                - API host to XOA API.
-                - If the value is not specified in the inventory configuration, the value of environment variable E(ANSIBLE_XO_HOST) will be used instead.
-            type: str
-            env:
-                - name: ANSIBLE_XO_HOST
-        user:
-            description:
-                - Xen Orchestra user.
-                - If the value is not specified in the inventory configuration, the value of environment variable E(ANSIBLE_XO_USER) will be used instead.
-            required: true
-            type: str
-            env:
-                - name: ANSIBLE_XO_USER
-        password:
-            description:
-                - Xen Orchestra password.
-                - If the value is not specified in the inventory configuration, the value of environment variable E(ANSIBLE_XO_PASSWORD) will be used instead.
-            required: true
-            type: str
-            env:
-                - name: ANSIBLE_XO_PASSWORD
-        validate_certs:
-            description: Verify TLS certificate if using HTTPS.
-            type: boolean
-            default: true
-        use_ssl:
-            description: Use wss when connecting to the Xen Orchestra API
-            type: boolean
-            default: true
-'''
+      - API host to XOA API.
+      - If the value is not specified in the inventory configuration, the value of environment variable E(ANSIBLE_XO_HOST)
+        will be used instead.
+    type: str
+    env:
+      - name: ANSIBLE_XO_HOST
+  user:
+    description:
+      - Xen Orchestra user.
+      - If the value is not specified in the inventory configuration, the value of environment variable E(ANSIBLE_XO_USER)
+        will be used instead.
+    required: true
+    type: str
+    env:
+      - name: ANSIBLE_XO_USER
+  password:
+    description:
+      - Xen Orchestra password.
+      - If the value is not specified in the inventory configuration, the value of environment variable E(ANSIBLE_XO_PASSWORD)
+        will be used instead.
+    required: true
+    type: str
+    env:
+      - name: ANSIBLE_XO_PASSWORD
+  validate_certs:
+    description: Verify TLS certificate if using HTTPS.
+    type: boolean
+    default: true
+  use_ssl:
+    description: Use wss when connecting to the Xen Orchestra API.
+    type: boolean
+    default: true
+  use_vm_uuid:
+    description:
+      - Import Xen VMs to inventory using their UUID as the VM entry name.
+      - If set to V(false) use VM name labels instead of UUIDs.
+    type: boolean
+    default: true
+    version_added: 10.4.0
+  use_host_uuid:
+    description:
+      - Import Xen Hosts to inventory using their UUID as the Host entry name.
+      - If set to V(false) use Host name labels instead of UUIDs.
+    type: boolean
+    default: true
+    version_added: 10.4.0
+"""


-EXAMPLES = '''
+EXAMPLES = r"""
+---
 # file must be named xen_orchestra.yaml or xen_orchestra.yml
 plugin: community.general.xen_orchestra
 api_host: 192.168.1.255
@@ -69,11 +88,12 @@ password: xo_pwd
 validate_certs: true
 use_ssl: true
 groups:
-    kube_nodes: "'kube_node' in tags"
+  kube_nodes: "'kube_node' in tags"
 compose:
-    ansible_port: 2222
-
-'''
+  ansible_port: 2222
+use_vm_uuid: false
+use_host_uuid: true
+"""

 import json
 import ssl
@@ -196,10 +216,20 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
        self._set_composite_vars(self.get_option('compose'), variables, name, strict=strict)

    def _add_vms(self, vms, hosts, pools):
+        vm_name_list = []
        for uuid, vm in vms.items():
+            if self.vm_entry_name_type == 'name_label':
+                if vm['name_label'] not in vm_name_list:
+                    entry_name = vm['name_label']
+                    vm_name_list.append(vm['name_label'])
+                else:
+                    vm_duplicate_count = vm_name_list.count(vm['name_label'])
+                    entry_name = vm['name_label'] + "_" + str(vm_duplicate_count)
+                    vm_name_list.append(vm['name_label'])
+            else:
+                entry_name = uuid
            group = 'with_ip'
            ip = vm.get('mainIpAddress')
-            entry_name = uuid
            power_state = vm['power_state'].lower()
            pool_name = self._pool_group_name_for_uuid(pools, vm['$poolId'])
            host_name = self._host_group_name_for_uuid(hosts, vm['$container'])
@@ -246,8 +276,19 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
            self._apply_constructable(entry_name, self.inventory.get_host(entry_name).get_vars())

    def _add_hosts(self, hosts, pools):
+        host_name_list = []
        for host in hosts.values():
-            entry_name = host['uuid']
+            if self.host_entry_name_type == 'name_label':
+                if host['name_label'] not in host_name_list:
+                    entry_name = host['name_label']
+                    host_name_list.append(host['name_label'])
+                else:
+                    host_duplicate_count = host_name_list.count(host['name_label'])
+                    entry_name = host['name_label'] + "_" + str(host_duplicate_count)
+                    host_name_list.append(host['name_label'])
+            else:
+                entry_name = host['uuid']
+
            group_name = f"xo_host_{clean_group_name(host['name_label'])}"
            pool_name = self._pool_group_name_for_uuid(pools, host['$poolId'])

@@ -337,5 +378,13 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
        if not self.get_option('use_ssl'):
            self.protocol = 'ws'

+        self.vm_entry_name_type = 'uuid'
+        if not self.get_option('use_vm_uuid'):
+            self.vm_entry_name_type = 'name_label'
+
+        self.host_entry_name_type = 'uuid'
+        if not self.get_option('use_host_uuid'):
+            self.host_entry_name_type = 'name_label'
+
        objects = self._get_objects()
        self._populate(make_unsafe(objects))
--- a/plugins/lookup/bitwarden.py
+++ b/plugins/lookup/bitwarden.py
@@ -5,52 +5,65 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = """
-    name: bitwarden
-    author:
-      - Jonathan Lung (@lungj) <lungj@heresjono.com>
-    requirements:
-      - bw (command line utility)
-      - be logged into bitwarden
-      - bitwarden vault unlocked
-      - E(BW_SESSION) environment variable set
-    short_description: Retrieve secrets from Bitwarden
-    version_added: 5.4.0
+DOCUMENTATION = r"""
+name: bitwarden
+author:
+  - Jonathan Lung (@lungj) <lungj@heresjono.com>
+requirements:
+  - bw (command line utility)
+  - be logged into bitwarden
+  - bitwarden vault unlocked
+  - E(BW_SESSION) environment variable set
+short_description: Retrieve secrets from Bitwarden
+version_added: 5.4.0
+description:
+  - Retrieve secrets from Bitwarden.
+options:
+  _terms:
+    description: Key(s) to fetch values for from login info.
+    required: true
+    type: list
+    elements: str
+  search:
    description:
-      - Retrieve secrets from Bitwarden.
-    options:
-      _terms:
-        description: Key(s) to fetch values for from login info.
-        required: true
-        type: list
-        elements: str
-      search:
-        description:
-          - Field to retrieve, for example V(name) or V(id).
-          - If set to V(id), only zero or one element can be returned.
-            Use the Jinja C(first) filter to get the only list element.
-          - If set to V(None) or V(''), or if O(_terms) is empty, records are not filtered by fields.
-        type: str
-        default: name
-        version_added: 5.7.0
-      field:
-        description: Field to fetch. Leave unset to fetch whole response.
-        type: str
-      collection_id:
-        description: Collection ID to filter results by collection. Leave unset to skip filtering.
-        type: str
-        version_added: 6.3.0
-      organization_id:
-        description: Organization ID to filter results by organization. Leave unset to skip filtering.
-        type: str
-        version_added: 8.5.0
-      bw_session:
-        description: Pass session key instead of reading from env.
-        type: str
-        version_added: 8.4.0
+      - Field to retrieve, for example V(name) or V(id).
+      - If set to V(id), only zero or one element can be returned. Use the Jinja C(first) filter to get the only list element.
+      - If set to V(None) or V(''), or if O(_terms) is empty, records are not filtered by fields.
+    type: str
+    default: name
+    version_added: 5.7.0
+  field:
+    description: Field to fetch. Leave unset to fetch whole response.
+    type: str
+  collection_id:
+    description:
+      - Collection ID to filter results by collection. Leave unset to skip filtering.
+      - O(collection_id) and O(collection_name) are mutually exclusive.
+    type: str
+    version_added: 6.3.0
+  collection_name:
+    description:
+      - Collection name to filter results by collection. Leave unset to skip filtering.
+      - O(collection_id) and O(collection_name) are mutually exclusive.
+    type: str
+    version_added: 10.4.0
+  organization_id:
+    description: Organization ID to filter results by organization. Leave unset to skip filtering.
+    type: str
+    version_added: 8.5.0
+  bw_session:
+    description: Pass session key instead of reading from env.
+    type: str
+    version_added: 8.4.0
+  result_count:
+    description:
+      - Number of results expected for the lookup query. Task will fail if O(result_count) is set but does not match the number
+        of query results. Leave empty to skip this check.
+    type: int
+    version_added: 10.4.0
 """

-EXAMPLES = """
+EXAMPLES = r"""
 - name: "Get 'password' from all Bitwarden records named 'a_test'"
  ansible.builtin.debug:
    msg: >-
@@ -85,21 +98,31 @@ EXAMPLES = """
  ansible.builtin.debug:
    msg: >-
      {{ lookup('community.general.bitwarden', None, collection_id='bafba515-af11-47e6-abe3-af1200cd18b2') }}
+
+- name: "Get all Bitwarden records from collection"
+  ansible.builtin.debug:
+    msg: >-
+      {{ lookup('community.general.bitwarden', None, collection_name='my_collections/test_collection') }}
+
+- name: "Get Bitwarden record named 'a_test', ensure there is exactly one match"
+  ansible.builtin.debug:
+    msg: >-
+      {{ lookup('community.general.bitwarden', 'a_test', result_count=1) }}
 """

-RETURN = """
-  _raw:
-    description:
-      - A one-element list that contains a list of requested fields or JSON objects of matches.
-      - If you use C(query), you get a list of lists. If you use C(lookup) without C(wantlist=true),
-        this always gets reduced to a list of field values or JSON objects.
-    type: list
-    elements: list
+RETURN = r"""
+_raw:
+  description:
+    - A one-element list that contains a list of requested fields or JSON objects of matches.
+    - If you use C(query), you get a list of lists. If you use C(lookup) without C(wantlist=true), this always gets reduced
+      to a list of field values or JSON objects.
+  type: list
+  elements: list
 """

 from subprocess import Popen, PIPE

-from ansible.errors import AnsibleError
+from ansible.errors import AnsibleError, AnsibleOptionsError
 from ansible.module_utils.common.text.converters import to_bytes, to_text
 from ansible.parsing.ajson import AnsibleJSONDecoder
 from ansible.plugins.lookup import LookupBase
@@ -211,6 +234,24 @@ class Bitwarden(object):

        return field_matches

+    def get_collection_ids(self, collection_name: str, organization_id=None) -> list[str]:
+        """Return matching IDs of collections whose name is equal to collection_name."""
+
+        # Prepare set of params for Bitwarden CLI
+        params = ['list', 'collections', '--search', collection_name]
+
+        if organization_id:
+            params.extend(['--organizationid', organization_id])
+
+        out, err = self._run(params)
+
+        # This includes things that matched in different fields.
+        initial_matches = AnsibleJSONDecoder().raw_decode(out)[0]
+
+        # Filter to only return the ID of a collections with exactly matching name
+        return [item['id'] for item in initial_matches
+                if str(item.get('name')).lower() == collection_name.lower()]
+

 class LookupModule(LookupBase):

@@ -219,7 +260,9 @@ class LookupModule(LookupBase):
        field = self.get_option('field')
        search_field = self.get_option('search')
        collection_id = self.get_option('collection_id')
+        collection_name = self.get_option('collection_name')
        organization_id = self.get_option('organization_id')
+        result_count = self.get_option('result_count')
        _bitwarden.session = self.get_option('bw_session')

        if not _bitwarden.unlocked:
@@ -228,7 +271,27 @@ class LookupModule(LookupBase):
        if not terms:
            terms = [None]

-        return [_bitwarden.get_field(field, term, search_field, collection_id, organization_id) for term in terms]
+        if collection_name and collection_id:
+            raise AnsibleOptionsError("'collection_name' and 'collection_id' are mutually exclusive!")
+        elif collection_name:
+            collection_ids = _bitwarden.get_collection_ids(collection_name, organization_id)
+            if not collection_ids:
+                raise BitwardenException("No matching collections found!")
+        else:
+            collection_ids = [collection_id]
+
+        results = [
+            _bitwarden.get_field(field, term, search_field, collection_id, organization_id)
+            for collection_id in collection_ids
+            for term in terms
+        ]
+
+        for result in results:
+            if result_count is not None and len(result) != result_count:
+                raise BitwardenException(
+                    f"Number of results doesn't match result_count! ({len(result)} != {result_count})")
+
+        return results


 _bitwarden = Bitwarden()
--- a/plugins/lookup/bitwarden_secrets_manager.py
+++ b/plugins/lookup/bitwarden_secrets_manager.py
@@ -6,31 +6,31 @@ from __future__ import (absolute_import, division, print_function)

 __metaclass__ = type

-DOCUMENTATION = """
-    name: bitwarden_secrets_manager
-    author:
-      - jantari (@jantari)
-    requirements:
-      - bws (command line utility)
-    short_description: Retrieve secrets from Bitwarden Secrets Manager
-    version_added: 7.2.0
-    description:
-      - Retrieve secrets from Bitwarden Secrets Manager.
-    options:
-      _terms:
-        description: Secret ID(s) to fetch values for.
-        required: true
-        type: list
-        elements: str
-      bws_access_token:
-        description: The BWS access token to use for this lookup.
-        env:
-          - name: BWS_ACCESS_TOKEN
-        required: true
-        type: str
+DOCUMENTATION = r"""
+name: bitwarden_secrets_manager
+author:
+  - jantari (@jantari)
+requirements:
+  - bws (command line utility)
+short_description: Retrieve secrets from Bitwarden Secrets Manager
+version_added: 7.2.0
+description:
+  - Retrieve secrets from Bitwarden Secrets Manager.
+options:
+  _terms:
+    description: Secret ID(s) to fetch values for.
+    required: true
+    type: list
+    elements: str
+  bws_access_token:
+    description: The BWS access token to use for this lookup.
+    env:
+      - name: BWS_ACCESS_TOKEN
+    required: true
+    type: str
 """

-EXAMPLES = """
+EXAMPLES = r"""
 - name: Get a secret relying on the BWS_ACCESS_TOKEN environment variable for authentication
  ansible.builtin.debug:
    msg: >-
@@ -62,11 +62,11 @@ EXAMPLES = """
      {{ lookup("community.general.bitwarden_secrets_manager", "2bc23e48-4932-40de-a047-5524b7ddc972").value }}
 """

-RETURN = """
-  _raw:
-    description: List containing one or more secrets.
-    type: list
-    elements: dict
+RETURN = r"""
+_raw:
+  description: List containing one or more secrets.
+  type: list
+  elements: dict
 """

 from subprocess import Popen, PIPE
--- a/plugins/lookup/cartesian.py
+++ b/plugins/lookup/cartesian.py
@@ -6,24 +6,24 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    author: Unknown (!UNKNOWN)
-    name: cartesian
-    short_description: returns the cartesian product of lists
+DOCUMENTATION = r"""
+author: Unknown (!UNKNOWN)
+name: cartesian
+short_description: returns the cartesian product of lists
+description:
+  - Takes the input lists and returns a list that represents the product of the input lists.
+  - It is clearer with an example, it turns [1, 2, 3], [a, b] into [1, a], [1, b], [2, a], [2, b], [3, a], [3, b].
+  - You can see the exact syntax in the examples section.
+options:
+  _terms:
    description:
-        - Takes the input lists and returns a list that represents the product of the input lists.
-        - It is clearer with an example, it turns [1, 2, 3], [a, b] into [1, a], [1, b], [2, a], [2, b], [3, a], [3, b].
-         You can see the exact syntax in the examples section.
-    options:
-      _terms:
-        description:
-          - a set of lists
-        type: list
-        elements: list
-        required: true
-'''
+      - A set of lists.
+    type: list
+    elements: list
+    required: true
+"""

-EXAMPLES = """
+EXAMPLES = r"""
 - name: Example of the change in the description
  ansible.builtin.debug:
    msg: "{{ lookup('community.general.cartesian', [1,2,3], [a, b])}}"
@@ -34,15 +34,15 @@ EXAMPLES = """
  with_community.general.cartesian:
    - "{{list1}}"
    - "{{list2}}"
-    - [1,2,3,4,5,6]
+    - [1, 2, 3, 4, 5, 6]
 """

-RETURN = """
-  _list:
-    description:
-      - list of lists composed of elements of the input lists
-    type: list
-    elements: list
+RETURN = r"""
+_list:
+  description:
+    - List of lists composed of elements of the input lists.
+  type: list
+  elements: list
 """

 from itertools import product
--- a/plugins/lookup/chef_databag.py
+++ b/plugins/lookup/chef_databag.py
@@ -6,42 +6,41 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    author: Unknown (!UNKNOWN)
-    name: chef_databag
-    short_description: fetches data from a Chef Databag
+DOCUMENTATION = r"""
+author: Unknown (!UNKNOWN)
+name: chef_databag
+short_description: fetches data from a Chef Databag
+description:
+  - 'This is a lookup plugin to provide access to chef data bags using the pychef package. It interfaces with the chef server
+    API using the same methods to find a knife or chef-client config file to load parameters from, starting from either the
+    given base path or the current working directory. The lookup order mirrors the one from Chef, all folders in the base
+    path are walked back looking for the following configuration file in order: C(.chef/knife.rb), C(~/.chef/knife.rb), C(/etc/chef/client.rb).'
+requirements:
+  - "pychef (L(Python library, https://pychef.readthedocs.io), C(pip install pychef))"
+options:
+  name:
    description:
-       - "This is a lookup plugin to provide access to chef data bags using the pychef package.
-         It interfaces with the chef server api using the same methods to find a knife or chef-client config file to load parameters from,
-         starting from either the given base path or the current working directory.
-         The lookup order mirrors the one from Chef, all folders in the base path are walked back looking for the following configuration
-         file in order : .chef/knife.rb, ~/.chef/knife.rb, /etc/chef/client.rb"
-    requirements:
-        - "pychef (L(Python library, https://pychef.readthedocs.io), C(pip install pychef))"
-    options:
-        name:
-          description:
-            - Name of the databag
-          type: string
-          required: true
-        item:
-          description:
-            - Item to fetch
-          type: string
-          required: true
-'''
-
-EXAMPLES = """
-    - ansible.builtin.debug:
-        msg: "{{ lookup('community.general.chef_databag', 'name=data_bag_name item=data_bag_item') }}"
+      - Name of the databag.
+    type: string
+    required: true
+  item:
+    description:
+      - Item to fetch.
+    type: string
+    required: true
 """

-RETURN = """
-  _raw:
-    description:
-      - The value from the databag.
-    type: list
-    elements: dict
+EXAMPLES = r"""
+- ansible.builtin.debug:
+    msg: "{{ lookup('community.general.chef_databag', 'name=data_bag_name item=data_bag_item') }}"
+"""
+
+RETURN = r"""
+_raw:
+  description:
+    - The value from the databag.
+  type: list
+  elements: dict
 """

 from ansible.errors import AnsibleError
--- a/plugins/lookup/collection_version.py
+++ b/plugins/lookup/collection_version.py
@@ -5,18 +5,17 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = """
+DOCUMENTATION = r"""
 name: collection_version
 author: Felix Fontein (@felixfontein)
 version_added: "4.0.0"
 short_description: Retrieves the version of an installed collection
 description:
-  - This lookup allows to query the version of an installed collection, and to determine whether a
-    collection is installed at all.
-  - By default it returns V(none) for non-existing collections and V(*) for collections without a
-    version number. The latter should only happen in development environments, or when installing
-    a collection from git which has no version in its C(galaxy.yml). This behavior can be adjusted
-    by providing other values with O(result_not_found) and O(result_no_version).
+  - This lookup allows to query the version of an installed collection, and to determine whether a collection is installed
+    at all.
+  - By default it returns V(none) for non-existing collections and V(*) for collections without a version number. The latter
+    should only happen in development environments, or when installing a collection from git which has no version in its C(galaxy.yml).
+    This behavior can be adjusted by providing other values with O(result_not_found) and O(result_no_version).
 options:
  _terms:
    description:
@@ -34,30 +33,27 @@ options:
  result_no_version:
    description:
      - The value to return when the collection has no version number.
-      - This can happen for collections installed from git which do not have a version number
-        in C(galaxy.yml).
+      - This can happen for collections installed from git which do not have a version number in C(galaxy.yml).
      - By default, V(*) is returned.
    type: string
    default: '*'
 """

-EXAMPLES = """
+EXAMPLES = r"""
 - name: Check version of community.general
  ansible.builtin.debug:
    msg: "community.general version {{ lookup('community.general.collection_version', 'community.general') }}"
 """

-RETURN = """
-  _raw:
-    description:
-      - The version number of the collections listed as input.
-      - If a collection can not be found, it will return the value provided in O(result_not_found).
-        By default, this is V(none).
-      - If a collection can be found, but the version not identified, it will return the value provided in
-        O(result_no_version). By default, this is V(*). This can happen for collections installed
-        from git which do not have a version number in V(galaxy.yml).
-    type: list
-    elements: str
+RETURN = r"""
+_raw:
+  description:
+    - The version number of the collections listed as input.
+    - If a collection can not be found, it will return the value provided in O(result_not_found). By default, this is V(none).
+    - If a collection can be found, but the version not identified, it will return the value provided in O(result_no_version).
+      By default, this is V(*). This can happen for collections installed from git which do not have a version number in V(galaxy.yml).
+  type: list
+  elements: str
 """

 import json
--- a/plugins/lookup/consul_kv.py
+++ b/plugins/lookup/consul_kv.py
@@ -7,109 +7,109 @@ from __future__ import (absolute_import, division, print_function)

 __metaclass__ = type

-DOCUMENTATION = '''
-    author: Unknown (!UNKNOWN)
-    name: consul_kv
-    short_description: Fetch metadata from a Consul key value store.
+DOCUMENTATION = r"""
+author: Unknown (!UNKNOWN)
+name: consul_kv
+short_description: Fetch metadata from a Consul key value store
+description:
+  - Lookup metadata for a playbook from the key value store in a Consul cluster. Values can be easily set in the kv store
+    with simple rest commands.
+  - C(curl -X PUT -d 'some-value' http://localhost:8500/v1/kv/ansible/somedata).
+requirements:
+  - 'python-consul python library U(https://python-consul.readthedocs.io/en/latest/#installation)'
+options:
+  _raw:
+    description: List of key(s) to retrieve.
+    type: list
+    elements: string
+  recurse:
+    type: boolean
+    description: If true, will retrieve all the values that have the given key as prefix.
+    default: false
+  index:
    description:
-      - Lookup metadata for a playbook from the key value store in a Consul cluster.
-        Values can be easily set in the kv store with simple rest commands
-      - C(curl -X PUT -d 'some-value' http://localhost:8500/v1/kv/ansible/somedata)
-    requirements:
-      - 'python-consul python library U(https://python-consul.readthedocs.io/en/latest/#installation)'
-    options:
-      _raw:
-        description: List of key(s) to retrieve.
-        type: list
-        elements: string
-      recurse:
-        type: boolean
-        description: If true, will retrieve all the values that have the given key as prefix.
-        default: false
-      index:
-        description:
-          - If the key has a value with the specified index then this is returned allowing access to historical values.
-        type: int
-      datacenter:
-        description:
-          - Retrieve the key from a consul datacenter other than the default for the consul host.
-        type: str
-      token:
-        description: The acl token to allow access to restricted values.
-        type: str
-      host:
-        default: localhost
-        type: str
-        description:
-          - The target to connect to, must be a resolvable address.
-          - Will be determined from E(ANSIBLE_CONSUL_URL) if that is set.
-        ini:
-          - section: lookup_consul
-            key: host
-      port:
-        description:
-          - The port of the target host to connect to.
-          - If you use E(ANSIBLE_CONSUL_URL) this value will be used from there.
-        type: int
-        default: 8500
-      scheme:
-        default: http
-        type: str
-        description:
-          - Whether to use http or https.
-          - If you use E(ANSIBLE_CONSUL_URL) this value will be used from there.
-      validate_certs:
-        default: true
-        description: Whether to verify the TLS connection or not.
-        type: bool
-        env:
-          - name: ANSIBLE_CONSUL_VALIDATE_CERTS
-        ini:
-          - section: lookup_consul
-            key: validate_certs
-      client_cert:
-        description: The client cert to verify the TLS connection.
-        type: str
-        env:
-          - name: ANSIBLE_CONSUL_CLIENT_CERT
-        ini:
-          - section: lookup_consul
-            key: client_cert
-      url:
-        description:
-          - The target to connect to.
-          - "Should look like this: V(https://my.consul.server:8500)."
-        type: str
-        version_added: 1.0.0
-        env:
-          - name: ANSIBLE_CONSUL_URL
-        ini:
-          - section: lookup_consul
-            key: url
-'''
-
-EXAMPLES = """
-  - ansible.builtin.debug:
-      msg: 'key contains {{item}}'
-    with_community.general.consul_kv:
-      - 'key/to/retrieve'
-
-  - name: Parameters can be provided after the key be more specific about what to retrieve
-    ansible.builtin.debug:
-      msg: 'key contains {{item}}'
-    with_community.general.consul_kv:
-      - 'key/to recurse=true token=E6C060A9-26FB-407A-B83E-12DDAFCB4D98'
-
-  - name: retrieving a KV from a remote cluster on non default port
-    ansible.builtin.debug:
-      msg: "{{ lookup('community.general.consul_kv', 'my/key', host='10.10.10.10', port=2000) }}"
+      - If the key has a value with the specified index then this is returned allowing access to historical values.
+    type: int
+  datacenter:
+    description:
+      - Retrieve the key from a consul datacenter other than the default for the consul host.
+    type: str
+  token:
+    description: The acl token to allow access to restricted values.
+    type: str
+  host:
+    default: localhost
+    type: str
+    description:
+      - The target to connect to, must be a resolvable address.
+      - Will be determined from E(ANSIBLE_CONSUL_URL) if that is set.
+    ini:
+      - section: lookup_consul
+        key: host
+  port:
+    description:
+      - The port of the target host to connect to.
+      - If you use E(ANSIBLE_CONSUL_URL) this value will be used from there.
+    type: int
+    default: 8500
+  scheme:
+    default: http
+    type: str
+    description:
+      - Whether to use http or https.
+      - If you use E(ANSIBLE_CONSUL_URL) this value will be used from there.
+  validate_certs:
+    default: true
+    description: Whether to verify the TLS connection or not.
+    type: bool
+    env:
+      - name: ANSIBLE_CONSUL_VALIDATE_CERTS
+    ini:
+      - section: lookup_consul
+        key: validate_certs
+  client_cert:
+    description: The client cert to verify the TLS connection.
+    type: str
+    env:
+      - name: ANSIBLE_CONSUL_CLIENT_CERT
+    ini:
+      - section: lookup_consul
+        key: client_cert
+  url:
+    description:
+      - The target to connect to.
+      - 'Should look like this: V(https://my.consul.server:8500).'
+    type: str
+    version_added: 1.0.0
+    env:
+      - name: ANSIBLE_CONSUL_URL
+    ini:
+      - section: lookup_consul
+        key: url
 """

-RETURN = """
-  _raw:
-    description:
-      - Value(s) stored in consul.
-    type: dict
+EXAMPLES = r"""
+- ansible.builtin.debug:
+    msg: 'key contains {{item}}'
+  with_community.general.consul_kv:
+    - 'key/to/retrieve'
+
+- name: Parameters can be provided after the key be more specific about what to retrieve
+  ansible.builtin.debug:
+    msg: 'key contains {{item}}'
+  with_community.general.consul_kv:
+    - 'key/to recurse=true token=E6C060A9-26FB-407A-B83E-12DDAFCB4D98'
+
+- name: retrieving a KV from a remote cluster on non default port
+  ansible.builtin.debug:
+    msg: "{{ lookup('community.general.consul_kv', 'my/key', host='10.10.10.10', port=2000) }}"
+"""
+
+RETURN = r"""
+_raw:
+  description:
+    - Value(s) stored in consul.
+  type: dict
 """

 from ansible.module_utils.six.moves.urllib.parse import urlparse
--- a/plugins/lookup/credstash.py
+++ b/plugins/lookup/credstash.py
@@ -6,54 +6,54 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    author: Unknown (!UNKNOWN)
-    name: credstash
-    short_description: retrieve secrets from Credstash on AWS
-    requirements:
-      - credstash (python library)
-    description:
-      - "Credstash is a small utility for managing secrets using AWS's KMS and DynamoDB: https://github.com/fugue/credstash"
-    options:
-      _terms:
-        description: term or list of terms to lookup in the credit store
-        type: list
-        elements: string
-        required: true
-      table:
-        description: name of the credstash table to query
-        type: str
-        default: 'credential-store'
-      version:
-        description: Credstash version
-        type: str
-        default: ''
-      region:
-        description: AWS region
-        type: str
-      profile_name:
-        description: AWS profile to use for authentication
-        type: str
-        env:
-          - name: AWS_PROFILE
-      aws_access_key_id:
-        description: AWS access key ID
-        type: str
-        env:
-          - name: AWS_ACCESS_KEY_ID
-      aws_secret_access_key:
-        description: AWS access key
-        type: str
-        env:
-          - name: AWS_SECRET_ACCESS_KEY
-      aws_session_token:
-        description: AWS session token
-        type: str
-        env:
-          - name: AWS_SESSION_TOKEN
-'''
+DOCUMENTATION = r"""
+author: Unknown (!UNKNOWN)
+name: credstash
+short_description: retrieve secrets from Credstash on AWS
+requirements:
+  - credstash (python library)
+description:
+  - "Credstash is a small utility for managing secrets using AWS's KMS and DynamoDB: https://github.com/fugue/credstash."
+options:
+  _terms:
+    description: Term or list of terms to lookup in the credit store.
+    type: list
+    elements: string
+    required: true
+  table:
+    description: Name of the credstash table to query.
+    type: str
+    default: 'credential-store'
+  version:
+    description: Credstash version.
+    type: str
+    default: ''
+  region:
+    description: AWS region.
+    type: str
+  profile_name:
+    description: AWS profile to use for authentication.
+    type: str
+    env:
+      - name: AWS_PROFILE
+  aws_access_key_id:
+    description: AWS access key ID.
+    type: str
+    env:
+      - name: AWS_ACCESS_KEY_ID
+  aws_secret_access_key:
+    description: AWS access key.
+    type: str
+    env:
+      - name: AWS_SECRET_ACCESS_KEY
+  aws_session_token:
+    description: AWS session token.
+    type: str
+    env:
+      - name: AWS_SESSION_TOKEN
+"""

-EXAMPLES = """
+EXAMPLES = r"""
 - name: first use credstash to store your secrets
  ansible.builtin.shell: credstash put my-github-password secure123

@@ -77,20 +77,20 @@ EXAMPLES = """
      environment: production
  tasks:

-  - name: "Test credstash lookup plugin -- get the password with a context passed as a variable"
-    ansible.builtin.debug:
-      msg: "{{ lookup('community.general.credstash', 'some-password', context=context) }}"
+    - name: "Test credstash lookup plugin -- get the password with a context passed as a variable"
+      ansible.builtin.debug:
+        msg: "{{ lookup('community.general.credstash', 'some-password', context=context) }}"

-  - name: "Test credstash lookup plugin -- get the password with a context defined here"
-    ansible.builtin.debug:
-      msg: "{{ lookup('community.general.credstash', 'some-password', context=dict(app='my_app', environment='production')) }}"
+    - name: "Test credstash lookup plugin -- get the password with a context defined here"
+      ansible.builtin.debug:
+        msg: "{{ lookup('community.general.credstash', 'some-password', context=dict(app='my_app', environment='production')) }}"
 """

-RETURN = """
-  _raw:
-    description:
-      - Value(s) stored in Credstash.
-    type: str
+RETURN = r"""
+_raw:
+  description:
+    - Value(s) stored in Credstash.
+  type: str
 """

 from ansible.errors import AnsibleError
--- a/plugins/lookup/cyberarkpassword.py
+++ b/plugins/lookup/cyberarkpassword.py
@@ -6,62 +6,64 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    author: Unknown (!UNKNOWN)
-    name: cyberarkpassword
-    short_description: get secrets from CyberArk AIM
-    requirements:
-      - CyberArk AIM tool installed
+DOCUMENTATION = r"""
+author: Unknown (!UNKNOWN)
+name: cyberarkpassword
+short_description: get secrets from CyberArk AIM
+requirements:
+  - CyberArk AIM tool installed
+description:
+  - Get secrets from CyberArk AIM.
+options:
+  _command:
+    description: Cyberark CLI utility.
+    type: string
+    env:
+      - name: AIM_CLIPASSWORDSDK_CMD
+    default: '/opt/CARKaim/sdk/clipasswordsdk'
+  appid:
+    description: Defines the unique ID of the application that is issuing the password request.
+    type: string
+    required: true
+  query:
+    description: Describes the filter criteria for the password retrieval.
+    type: string
+    required: true
+  output:
    description:
-      - Get secrets from CyberArk AIM.
-    options :
-      _command:
-        description: Cyberark CLI utility.
-        type: string
-        env:
-          - name: AIM_CLIPASSWORDSDK_CMD
-        default: '/opt/CARKaim/sdk/clipasswordsdk'
-      appid:
-        description: Defines the unique ID of the application that is issuing the password request.
-        type: string
-        required: true
-      query:
-        description: Describes the filter criteria for the password retrieval.
-        type: string
-        required: true
-      output:
-        description:
-          - Specifies the desired output fields separated by commas.
-          - "They could be: Password, PassProps.<property>, PasswordChangeInProcess"
-        type: string
-        default: 'password'
-      _extra:
-        description: for extra_params values please check parameters for clipasswordsdk in CyberArk's "Credential Provider and ASCP Implementation Guide"
-    notes:
-      - For Ansible on Windows, please change the -parameters (-p, -d, and -o) to /parameters (/p, /d, and /o) and change the location of CLIPasswordSDK.exe.
-'''
-
-EXAMPLES = """
-  - name: passing options to the lookup
-    ansible.builtin.debug:
-        msg: '{{ lookup("community.general.cyberarkpassword", cyquery) }}'
-    vars:
-      cyquery:
-        appid: "app_ansible"
-        query: "safe=CyberArk_Passwords;folder=root;object=AdminPass"
-        output: "Password,PassProps.UserName,PassProps.Address,PasswordChangeInProcess"
-
-
-  - name: used in a loop
-    ansible.builtin.debug:
-        msg: "{{item}}"
-    with_community.general.cyberarkpassword:
-        appid: 'app_ansible'
-        query: 'safe=CyberArk_Passwords;folder=root;object=AdminPass'
-        output: 'Password,PassProps.UserName,PassProps.Address,PasswordChangeInProcess'
+      - Specifies the desired output fields separated by commas.
+      - 'They could be: Password, PassProps.<property>, PasswordChangeInProcess.'
+    type: string
+    default: 'password'
+  _extra:
+    description: For extra_params values please check parameters for clipasswordsdk in CyberArk's "Credential Provider and
+      ASCP Implementation Guide".
+notes:
+  - For Ansible on Windows, please change the -parameters (C(-p), C(-d), and C(-o)) to /parameters (C(/p), C(/d), and C(/o)) and change the
+    location of C(CLIPasswordSDK.exe).
 """

-RETURN = """
+EXAMPLES = r"""
+- name: passing options to the lookup
+  ansible.builtin.debug:
+    msg: '{{ lookup("community.general.cyberarkpassword", cyquery) }}'
+  vars:
+    cyquery:
+      appid: "app_ansible"
+      query: "safe=CyberArk_Passwords;folder=root;object=AdminPass"
+      output: "Password,PassProps.UserName,PassProps.Address,PasswordChangeInProcess"
+
+
+- name: used in a loop
+  ansible.builtin.debug:
+    msg: "{{item}}"
+  with_community.general.cyberarkpassword:
+    appid: 'app_ansible'
+    query: 'safe=CyberArk_Passwords;folder=root;object=AdminPass'
+    output: 'Password,PassProps.UserName,PassProps.Address,PasswordChangeInProcess'
+"""
+
+RETURN = r"""
 _result:
  description: A list containing one dictionary.
  type: list
@@ -69,12 +71,12 @@ _result:
  contains:
    password:
      description:
-        - The actual value stored
+        - The actual value stored.
    passprops:
-      description: properties assigned to the entry
+      description: Properties assigned to the entry.
      type: dictionary
    passwordchangeinprocess:
-      description: did the password change?
+      description: Did the password change?
 """

 import os
--- a/plugins/lookup/dependent.py
+++ b/plugins/lookup/dependent.py
@@ -6,31 +6,30 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = """
+DOCUMENTATION = r"""
 name: dependent
 short_description: Composes a list with nested elements of other lists or dicts which can depend on previous loop variables
 author: Felix Fontein (@felixfontein)
 version_added: 3.1.0
 description:
-  - "Takes the input lists and returns a list with elements that are lists, dictionaries,
-     or template expressions which evaluate to lists or dicts, composed of the elements of
-     the input evaluated lists and dictionaries."
+  - Takes the input lists and returns a list with elements that are lists, dictionaries, or template expressions which evaluate
+    to lists or dicts, composed of the elements of the input evaluated lists and dictionaries.
 options:
  _terms:
    description:
-      - A list where the elements are one-element dictionaries, mapping a name to a string, list, or dictionary.
-        The name is the index that is used in the result object. The value is iterated over as described below.
+      - A list where the elements are one-element dictionaries, mapping a name to a string, list, or dictionary. The name
+        is the index that is used in the result object. The value is iterated over as described below.
      - If the value is a list, it is simply iterated over.
-      - If the value is a dictionary, it is iterated over and returned as if they would be processed by the
-        P(ansible.builtin.dict2items#filter) filter.
-      - If the value is a string, it is evaluated as Jinja2 expressions which can access the previously chosen
-        elements with C(item.<index_name>). The result must be a list or a dictionary.
+      - If the value is a dictionary, it is iterated over and returned as if they would be processed by the P(ansible.builtin.dict2items#filter)
+        filter.
+      - If the value is a string, it is evaluated as Jinja2 expressions which can access the previously chosen elements with
+        C(item.<index_name>). The result must be a list or a dictionary.
    type: list
    elements: dict
    required: true
 """

-EXAMPLES = """
+EXAMPLES = r"""
 - name: Install/remove public keys for active admin users
  ansible.posix.authorized_key:
    user: "{{ item.admin.key }}"
@@ -76,9 +75,9 @@ EXAMPLES = """
  loop_control:
    # Makes the output readable, so that it doesn't contain the whole subdictionaries and lists
    label: |-
-        {{ [item.zone.key, item.prefix.key, item.entry.key,
-            item.entry.value.ttl | default(3600),
-            item.entry.value.absent | default(False), item.entry.value.value] }}
+      {{ [item.zone.key, item.prefix.key, item.entry.key,
+          item.entry.value.ttl | default(3600),
+          item.entry.value.absent | default(False), item.entry.value.value] }}
  with_community.general.dependent:
    - zone: dns_setup
    - prefix: item.zone.value
@@ -89,36 +88,36 @@ EXAMPLES = """
        '':
          A:
            value:
-            - 1.2.3.4
+              - 1.2.3.4
          AAAA:
            value:
-            - "2a01:1:2:3::1"
+              - "2a01:1:2:3::1"
        'test._domainkey':
          TXT:
            ttl: 300
            value:
-            - '"k=rsa; t=s; p=MIGfMA..."'
+              - '"k=rsa; t=s; p=MIGfMA..."'
      example.org:
        'www':
          A:
            value:
-            - 1.2.3.4
-            - 5.6.7.8
+              - 1.2.3.4
+              - 5.6.7.8
 """

-RETURN = """
-  _list:
-    description:
-      - A list composed of dictionaries whose keys are the variable names from the input list.
-    type: list
-    elements: dict
-    sample:
-      - key1: a
-        key2: test
-      - key1: a
-        key2: foo
-      - key1: b
-        key2: bar
+RETURN = r"""
+_list:
+  description:
+    - A list composed of dictionaries whose keys are the variable names from the input list.
+  type: list
+  elements: dict
+  sample:
+    - key1: a
+      key2: test
+    - key1: a
+      key2: foo
+    - key1: b
+      key2: bar
 """

 from ansible.errors import AnsibleLookupError
@@ -130,12 +129,24 @@ from ansible.template import Templar

 from ansible_collections.community.general.plugins.module_utils.version import LooseVersion

+try:
+    from ansible.template import trust_as_template as _trust_as_template
+    HAS_DATATAGGING = True
+except ImportError:
+    HAS_DATATAGGING = False
+

 # Whether Templar has a cache, which can be controlled by Templar.template()'s cache option.
 # The cache was removed for ansible-core 2.14 (https://github.com/ansible/ansible/pull/78419)
 _TEMPLAR_HAS_TEMPLATE_CACHE = LooseVersion(ansible_version) < LooseVersion('2.14.0')


+def _make_safe(value):
+    if HAS_DATATAGGING and isinstance(value, str):
+        return _trust_as_template(value)
+    return value
+
+
 class LookupModule(LookupBase):
    def __evaluate(self, expression, templar, variables):
        """Evaluate expression with templar.
@@ -144,10 +155,13 @@ class LookupModule(LookupBase):
        ``variables`` are the variables to use.
        """
        templar.available_variables = variables or {}
-        expression = "{0}{1}{2}".format("{{", expression, "}}")
+        quoted_expression = "{0}{1}{2}".format("{{", expression, "}}")
        if _TEMPLAR_HAS_TEMPLATE_CACHE:
-            return templar.template(expression, cache=False)
-        return templar.template(expression)
+            return templar.template(quoted_expression, cache=False)
+        if hasattr(templar, 'evaluate_expression'):
+            # This is available since the Data Tagging PR has been merged
+            return templar.evaluate_expression(_make_safe(expression))
+        return templar.template(quoted_expression)

    def __process(self, result, terms, index, current, templar, variables):
        """Fills ``result`` list with evaluated items.
@@ -193,7 +207,10 @@ class LookupModule(LookupBase):

        result = []
        if len(terms) > 0:
-            templar = Templar(loader=self._templar._loader)
+            if HAS_DATATAGGING:
+                templar = self._templar.copy_with_new_env(available_variables={})
+            else:
+                templar = Templar(loader=self._templar._loader)
            data = []
            vars_so_far = set()
            for index, term in enumerate(terms):
--- a/plugins/lookup/dig.py
+++ b/plugins/lookup/dig.py
@@ -6,89 +6,114 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    name: dig
-    author: Jan-Piet Mens (@jpmens) <jpmens(at)gmail.com>
-    short_description: query DNS using the dnspython library
-    requirements:
-      - dnspython (python library, http://www.dnspython.org/)
+DOCUMENTATION = r"""
+name: dig
+author: Jan-Piet Mens (@jpmens) <jpmens(at)gmail.com>
+short_description: query DNS using the dnspython library
+requirements:
+  - dnspython (python library, http://www.dnspython.org/)
+description:
+  - The dig lookup runs queries against DNS servers to retrieve DNS records for a specific name (FQDN - fully qualified domain
+    name). It is possible to lookup any DNS record in this manner.
+  - There is a couple of different syntaxes that can be used to specify what record should be retrieved, and for which name.
+    It is also possible to explicitly specify the DNS server(s) to use for lookups.
+  - In its simplest form, the dig lookup plugin can be used to retrieve an IPv4 address (DNS A record) associated with FQDN.
+  - In addition to (default) A record, it is also possible to specify a different record type that should be queried. This
+    can be done by either passing-in additional parameter of format qtype=TYPE to the dig lookup, or by appending /TYPE to
+    the FQDN being queried.
+  - If multiple values are associated with the requested record, the results will be returned as a comma-separated list. In
+    such cases you may want to pass option C(wantlist=true) to the lookup call, or alternatively use C(query) instead of C(lookup),
+    which will result in the record values being returned as a list over which you can iterate later on.
+  - By default, the lookup will rely on system-wide configured DNS servers for performing the query. It is also possible to
+    explicitly specify DNS servers to query using the @DNS_SERVER_1,DNS_SERVER_2,...,DNS_SERVER_N notation. This needs to
+    be passed-in as an additional parameter to the lookup.
+options:
+  _terms:
+    description: Domain(s) to query.
+    type: list
+    elements: str
+  qtype:
    description:
-      - The dig lookup runs queries against DNS servers to retrieve DNS records for a specific name (FQDN - fully qualified domain name).
-        It is possible to lookup any DNS record in this manner.
-      - There is a couple of different syntaxes that can be used to specify what record should be retrieved, and for which name.
-         It is also possible to explicitly specify the DNS server(s) to use for lookups.
-      - In its simplest form, the dig lookup plugin can be used to retrieve an IPv4 address (DNS A record) associated with FQDN
-      - In addition to (default) A record, it is also possible to specify a different record type that should be queried.
-        This can be done by either passing-in additional parameter of format qtype=TYPE to the dig lookup, or by appending /TYPE to the FQDN being queried.
-      - If multiple values are associated with the requested record, the results will be returned as a comma-separated list.
-        In such cases you may want to pass option C(wantlist=true) to the lookup call, or alternatively use C(query) instead of C(lookup),
-        which will result in the record values being returned as a list over which you can iterate later on.
-      - By default, the lookup will rely on system-wide configured DNS servers for performing the query.
-        It is also possible to explicitly specify DNS servers to query using the @DNS_SERVER_1,DNS_SERVER_2,...,DNS_SERVER_N notation.
-        This needs to be passed-in as an additional parameter to the lookup
-    options:
-      _terms:
-        description: Domain(s) to query.
-        type: list
-        elements: str
-      qtype:
-        description:
-            - Record type to query.
-            - V(DLV) has been removed in community.general 6.0.0.
-            - V(CAA) has been added in community.general 6.3.0.
-        type: str
-        default: 'A'
-        choices: [A, ALL, AAAA, CAA, CNAME, DNAME, DNSKEY, DS, HINFO, LOC, MX, NAPTR, NS, NSEC3PARAM, PTR, RP, RRSIG, SOA, SPF, SRV, SSHFP, TLSA, TXT]
-      flat:
-        description: If 0 each record is returned as a dictionary, otherwise a string.
-        type: int
-        default: 1
-      retry_servfail:
-        description: Retry a nameserver if it returns SERVFAIL.
-        default: false
-        type: bool
-        version_added: 3.6.0
-      fail_on_error:
-        description:
-          - Abort execution on lookup errors.
-          - The default for this option will likely change to V(true) in the future.
-            The current default, V(false), is used for backwards compatibility, and will result in empty strings
-            or the string V(NXDOMAIN) in the result in case of errors.
-        default: false
-        type: bool
-        version_added: 5.4.0
-      real_empty:
-        description:
-          - Return empty result without empty strings, and return empty list instead of V(NXDOMAIN).
-          - The default for this option will likely change to V(true) in the future.
-          - This option will be forced to V(true) if multiple domains to be queried are specified.
-        default: false
-        type: bool
-        version_added: 6.0.0
-      class:
-        description:
-          - "Class."
-        type: str
-        default: 'IN'
-      tcp:
-        description: Use TCP to lookup DNS records.
-        default: false
-        type: bool
-        version_added: 7.5.0
-      port:
-        description: Use port as target port when looking up DNS records.
-        default: 53
-        type: int
-        version_added: 9.5.0
-    notes:
-      - ALL is not a record per-se, merely the listed fields are available for any record results you retrieve in the form of a dictionary.
-      - While the 'dig' lookup plugin supports anything which dnspython supports out of the box, only a subset can be converted into a dictionary.
-      - If you need to obtain the AAAA record (IPv6 address), you must specify the record type explicitly.
-        Syntax for specifying the record type is shown in the examples below.
-      - The trailing dot in most of the examples listed is purely optional, but is specified for completeness/correctness sake.
-'''
+      - Record type to query.
+      - V(DLV) has been removed in community.general 6.0.0.
+      - V(CAA) has been added in community.general 6.3.0.
+    type: str
+    default: 'A'
+    choices:
+      - A
+      - ALL
+      - AAAA
+      - CAA
+      - CNAME
+      - DNAME
+      - DNSKEY
+      - DS
+      - HINFO
+      - LOC
+      - MX
+      - NAPTR
+      - NS
+      - NSEC3PARAM
+      - PTR
+      - RP
+      - RRSIG
+      - SOA
+      - SPF
+      - SRV
+      - SSHFP
+      - TLSA
+      - TXT
+  flat:
+    description: If 0 each record is returned as a dictionary, otherwise a string.
+    type: int
+    default: 1
+  retry_servfail:
+    description: Retry a nameserver if it returns SERVFAIL.
+    default: false
+    type: bool
+    version_added: 3.6.0
+  fail_on_error:
+    description:
+      - Abort execution on lookup errors.
+      - The default for this option will likely change to V(true) in the future. The current default, V(false), is used for
+        backwards compatibility, and will result in empty strings or the string V(NXDOMAIN) in the result in case of errors.
+    default: false
+    type: bool
+    version_added: 5.4.0
+  real_empty:
+    description:
+      - Return empty result without empty strings, and return empty list instead of V(NXDOMAIN).
+      - The default for this option will likely change to V(true) in the future.
+      - This option will be forced to V(true) if multiple domains to be queried are specified.
+    default: false
+    type: bool
+    version_added: 6.0.0
+  class:
+    description:
+      - Class.
+    type: str
+    default: 'IN'
+  tcp:
+    description: Use TCP to lookup DNS records.
+    default: false
+    type: bool
+    version_added: 7.5.0
+  port:
+    description: Use port as target port when looking up DNS records.
+    default: 53
+    type: int
+    version_added: 9.5.0
+notes:
+  - V(ALL) is not a record in itself, merely the listed fields are available for any record results you retrieve in the form of
+    a dictionary.
+  - While the plugin supports anything which C(dnspython) supports out of the box, only a subset can be converted
+    into a dictionary.
+  - If you need to obtain the AAAA record (IPv6 address), you must specify the record type explicitly. Syntax for specifying
+    the record type is shown in the examples below.
+  - The trailing dot in most of the examples listed is purely optional, but is specified for completeness/correctness sake.
+"""

-EXAMPLES = """
+EXAMPLES = r"""
 - name: Simple A record (IPV4 address) lookup for example.com
  ansible.builtin.debug:
    msg: "{{ lookup('community.general.dig', 'example.com.')}}"
@@ -139,83 +164,83 @@ EXAMPLES = """
    msg: "{{ lookup('community.general.dig', 'example.org./A', retry_servfail=true) }}"
 """

-RETURN = """
-  _list:
-    description:
-      - List of composed strings or dictionaries with key and value
-        If a dictionary, fields shows the keys returned depending on query type
-    type: list
-    elements: raw
-    contains:
-       ALL:
-           description:
-               - owner, ttl, type
-       A:
-           description:
-               - address
-       AAAA:
-           description:
-               - address
-       CAA:
-           description:
-               - flags
-               - tag
-               - value
-           version_added: 6.3.0
-       CNAME:
-           description:
-               - target
-       DNAME:
-           description:
-               - target
-       DNSKEY:
-            description:
-                - flags, algorithm, protocol, key
-       DS:
-            description:
-                - algorithm, digest_type, key_tag, digest
-       HINFO:
-            description:
-                -  cpu, os
-       LOC:
-            description:
-                - latitude, longitude, altitude, size, horizontal_precision, vertical_precision
-       MX:
-            description:
-                - preference, exchange
-       NAPTR:
-            description:
-                - order, preference, flags, service, regexp, replacement
-       NS:
-            description:
-                - target
-       NSEC3PARAM:
-            description:
-                - algorithm, flags, iterations, salt
-       PTR:
-            description:
-                - target
-       RP:
-            description:
-                - mbox, txt
-       SOA:
-            description:
-                - mname, rname, serial, refresh, retry, expire, minimum
-       SPF:
-            description:
-                - strings
-       SRV:
-            description:
-                - priority, weight, port, target
-       SSHFP:
-            description:
-                - algorithm, fp_type, fingerprint
-       TLSA:
-            description:
-                - usage, selector, mtype, cert
-       TXT:
-            description:
-                - strings
+RETURN = r"""
+_list:
+  description:
+    - List of composed strings or of dictionaries, with fields depending
+      on query type.
+  type: list
+  elements: raw
+  contains:
+    ALL:
+      description:
+        - C(owner), C(ttl), C(type).
+    A:
+      description:
+        - C(address).
+    AAAA:
+      description:
+        - C(address).
+    CAA:
+      description:
+        - C(flags).
+        - C(tag).
+        - C(value).
+      version_added: 6.3.0
+    CNAME:
+      description:
+        - C(target).
+    DNAME:
+      description:
+        - C(target).
+    DNSKEY:
+      description:
+        - C(flags), C(algorithm), C(protocol), C(key).
+    DS:
+      description:
+        - C(algorithm), C(digest_type), C(key_tag), C(digest).
+    HINFO:
+      description:
+        - C(cpu), C(os).
+    LOC:
+      description:
+        - C(latitude), C(longitude), C(altitude), C(size), C(horizontal_precision), C(vertical_precision).
+    MX:
+      description:
+        - C(preference), C(exchange).
+    NAPTR:
+      description:
+        - C(order), C(preference), C(flags), C(service), C(regexp), C(replacement).
+    NS:
+      description:
+        - C(target).
+    NSEC3PARAM:
+      description:
+        - C(algorithm), C(flags), C(iterations), C(salt).
+    PTR:
+      description:
+        - C(target).
+    RP:
+      description:
+        - C(mbox), C(txt).
+    SOA:
+      description:
+        - C(mname), C(rname), C(serial), C(refresh), C(retry), C(expire), C(minimum).
+    SPF:
+      description:
+        - C(strings).
+    SRV:
+      description:
+        - C(priority), C(weight), C(port), C(target).
+    SSHFP:
+      description:
+        - C(algorithm), C(fp_type), C(fingerprint).
+    TLSA:
+      description:
+        - C(usage), C(selector), C(mtype), C(cert).
+    TXT:
+      description:
+        - C(strings).
 """

 from ansible.errors import AnsibleError
--- a/plugins/lookup/dnstxt.py
+++ b/plugins/lookup/dnstxt.py
@@ -6,30 +6,30 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    name: dnstxt
-    author: Jan-Piet Mens (@jpmens) <jpmens(at)gmail.com>
-    short_description: query a domain(s)'s DNS txt fields
-    requirements:
-      - dns/dns.resolver (python library)
+DOCUMENTATION = r"""
+name: dnstxt
+author: Jan-Piet Mens (@jpmens) <jpmens(at)gmail.com>
+short_description: query a domain(s)'s DNS txt fields
+requirements:
+  - dns/dns.resolver (python library)
+description:
+  - Uses a python library to return the DNS TXT record for a domain.
+options:
+  _terms:
+    description: Domain or list of domains to query TXT records from.
+    required: true
+    type: list
+    elements: string
+  real_empty:
    description:
-      - Uses a python library to return the DNS TXT record for a domain.
-    options:
-      _terms:
-        description: domain or list of domains to query TXT records from
-        required: true
-        type: list
-        elements: string
-      real_empty:
-        description:
-          - Return empty result without empty strings, and return empty list instead of V(NXDOMAIN).
-          - The default for this option will likely change to V(true) in the future.
-        default: false
-        type: bool
-        version_added: 6.0.0
-'''
+      - Return empty result without empty strings, and return empty list instead of V(NXDOMAIN).
+      - The default for this option will likely change to V(true) in the future.
+    default: false
+    type: bool
+    version_added: 6.0.0
+"""

-EXAMPLES = """
+EXAMPLES = r"""
 - name: show txt entry
  ansible.builtin.debug:
    msg: "{{lookup('community.general.dnstxt', ['test.example.com'])}}"
@@ -48,11 +48,11 @@ EXAMPLES = """
  with_community.general.dnstxt: "{{lookup('community.general.dnstxt', ['test.example.com']).split(',')}}"
 """

-RETURN = """
-  _list:
-    description:
-      - values returned by the DNS TXT record.
-    type: list
+RETURN = r"""
+_list:
+  description:
+    - Values returned by the DNS TXT record.
+  type: list
 """

 HAVE_DNS = False
--- a/plugins/lookup/dsv.py
+++ b/plugins/lookup/dsv.py
@@ -12,81 +12,78 @@ author: Adam Migus (@amigus) <adam@migus.org>
 short_description: Get secrets from Thycotic DevOps Secrets Vault
 version_added: 1.0.0
 description:
-    - Uses the Thycotic DevOps Secrets Vault Python SDK to get Secrets from a
-      DSV O(tenant) using a O(client_id) and O(client_secret).
+  - Uses the Thycotic DevOps Secrets Vault Python SDK to get Secrets from a DSV O(tenant) using a O(client_id) and O(client_secret).
 requirements:
-    - python-dsv-sdk - https://pypi.org/project/python-dsv-sdk/
+  - python-dsv-sdk - https://pypi.org/project/python-dsv-sdk/
 options:
-    _terms:
-        description: The path to the secret, for example V(/staging/servers/web1).
-        required: true
-    tenant:
-        description: The first format parameter in the default O(url_template).
-        type: string
-        env:
-            - name: DSV_TENANT
-        ini:
-            - section: dsv_lookup
-              key: tenant
-        required: true
-    tld:
-        default: com
-        description: The top-level domain of the tenant; the second format
-            parameter in the default O(url_template).
-        type: string
-        env:
-            - name: DSV_TLD
-        ini:
-            - section: dsv_lookup
-              key: tld
-        required: false
-    client_id:
-        description: The client_id with which to request the Access Grant.
-        type: string
-        env:
-            - name: DSV_CLIENT_ID
-        ini:
-            - section: dsv_lookup
-              key: client_id
-        required: true
-    client_secret:
-        description: The client secret associated with the specific O(client_id).
-        type: string
-        env:
-            - name: DSV_CLIENT_SECRET
-        ini:
-            - section: dsv_lookup
-              key: client_secret
-        required: true
-    url_template:
-        default: https://{}.secretsvaultcloud.{}/v1
-        description: The path to prepend to the base URL to form a valid REST
-            API request.
-        type: string
-        env:
-            - name: DSV_URL_TEMPLATE
-        ini:
-            - section: dsv_lookup
-              key: url_template
-        required: false
+  _terms:
+    description: The path to the secret, for example V(/staging/servers/web1).
+    required: true
+  tenant:
+    description: The first format parameter in the default O(url_template).
+    type: string
+    env:
+      - name: DSV_TENANT
+    ini:
+      - section: dsv_lookup
+        key: tenant
+    required: true
+  tld:
+    default: com
+    description: The top-level domain of the tenant; the second format parameter in the default O(url_template).
+    type: string
+    env:
+      - name: DSV_TLD
+    ini:
+      - section: dsv_lookup
+        key: tld
+    required: false
+  client_id:
+    description: The client_id with which to request the Access Grant.
+    type: string
+    env:
+      - name: DSV_CLIENT_ID
+    ini:
+      - section: dsv_lookup
+        key: client_id
+    required: true
+  client_secret:
+    description: The client secret associated with the specific O(client_id).
+    type: string
+    env:
+      - name: DSV_CLIENT_SECRET
+    ini:
+      - section: dsv_lookup
+        key: client_secret
+    required: true
+  url_template:
+    default: https://{}.secretsvaultcloud.{}/v1
+    description: The path to prepend to the base URL to form a valid REST API request.
+    type: string
+    env:
+      - name: DSV_URL_TEMPLATE
+    ini:
+      - section: dsv_lookup
+        key: url_template
+    required: false
 """

 RETURN = r"""
 _list:
-    description:
-        - One or more JSON responses to C(GET /secrets/{path}).
-        - See U(https://dsv.thycotic.com/api/index.html#operation/getSecret).
-    type: list
-    elements: dict
+  description:
+    - One or more JSON responses to C(GET /secrets/{path}).
+    - See U(https://dsv.thycotic.com/api/index.html#operation/getSecret).
+  type: list
+  elements: dict
 """

 EXAMPLES = r"""
 - hosts: localhost
  vars:
-      secret: "{{ lookup('community.general.dsv', '/test/secret') }}"
+    secret: "{{ lookup('community.general.dsv', '/test/secret') }}"
  tasks:
-      - ansible.builtin.debug:
-          msg: 'the password is {{ secret["data"]["password"] }}'
+    - ansible.builtin.debug:
+        msg: 'the password is {{ secret["data"]["password"] }}'
 """

 from ansible.errors import AnsibleError, AnsibleOptionsError
--- a/plugins/lookup/etcd.py
+++ b/plugins/lookup/etcd.py
@@ -8,46 +8,46 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    author:
-        - Jan-Piet Mens (@jpmens)
-    name: etcd
-    short_description: get info from an etcd server
+DOCUMENTATION = r"""
+author:
+  - Jan-Piet Mens (@jpmens)
+name: etcd
+short_description: get info from an etcd server
+description:
+  - Retrieves data from an etcd server.
+options:
+  _terms:
    description:
-        - Retrieves data from an etcd server
-    options:
-        _terms:
-            description:
-                - the list of keys to lookup on the etcd server
-            type: list
-            elements: string
-            required: true
-        url:
-            description:
-                - Environment variable with the URL for the etcd server
-            type: string
-            default: 'http://127.0.0.1:4001'
-            env:
-              - name: ANSIBLE_ETCD_URL
-        version:
-            description:
-                - Environment variable with the etcd protocol version
-            type: string
-            default: 'v1'
-            env:
-              - name: ANSIBLE_ETCD_VERSION
-        validate_certs:
-            description:
-                - toggle checking that the ssl certificates are valid, you normally only want to turn this off with self-signed certs.
-            default: true
-            type: boolean
-    seealso:
-    - module: community.general.etcd3
-    - plugin: community.general.etcd3
-      plugin_type: lookup
-'''
+      - The list of keys to lookup on the etcd server.
+    type: list
+    elements: string
+    required: true
+  url:
+    description:
+      - Environment variable with the URL for the etcd server.
+    type: string
+    default: 'http://127.0.0.1:4001'
+    env:
+      - name: ANSIBLE_ETCD_URL
+  version:
+    description:
+      - Environment variable with the etcd protocol version.
+    type: string
+    default: 'v1'
+    env:
+      - name: ANSIBLE_ETCD_VERSION
+  validate_certs:
+    description:
+      - Toggle checking that the ssl certificates are valid, you normally only want to turn this off with self-signed certs.
+    default: true
+    type: boolean
+seealso:
+  - module: community.general.etcd3
+  - plugin: community.general.etcd3
+    plugin_type: lookup
+"""

-EXAMPLES = '''
+EXAMPLES = r"""
 - name: "a value from a locally running etcd"
  ansible.builtin.debug:
    msg: "{{ lookup('community.general.etcd', 'foo/bar') }}"
@@ -59,15 +59,15 @@ EXAMPLES = '''
 - name: "you can set server options inline"
  ansible.builtin.debug:
    msg: "{{ lookup('community.general.etcd', 'foo', version='v2', url='http://192.168.0.27:4001') }}"
-'''
+"""

-RETURN = '''
-    _raw:
-        description:
-            - List of values associated with input keys.
-        type: list
-        elements: string
-'''
+RETURN = r"""
+_raw:
+  description:
+    - List of values associated with input keys.
+  type: list
+  elements: string
+"""

 import json

--- a/plugins/lookup/etcd3.py
+++ b/plugins/lookup/etcd3.py
@@ -7,101 +7,101 @@
 from __future__ import absolute_import, division, print_function
 __metaclass__ = type

-DOCUMENTATION = '''
-    author:
-    - Eric Belhomme (@eric-belhomme) <ebelhomme@fr.scc.com>
-    version_added: '0.2.0'
-    name: etcd3
-    short_description: Get key values from etcd3 server
+DOCUMENTATION = r"""
+author:
+  - Eric Belhomme (@eric-belhomme) <ebelhomme@fr.scc.com>
+version_added: '0.2.0'
+name: etcd3
+short_description: Get key values from etcd3 server
+description:
+  - Retrieves key values and/or key prefixes from etcd3 server using its native gRPC API.
+  - Try to reuse M(community.general.etcd3) options for connection parameters, but add support for some E(ETCDCTL_*) environment
+    variables.
+  - See U(https://github.com/etcd-io/etcd/tree/master/Documentation/op-guide) for etcd overview.
+options:
+  _terms:
    description:
-    - Retrieves key values and/or key prefixes from etcd3 server using its native gRPC API.
-    - Try to reuse M(community.general.etcd3) options for connection parameters, but add support for some C(ETCDCTL_*) environment variables.
-    - See U(https://github.com/etcd-io/etcd/tree/master/Documentation/op-guide) for etcd overview.
+      - The list of keys (or key prefixes) to look up on the etcd3 server.
+    type: list
+    elements: str
+    required: true
+  prefix:
+    description:
+      - Look for key or prefix key.
+    type: bool
+    default: false
+  endpoints:
+    description:
+      - Counterpart of E(ETCDCTL_ENDPOINTS) environment variable. Specify the etcd3 connection with an URL form, for example
+        V(https://hostname:2379), or V(<host>:<port>) form.
+      - The V(host) part is overwritten by O(host) option, if defined.
+      - The V(port) part is overwritten by O(port) option, if defined.
+    env:
+      - name: ETCDCTL_ENDPOINTS
+    default: '127.0.0.1:2379'
+    type: str
+  host:
+    description:
+      - Etcd3 listening client host.
+      - Takes precedence over O(endpoints).
+    type: str
+  port:
+    description:
+      - Etcd3 listening client port.
+      - Takes precedence over O(endpoints).
+    type: int
+  ca_cert:
+    description:
+      - Etcd3 CA authority.
+    env:
+      - name: ETCDCTL_CACERT
+    type: str
+  cert_cert:
+    description:
+      - Etcd3 client certificate.
+    env:
+      - name: ETCDCTL_CERT
+    type: str
+  cert_key:
+    description:
+      - Etcd3 client private key.
+    env:
+      - name: ETCDCTL_KEY
+    type: str
+  timeout:
+    description:
+      - Client timeout.
+    default: 60
+    env:
+      - name: ETCDCTL_DIAL_TIMEOUT
+    type: int
+  user:
+    description:
+      - Authenticated user name.
+    env:
+      - name: ETCDCTL_USER
+    type: str
+  password:
+    description:
+      - Authenticated user password.
+    env:
+      - name: ETCDCTL_PASSWORD
+    type: str

-    options:
-        _terms:
-            description:
-            - The list of keys (or key prefixes) to look up on the etcd3 server.
-            type: list
-            elements: str
-            required: true
-        prefix:
-            description:
-            - Look for key or prefix key.
-            type: bool
-            default: false
-        endpoints:
-            description:
-            - Counterpart of E(ETCDCTL_ENDPOINTS) environment variable.
-              Specify the etcd3 connection with and URL form, for example V(https://hostname:2379), or V(<host>:<port>) form.
-            - The V(host) part is overwritten by O(host) option, if defined.
-            - The V(port) part is overwritten by O(port) option, if defined.
-            env:
-            - name: ETCDCTL_ENDPOINTS
-            default: '127.0.0.1:2379'
-            type: str
-        host:
-            description:
-            - etcd3 listening client host.
-            - Takes precedence over O(endpoints).
-            type: str
-        port:
-            description:
-            - etcd3 listening client port.
-            - Takes precedence over O(endpoints).
-            type: int
-        ca_cert:
-            description:
-            - etcd3 CA authority.
-            env:
-            - name: ETCDCTL_CACERT
-            type: str
-        cert_cert:
-            description:
-            - etcd3 client certificate.
-            env:
-            - name: ETCDCTL_CERT
-            type: str
-        cert_key:
-            description:
-            - etcd3 client private key.
-            env:
-            - name: ETCDCTL_KEY
-            type: str
-        timeout:
-            description:
-            - Client timeout.
-            default: 60
-            env:
-            - name: ETCDCTL_DIAL_TIMEOUT
-            type: int
-        user:
-            description:
-            - Authenticated user name.
-            env:
-            - name: ETCDCTL_USER
-            type: str
-        password:
-            description:
-            - Authenticated user password.
-            env:
-            - name: ETCDCTL_PASSWORD
-            type: str
+notes:
+  - O(host) and O(port) options take precedence over (endpoints) option.
+  - The recommended way to connect to etcd3 server is using E(ETCDCTL_ENDPOINT) environment variable and keep O(endpoints),
+    O(host), and O(port) unused.
+seealso:
+  - module: community.general.etcd3
+  - plugin: community.general.etcd
+    plugin_type: lookup

-    notes:
-    - O(host) and O(port) options take precedence over (endpoints) option.
-    - The recommended way to connect to etcd3 server is using E(ETCDCTL_ENDPOINT)
-      environment variable and keep O(endpoints), O(host), and O(port) unused.
-    seealso:
-    - module: community.general.etcd3
-    - plugin: community.general.etcd
-      plugin_type: lookup
+requirements:
+  - "etcd3 >= 0.10"
+"""

-    requirements:
-    - "etcd3 >= 0.10"
-'''
-
-EXAMPLES = '''
+EXAMPLES = r"""
 - name: "a value from a locally running etcd"
  ansible.builtin.debug:
    msg: "{{ lookup('community.general.etcd3', 'foo/bar') }}"
@@ -117,22 +117,22 @@ EXAMPLES = '''
 - name: "connect to etcd3 with a client certificate"
  ansible.builtin.debug:
    msg: "{{ lookup('community.general.etcd3', 'foo/bar', cert_cert='/etc/ssl/etcd/client.pem', cert_key='/etc/ssl/etcd/client.key') }}"
-'''
+"""

-RETURN = '''
-    _raw:
-        description:
-        - List of keys and associated values.
-        type: list
-        elements: dict
-        contains:
-            key:
-                description: The element's key.
-                type: str
-            value:
-                description: The element's value.
-                type: str
-'''
+RETURN = r"""
+_raw:
+  description:
+    - List of keys and associated values.
+  type: list
+  elements: dict
+  contains:
+    key:
+      description: The element's key.
+      type: str
+    value:
+      description: The element's value.
+      type: str
+"""

 import re

--- a/plugins/lookup/filetree.py
+++ b/plugins/lookup/filetree.py
@@ -6,22 +6,23 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = r'''
+DOCUMENTATION = r"""
 name: filetree
 author: Dag Wieers (@dagwieers) <dag@wieers.com>
 short_description: recursively match all files in a directory tree
 description:
- This lookup enables you to template a complete tree of files on a target system while retaining permissions and ownership.
- Supports directories, files and symlinks, including SELinux and other file properties.
- If you provide more than one path, it will implement a first_found logic, and will not process entries it already processed in previous paths.
-  This enables merging different trees in order of importance, or add role_vars to specific paths to influence different instances of the same role.
+  - This lookup enables you to template a complete tree of files on a target system while retaining permissions and ownership.
+  - Supports directories, files and symlinks, including SELinux and other file properties.
+  - If you provide more than one path, it will implement a first_found logic, and will not process entries it already processed
+    in previous paths. This enables merging different trees in order of importance, or add role_vars to specific paths to
+    influence different instances of the same role.
 options:
  _terms:
    description: Path(s) of files to read.
    required: true
    type: list
    elements: string
-'''
+"""

 EXAMPLES = r"""
 - name: Create directories
@@ -59,61 +60,61 @@ EXAMPLES = r"""
 """

 RETURN = r"""
-  _raw:
-    description: List of dictionaries with file information.
-    type: list
-    elements: dict
-    contains:
-        src:
-          description:
-          - Full path to file.
-          - Not returned when RV(_raw[].state) is set to V(directory).
-          type: path
-        root:
-          description: Allows filtering by original location.
-          type: path
-        path:
-          description: Contains the relative path to root.
-          type: path
-        mode:
-          description: The permissions the resulting file or directory.
-          type: str
-        state:
-          description: TODO
-          type: str
-        owner:
-          description: Name of the user that owns the file/directory.
-          type: raw
-        group:
-          description: Name of the group that owns the file/directory.
-          type: raw
-        seuser:
-          description: The user part of the SELinux file context.
-          type: raw
-        serole:
-          description: The role part of the SELinux file context.
-          type: raw
-        setype:
-          description: The type part of the SELinux file context.
-          type: raw
-        selevel:
-          description: The level part of the SELinux file context.
-          type: raw
-        uid:
-          description: Owner ID of the file/directory.
-          type: int
-        gid:
-          description: Group ID of the file/directory.
-          type: int
-        size:
-          description: Size of the target.
-          type: int
-        mtime:
-          description: Time of last modification.
-          type: float
-        ctime:
-          description: Time of last metadata update or creation (depends on OS).
-          type: float
+_raw:
+  description: List of dictionaries with file information.
+  type: list
+  elements: dict
+  contains:
+    src:
+      description:
+        - Full path to file.
+        - Not returned when RV(_raw[].state) is set to V(directory).
+      type: path
+    root:
+      description: Allows filtering by original location.
+      type: path
+    path:
+      description: Contains the relative path to root.
+      type: path
+    mode:
+      description: The permissions the resulting file or directory.
+      type: str
+    state:
+      description: TODO.
+      type: str
+    owner:
+      description: Name of the user that owns the file/directory.
+      type: raw
+    group:
+      description: Name of the group that owns the file/directory.
+      type: raw
+    seuser:
+      description: The user part of the SELinux file context.
+      type: raw
+    serole:
+      description: The role part of the SELinux file context.
+      type: raw
+    setype:
+      description: The type part of the SELinux file context.
+      type: raw
+    selevel:
+      description: The level part of the SELinux file context.
+      type: raw
+    uid:
+      description: Owner ID of the file/directory.
+      type: int
+    gid:
+      description: Group ID of the file/directory.
+      type: int
+    size:
+      description: Size of the target.
+      type: int
+    mtime:
+      description: Time of last modification.
+      type: float
+    ctime:
+      description: Time of last metadata update or creation (depends on OS).
+      type: float
 """
 import os
 import pwd
--- a/plugins/lookup/flattened.py
+++ b/plugins/lookup/flattened.py
@@ -6,35 +6,35 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    name: flattened
-    author: Serge van Ginderachter (!UNKNOWN) <serge@vanginderachter.be>
-    short_description: return single list completely flattened
-    description:
-      - Given one or more lists, this lookup will flatten any list elements found recursively until only 1 list is left.
-    options:
-      _terms:
-        description: lists to flatten
-        type: list
-        elements: raw
-        required: true
-    notes:
-      - Unlike the P(ansible.builtin.items#lookup) lookup which only flattens 1 level,
-        this plugin will continue to flatten until it cannot find lists anymore.
-      - Aka highlander plugin, there can only be one (list).
-'''
+DOCUMENTATION = r"""
+name: flattened
+author: Serge van Ginderachter (!UNKNOWN) <serge@vanginderachter.be>
+short_description: return single list completely flattened
+description:
+  - Given one or more lists, this lookup will flatten any list elements found recursively until only 1 list is left.
+options:
+  _terms:
+    description: Lists to flatten.
+    type: list
+    elements: raw
+    required: true
+notes:
+  - Unlike the P(ansible.builtin.items#lookup) lookup which only flattens 1 level, this plugin will continue to flatten until
+    it cannot find lists anymore.
+  - Aka highlander plugin, there can only be one (list).
+"""

-EXAMPLES = """
+EXAMPLES = r"""
 - name: "'unnest' all elements into single list"
  ansible.builtin.debug:
    msg: "all in one list {{lookup('community.general.flattened', [1,2,3,[5,6]], ['a','b','c'], [[5,6,1,3], [34,'a','b','c']])}}"
 """

-RETURN = """
-  _raw:
-    description:
-      - flattened list
-    type: list
+RETURN = r"""
+_raw:
+  description:
+    - Flattened list.
+  type: list
 """
 from ansible.errors import AnsibleError
 from ansible.module_utils.six import string_types
--- a/plugins/lookup/github_app_access_token.py
+++ b/plugins/lookup/github_app_access_token.py
@@ -5,49 +5,49 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    name: github_app_access_token
-    author:
-      - Poh Wei Sheng (@weisheng-p)
-    short_description: Obtain short-lived Github App Access tokens
-    version_added: '8.2.0'
-    requirements:
-      - jwt (https://github.com/GehirnInc/python-jwt)
+DOCUMENTATION = r"""
+name: github_app_access_token
+author:
+  - Poh Wei Sheng (@weisheng-p)
+short_description: Obtain short-lived Github App Access tokens
+version_added: '8.2.0'
+requirements:
+  - jwt (https://github.com/GehirnInc/python-jwt)
+description:
+  - This generates a Github access token that can be used with a C(git) command, if you use a Github App.
+options:
+  key_path:
    description:
-      - This generates a Github access token that can be used with a C(git) command, if you use a Github App.
-    options:
-      key_path:
-        description:
-        - Path to your private key.
-        - Either O(key_path) or O(private_key) must be specified.
-        type: path
-      app_id:
-        description:
-        - Your GitHub App ID, you can find this in the Settings page.
-        required: true
-        type: str
-      installation_id:
-        description:
-        - The installation ID that contains the git repository you would like access to.
-        - As of 2023-12-24, this can be found via Settings page > Integrations > Application. The last part of the URL in the
-          configure button is the installation ID.
-        - Alternatively, you can use PyGithub (U(https://github.com/PyGithub/PyGithub)) to get your installation ID.
-        required: true
-        type: str
-      private_key:
-        description:
-        - GitHub App private key in PEM file format as string.
-        - Either O(key_path) or O(private_key) must be specified.
-        type: str
-        version_added: 10.0.0
-      token_expiry:
-        description:
-        - How long the token should last for in seconds.
-        default: 600
-        type: int
-'''
+      - Path to your private key.
+      - Either O(key_path) or O(private_key) must be specified.
+    type: path
+  app_id:
+    description:
+      - Your GitHub App ID, you can find this in the Settings page.
+    required: true
+    type: str
+  installation_id:
+    description:
+      - The installation ID that contains the git repository you would like access to.
+      - As of 2023-12-24, this can be found at Settings page > Integrations > Application. The last part of the URL in the
+        configure button is the installation ID.
+      - Alternatively, you can use PyGithub (U(https://github.com/PyGithub/PyGithub)) to get your installation ID.
+    required: true
+    type: str
+  private_key:
+    description:
+      - GitHub App private key in PEM file format as string.
+      - Either O(key_path) or O(private_key) must be specified.
+    type: str
+    version_added: 10.0.0
+  token_expiry:
+    description:
+      - How long the token should last for in seconds.
+    default: 600
+    type: int
+"""

-EXAMPLES = '''
+EXAMPLES = r"""
 - name: Get access token to be used for git checkout with app_id=123456, installation_id=64209
  ansible.builtin.git:
    repo: >-
@@ -57,14 +57,14 @@ EXAMPLES = '''
    github_token: >-
      {{ lookup('community.general.github_app_access_token', key_path='/home/to_your/key',
                app_id='123456', installation_id='64209') }}
-'''
+"""

-RETURN = '''
-  _raw:
-    description: A one-element list containing your GitHub access token.
-    type: list
-    elements: str
-'''
+RETURN = r"""
+_raw:
+  description: A one-element list containing your GitHub access token.
+  type: list
+  elements: str
+"""


 try:
--- a/plugins/lookup/hiera.py
+++ b/plugins/lookup/hiera.py
@@ -6,40 +6,40 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type

-DOCUMENTATION = '''
-    author:
-      - Juan Manuel Parrilla (@jparrill)
-    name: hiera
-    short_description: get info from hiera data
-    requirements:
-      - hiera (command line utility)
+DOCUMENTATION = r"""
+author:
+  - Juan Manuel Parrilla (@jparrill)
+name: hiera
+short_description: get info from hiera data
+requirements:
+  - hiera (command line utility)
+description:
+  - Retrieves data from an Puppetmaster node using Hiera as ENC.
+options:
+  _terms:
    description:
-        - Retrieves data from an Puppetmaster node using Hiera as ENC.
-    options:
-      _terms:
-            description:
-                - The list of keys to lookup on the Puppetmaster.
-            type: list
-            elements: string
-            required: true
-      executable:
-            description:
-                - Binary file to execute Hiera.
-            type: string
-            default: '/usr/bin/hiera'
-            env:
-                - name: ANSIBLE_HIERA_BIN
-      config_file:
-            description:
-                - File that describes the hierarchy of Hiera.
-            type: string
-            default: '/etc/hiera.yaml'
-            env:
-                - name: ANSIBLE_HIERA_CFG
+      - The list of keys to lookup on the Puppetmaster.
+    type: list
+    elements: string
+    required: true
+  executable:
+    description:
+      - Binary file to execute Hiera.
+    type: string
+    default: '/usr/bin/hiera'
+    env:
+      - name: ANSIBLE_HIERA_BIN
+  config_file:
+    description:
+      - File that describes the hierarchy of Hiera.
+    type: string
+    default: '/etc/hiera.yaml'
+    env:
+      - name: ANSIBLE_HIERA_CFG
 # FIXME: incomplete options .. _terms? environment/fqdn?
-'''
+"""

-EXAMPLES = """
+EXAMPLES = r"""
 # All this examples depends on hiera.yml that describes the hierarchy

 - name: "a value from Hiera 'DB'"
@@ -55,12 +55,12 @@ EXAMPLES = """
    msg: "{{ lookup('community.general.hiera', 'foo fqdn=puppet01.localdomain') }}"
 """

-RETURN = """
-    _raw:
-        description:
-            - a value associated with input key
-        type: list
-        elements: str
+RETURN = r"""
+_raw:
+  description:
+    - A value associated with input key.
+  type: list
+  elements: str
 """

 from ansible.plugins.lookup import LookupBase
--- a/Show More
+++ b/Show More