Release 7.5.6.

This reverts commit 8b2e658fc0.

(Considering this again, this looks a lot more like a feature than a bugfix. I shouldn't have backported it.)

.azure-pipelines/azure-pipelines.yml

@@ -29,14 +29,14 @@ schedules:
     always: true
     branches:
       include:
+        - stable-8
         - stable-7
-        - stable-6
   - cron: 0 11 * * 0
     displayName: Weekly (old stable branches)
     always: true
     branches:
       include:
-        - stable-5
+        - stable-6
 
 variables:
   - name: checkoutPath
@@ -73,6 +73,19 @@ stages:
             - test: 3
             - test: 4
             - test: extra
+  - stage: Sanity_2_16
+    displayName: Sanity 2.16
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Test {0}
+          testFormat: 2.16/sanity/{0}
+          targets:
+            - test: 1
+            - test: 2
+            - test: 3
+            - test: 4
   - stage: Sanity_2_15
     displayName: Sanity 2.15
     dependsOn: []
@@ -99,19 +112,6 @@ stages:
             - test: 2
             - test: 3
             - test: 4
-  - stage: Sanity_2_13
-    displayName: Sanity 2.13
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Test {0}
-          testFormat: 2.13/sanity/{0}
-          targets:
-            - test: 1
-            - test: 2
-            - test: 3
-            - test: 4
 ### Units
   - stage: Units_devel
     displayName: Units devel
@@ -122,13 +122,24 @@ stages:
           nameFormat: Python {0}
           testFormat: devel/units/{0}/1
           targets:
-            - test: 2.7
-            - test: 3.6
             - test: 3.7
             - test: 3.8
             - test: 3.9
             - test: '3.10'
             - test: '3.11'
+            - test: '3.12'
+  - stage: Units_2_16
+    displayName: Units 2.16
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.16/units/{0}/1
+          targets:
+            - test: 2.7
+            - test: 3.6
+            - test: "3.11"
   - stage: Units_2_15
     displayName: Units 2.15
     dependsOn: []
@@ -150,17 +161,6 @@ stages:
           testFormat: 2.14/units/{0}/1
           targets:
             - test: 3.9
-  - stage: Units_2_13
-    displayName: Units 2.13
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.13/units/{0}/1
-          targets:
-            - test: 2.7
-            - test: 3.8
 
 ## Remote
   - stage: Remote_devel_extra_vms
@@ -171,10 +171,10 @@ stages:
         parameters:
           testFormat: devel/{0}
           targets:
-            - name: Alpine 3.17
-              test: alpine/3.17
-            # - name: Fedora 38
-            #   test: fedora/38
+            - name: Alpine 3.19
+              test: alpine/3.19
+            # - name: Fedora 39
+            #   test: fedora/39
             - name: Ubuntu 22.04
               test: ubuntu/22.04
           groups:
@@ -186,6 +186,26 @@ stages:
       - template: templates/matrix.yml
         parameters:
           testFormat: devel/{0}
+          targets:
+            - name: macOS 14.3
+              test: macos/14.3
+            - name: RHEL 9.3
+              test: rhel/9.3
+            - name: FreeBSD 13.3
+              test: freebsd/13.3
+            - name: FreeBSD 14.0
+              test: freebsd/14.0
+          groups:
+            - 1
+            - 2
+            - 3
+  - stage: Remote_2_16
+    displayName: Remote 2.16
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.16/{0}
           targets:
             - name: macOS 13.2
               test: macos/13.2
@@ -195,8 +215,6 @@ stages:
               test: rhel/8.8
             - name: FreeBSD 13.2
               test: freebsd/13.2
-            - name: FreeBSD 12.4
-              test: freebsd/12.4
           groups:
             - 1
             - 2
@@ -215,8 +233,10 @@ stages:
               test: rhel/8.7
             - name: RHEL 7.9
               test: rhel/7.9
-            - name: FreeBSD 13.1
-              test: freebsd/13.1
+            # - name: FreeBSD 13.1
+            #   test: freebsd/13.1
+            # - name: FreeBSD 12.4
+            #   test: freebsd/12.4
           groups:
             - 1
             - 2
@@ -231,26 +251,10 @@ stages:
           targets:
             - name: RHEL 9.0
               test: rhel/9.0
-            - name: FreeBSD 12.3
-              test: freebsd/12.3
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Remote_2_13
-    displayName: Remote 2.13
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.13/{0}
-          targets:
-            - name: macOS 12.0
-              test: macos/12.0
-            - name: RHEL 8.5
-              test: rhel/8.5
-            - name: FreeBSD 13.0
-              test: freebsd/13.0
+            #- name: macOS 12.0
+            #  test: macos/12.0
+            #- name: FreeBSD 12.4
+            #  test: freebsd/12.4
           groups:
             - 1
             - 2
@@ -265,14 +269,30 @@ stages:
         parameters:
           testFormat: devel/linux/{0}
           targets:
-            - name: Fedora 38
-              test: fedora38
-            - name: openSUSE 15
-              test: opensuse15
+            - name: Fedora 39
+              test: fedora39
             - name: Ubuntu 20.04
               test: ubuntu2004
             - name: Ubuntu 22.04
               test: ubuntu2204
+            - name: Alpine 3.19
+              test: alpine319
+          groups:
+            - 1
+            - 2
+            - 3
+  - stage: Docker_2_16
+    displayName: Docker 2.16
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.16/linux/{0}
+          targets:
+            - name: Fedora 38
+              test: fedora38
+            - name: openSUSE 15
+              test: opensuse15
             - name: Alpine 3
               test: alpine3
           groups:
@@ -303,24 +323,6 @@ stages:
         parameters:
           testFormat: 2.14/linux/{0}
           targets:
-            - name: Fedora 36
-              test: fedora36
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Docker_2_13
-    displayName: Docker 2.13
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.13/linux/{0}
-          targets:
-            - name: Fedora 35
-              test: fedora35
-            - name: openSUSE 15 py2
-              test: opensuse15py2
             - name: Alpine 3
               test: alpine3
           groups:
@@ -343,8 +345,6 @@ stages:
               test: debian-bookworm/3.11
             - name: ArchLinux
               test: archlinux/3.11
-            - name: CentOS Stream 8
-              test: centos-stream8/3.9
           groups:
             - 1
             - 2
@@ -360,7 +360,19 @@ stages:
           nameFormat: Python {0}
           testFormat: devel/generic/{0}/1
           targets:
-            - test: 2.7
+            - test: '3.7'
+            - test: '3.12'
+  - stage: Generic_2_16
+    displayName: Generic 2.16
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.16/generic/{0}/1
+          targets:
+            - test: '2.7'
+            - test: '3.6'
             - test: '3.11'
   - stage: Generic_2_15
     displayName: Generic 2.15
@@ -371,7 +383,7 @@ stages:
           nameFormat: Python {0}
           testFormat: 2.15/generic/{0}/1
           targets:
-            - test: 3.9
+            - test: '3.9'
   - stage: Generic_2_14
     displayName: Generic 2.14
     dependsOn: []
@@ -382,42 +394,32 @@ stages:
           testFormat: 2.14/generic/{0}/1
           targets:
             - test: '3.10'
-  - stage: Generic_2_13
-    displayName: Generic 2.13
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.13/generic/{0}/1
-          targets:
-            - test: 3.9
 
   - stage: Summary
     condition: succeededOrFailed()
     dependsOn:
       - Sanity_devel
-      - Sanity_2_13
-      - Sanity_2_14
+      - Sanity_2_16
       - Sanity_2_15
+      - Sanity_2_14
       - Units_devel
-      - Units_2_13
-      - Units_2_14
+      - Units_2_16
       - Units_2_15
+      - Units_2_14
       - Remote_devel_extra_vms
       - Remote_devel
-      - Remote_2_13
-      - Remote_2_14
+      - Remote_2_16
       - Remote_2_15
+      - Remote_2_14
       - Docker_devel
-      - Docker_2_13
-      - Docker_2_14
+      - Docker_2_16
       - Docker_2_15
+      - Docker_2_14
       - Docker_community_devel
 # Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
 #      - Generic_devel
-#      - Generic_2_13
-#      - Generic_2_14
+#      - Generic_2_16
 #      - Generic_2_15
+#      - Generic_2_14
     jobs:
       - template: templates/coverage.yml

.github/BOTMETA.yml

@@ -249,9 +249,11 @@ files:
     labels: onepassword
     maintainers: samdoran
   $lookups/onepassword.py:
-    maintainers: azenk scottsb
+    ignore: scottsb
+    maintainers: azenk
   $lookups/onepassword_raw.py:
-    maintainers: azenk scottsb
+    ignore: scottsb
+    maintainers: azenk
   $lookups/passwordstore.py: {}
   $lookups/random_pet.py:
     maintainers: Akasurde
@@ -276,6 +278,8 @@ files:
   $module_utils/gconftool2.py:
     labels: gconftool2
     maintainers: russoz
+  $module_utils/gio_mime.py:
+    maintainers: russoz
   $module_utils/gitlab.py:
     keywords: gitlab source_control
     labels: gitlab
@@ -328,6 +332,9 @@ files:
   $module_utils/scaleway.py:
     labels: cloud scaleway
     maintainers: $team_scaleway
+  $module_utils/snap.py:
+    labels: snap
+    maintainers: russoz
   $module_utils/ssh.py:
     maintainers: russoz
   $module_utils/storage/hpe3par/hpe3par.py:
@@ -512,6 +519,8 @@ files:
   $modules/gem.py:
     labels: gem
     maintainers: $team_ansible_core johanwiren
+  $modules/gio_mime.py:
+    maintainers: russoz
   $modules/git_config.py:
     maintainers: djmattyg007 mgedmin
   $modules/github_:
@@ -633,6 +642,7 @@ files:
     maintainers: bregman-arie
   $modules/ipa_:
     maintainers: $team_ipa
+    ignore: fxfitz
   $modules/ipbase_info.py:
     maintainers: dominikkukacka
   $modules/ipa_pwpolicy.py:
@@ -669,7 +679,9 @@ files:
     labels: jboss
     maintainers: $team_jboss jhoekx
   $modules/jenkins_build.py:
-    maintainers: brettmilford unnecessary-username
+    maintainers: brettmilford unnecessary-username juanmcasanova
+  $modules/jenkins_build_info.py:
+    maintainers: juanmcasanova
   $modules/jenkins_job.py:
     maintainers: sermilrod
   $modules/jenkins_job_info.py:
@@ -679,9 +691,9 @@ files:
   $modules/jenkins_script.py:
     maintainers: hogarthj
   $modules/jira.py:
-    ignore: DWSR
+    ignore: DWSR tarka
     labels: jira
-    maintainers: Slezhuk tarka pertoft
+    maintainers: Slezhuk pertoft
   $modules/kdeconfig.py:
     maintainers: smeso
   $modules/kernel_blacklist.py:
@@ -696,6 +708,8 @@ files:
     maintainers: mattock
   $modules/keycloak_authz_permission.py:
     maintainers: mattock
+  $modules/keycloak_authz_custom_policy.py:
+    maintainers: mattock
   $modules/keycloak_authz_permission_info.py:
     maintainers: mattock
   $modules/keycloak_client_rolemapping.py:
@@ -716,6 +730,8 @@ files:
     maintainers: kris2kris
   $modules/keycloak_realm_info.py:
     maintainers: fynncfchen
+  $modules/keycloak_realm_key.py:
+    maintainers: mattock
   $modules/keycloak_role.py:
     maintainers: laurpaum
   $modules/keycloak_user.py:
@@ -937,7 +953,7 @@ files:
     labels: pagerduty
     maintainers: suprememoocow thaumos
   $modules/pagerduty_alert.py:
-    maintainers: ApsOps
+    maintainers: ApsOps xshen1
   $modules/pagerduty_change.py:
     maintainers: adamvaughan
   $modules/pagerduty_user.py:
@@ -980,6 +996,9 @@ files:
     maintainers: $team_solaris dermute
   $modules/pmem.py:
     maintainers: mizumm
+  $modules/pnpm.py:
+    ignore: chrishoffman
+    maintainers: aretrosen
   $modules/portage.py:
     ignore: sayap
     labels: portage
@@ -1195,6 +1214,8 @@ files:
     ignore: ryansb
   $modules/shutdown.py:
     maintainers: nitzmahone samdoran aminvakil
+  $modules/simpleinit_msb.py:
+    maintainers: vaygr
   $modules/sl_vm.py:
     maintainers: mcltn
   $modules/slack.py:
@@ -1207,7 +1228,7 @@ files:
     maintainers: $team_solaris
   $modules/snap.py:
     labels: snap
-    maintainers: angristan vcarceler
+    maintainers: angristan vcarceler russoz
   $modules/snap_alias.py:
     labels: snap
     maintainers: russoz
@@ -1413,7 +1434,7 @@ macros:
   team_gitlab: Lunik Shaps marwatk waheedi zanssa scodeman metanovii sh0shin nejch lgatellier suukit
   team_hpux: bcoca davx8342
   team_huawei: QijunPan TommyLike edisonxiang freesky-edward hwDCN niuzhenguo xuxiaowei0512 yanzhangi zengchen1024 zhongjun2
-  team_ipa: Akasurde Nosmoht fxfitz justchris1
+  team_ipa: Akasurde Nosmoht justchris1
   team_jboss: Wolfant jairojunior wbrefvem
   team_keycloak: eikef ndclt mattock
   team_linode: InTheCloudDan decentral1se displague rmcintosh Charliekenney23 LBGarber

.github/workflows/ansible-test.yml

@@ -31,6 +31,7 @@ jobs:
         ansible:
           - '2.11'
           - '2.12'
+          - '2.13'
     # Ansible-test on various stable branches does not yet work well with cgroups v2.
     # Since ubuntu-latest now uses Ubuntu 22.04, we need to fall back to the ubuntu-20.04
     # image for these stable branches. The list of branches where this is necessary will
@@ -80,6 +81,10 @@ jobs:
             python: '2.6'
           - ansible: '2.12'
             python: '3.8'
+          - ansible: '2.13'
+            python: '2.7'
+          - ansible: '2.13'
+            python: '3.8'
 
     steps:
       - name: >-
@@ -211,6 +216,48 @@ jobs:
           #   docker: default
           #   python: '3.8'
           #   target: azp/generic/1/
+          # 2.13
+          - ansible: '2.13'
+            docker: fedora35
+            python: ''
+            target: azp/posix/1/
+          - ansible: '2.13'
+            docker: fedora35
+            python: ''
+            target: azp/posix/2/
+          - ansible: '2.13'
+            docker: fedora35
+            python: ''
+            target: azp/posix/3/
+          - ansible: '2.13'
+            docker: opensuse15py2
+            python: ''
+            target: azp/posix/1/
+          - ansible: '2.13'
+            docker: opensuse15py2
+            python: ''
+            target: azp/posix/2/
+          - ansible: '2.13'
+            docker: opensuse15py2
+            python: ''
+            target: azp/posix/3/
+          - ansible: '2.13'
+            docker: alpine3
+            python: ''
+            target: azp/posix/1/
+          - ansible: '2.13'
+            docker: alpine3
+            python: ''
+            target: azp/posix/2/
+          - ansible: '2.13'
+            docker: alpine3
+            python: ''
+            target: azp/posix/3/
+          # Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
+          # - ansible: '2.13'
+          #   docker: default
+          #   python: '3.9'
+          #   target: azp/generic/1/
 
     steps:
       - name: >-

.github/workflows/codeql-analysis.yml

@@ -24,13 +24,13 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: python
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3

.github/workflows/import-galaxy.yml

@@ -0,0 +1,20 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+name: import-galaxy
+'on':
+  # Run CI against all pushes (direct commits, also merged PRs) to main, and all Pull Requests
+  push:
+    branches:
+      - main
+      - stable-*
+  pull_request:
+
+jobs:
+  import-galaxy:
+    permissions:
+      contents: read
+    name: Test to import built collection artifact with Galaxy importer
+    uses: ansible-community/github-action-test-galaxy-import/.github/workflows/test-galaxy-import.yml@main

.github/workflows/reuse.yml

@@ -22,14 +22,9 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha || '' }}
 
-      - name: Install dependencies
-        run: |
-          pip install reuse
-
-      - name: Check REUSE compliance
-        run: |
-          reuse lint
+      - name: REUSE Compliance Check
+        uses: fsfe/reuse-action@v3

CHANGELOG.md

@@ -0,0 +1,926 @@
+# Community General Release Notes
+
+**Topics**
+
+- <a href="#v7-5-6">v7\.5\.6</a>
+    - <a href="#release-summary">Release Summary</a>
+    - <a href="#security-fixes">Security Fixes</a>
+    - <a href="#bugfixes">Bugfixes</a>
+- <a href="#v7-5-5">v7\.5\.5</a>
+    - <a href="#release-summary-1">Release Summary</a>
+    - <a href="#bugfixes-1">Bugfixes</a>
+- <a href="#v7-5-4">v7\.5\.4</a>
+    - <a href="#release-summary-2">Release Summary</a>
+    - <a href="#bugfixes-2">Bugfixes</a>
+- <a href="#v7-5-3">v7\.5\.3</a>
+    - <a href="#release-summary-3">Release Summary</a>
+    - <a href="#bugfixes-3">Bugfixes</a>
+- <a href="#v7-5-2">v7\.5\.2</a>
+    - <a href="#release-summary-4">Release Summary</a>
+    - <a href="#minor-changes">Minor Changes</a>
+    - <a href="#bugfixes-4">Bugfixes</a>
+- <a href="#v7-5-1">v7\.5\.1</a>
+    - <a href="#release-summary-5">Release Summary</a>
+    - <a href="#bugfixes-5">Bugfixes</a>
+- <a href="#v7-5-0">v7\.5\.0</a>
+    - <a href="#release-summary-6">Release Summary</a>
+    - <a href="#minor-changes-1">Minor Changes</a>
+    - <a href="#deprecated-features">Deprecated Features</a>
+    - <a href="#bugfixes-6">Bugfixes</a>
+    - <a href="#new-modules">New Modules</a>
+- <a href="#v7-4-0">v7\.4\.0</a>
+    - <a href="#release-summary-7">Release Summary</a>
+    - <a href="#minor-changes-2">Minor Changes</a>
+    - <a href="#bugfixes-7">Bugfixes</a>
+    - <a href="#new-modules-1">New Modules</a>
+- <a href="#v7-3-0">v7\.3\.0</a>
+    - <a href="#release-summary-8">Release Summary</a>
+    - <a href="#minor-changes-3">Minor Changes</a>
+    - <a href="#deprecated-features-1">Deprecated Features</a>
+    - <a href="#bugfixes-8">Bugfixes</a>
+- <a href="#v7-2-1">v7\.2\.1</a>
+    - <a href="#release-summary-9">Release Summary</a>
+    - <a href="#bugfixes-9">Bugfixes</a>
+- <a href="#v7-2-0">v7\.2\.0</a>
+    - <a href="#release-summary-10">Release Summary</a>
+    - <a href="#minor-changes-4">Minor Changes</a>
+    - <a href="#deprecated-features-2">Deprecated Features</a>
+    - <a href="#bugfixes-10">Bugfixes</a>
+    - <a href="#new-plugins">New Plugins</a>
+        - <a href="#lookup">Lookup</a>
+    - <a href="#new-modules-2">New Modules</a>
+- <a href="#v7-1-0">v7\.1\.0</a>
+    - <a href="#release-summary-11">Release Summary</a>
+    - <a href="#minor-changes-5">Minor Changes</a>
+    - <a href="#deprecated-features-3">Deprecated Features</a>
+    - <a href="#bugfixes-11">Bugfixes</a>
+    - <a href="#known-issues">Known Issues</a>
+    - <a href="#new-modules-3">New Modules</a>
+- <a href="#v7-0-1">v7\.0\.1</a>
+    - <a href="#release-summary-12">Release Summary</a>
+    - <a href="#bugfixes-12">Bugfixes</a>
+- <a href="#v7-0-0">v7\.0\.0</a>
+    - <a href="#release-summary-13">Release Summary</a>
+    - <a href="#minor-changes-6">Minor Changes</a>
+    - <a href="#breaking-changes--porting-guide">Breaking Changes / Porting Guide</a>
+    - <a href="#deprecated-features-4">Deprecated Features</a>
+    - <a href="#removed-features-previously-deprecated">Removed Features \(previously deprecated\)</a>
+    - <a href="#bugfixes-13">Bugfixes</a>
+    - <a href="#new-plugins-1">New Plugins</a>
+        - <a href="#lookup-1">Lookup</a>
+    - <a href="#new-modules-4">New Modules</a>
+This changelog describes changes after version 6\.0\.0\.
+
+<a id="v7-5-6"></a>
+## v7\.5\.6
+
+<a id="release-summary"></a>
+### Release Summary
+
+Regular bugfix release with security fixes\.
+
+<a id="security-fixes"></a>
+### Security Fixes
+
+* cobbler\, gitlab\_runners\, icinga2\, linode\, lxd\, nmap\, online\, opennebula\, proxmox\, scaleway\, stackpath\_compute\, virtualbox\, and xen\_orchestra inventory plugin \- make sure all data received from the remote servers is marked as unsafe\, so remote code execution by obtaining texts that can be evaluated as templates is not possible \([https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/](https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/)\, [https\://github\.com/ansible\-collections/community\.general/pull/8098](https\://github\.com/ansible\-collections/community\.general/pull/8098)\)\.
+
+<a id="bugfixes"></a>
+### Bugfixes
+
+* aix\_filesystem \- fix issue with empty list items in crfs logic and option order \([https\://github\.com/ansible\-collections/community\.general/pull/8052](https\://github\.com/ansible\-collections/community\.general/pull/8052)\)\.
+* homebrew \- error returned from brew command was ignored and tried to parse empty JSON\. Fix now checks for an error and raises it to give accurate error message to users \([https\://github\.com/ansible\-collections/community\.general/issues/8047](https\://github\.com/ansible\-collections/community\.general/issues/8047)\)\.
+* ipa\_hbacrule \- the module uses a string for <code>ipaenabledflag</code> for new FreeIPA versions while the returned value is a boolean \([https\://github\.com/ansible\-collections/community\.general/pull/7880](https\://github\.com/ansible\-collections/community\.general/pull/7880)\)\.
+* ipa\_sudorule \- the module uses a string for <code>ipaenabledflag</code> for new FreeIPA versions while the returned value is a boolean \([https\://github\.com/ansible\-collections/community\.general/pull/7880](https\://github\.com/ansible\-collections/community\.general/pull/7880)\)\.
+* iptables\_state \- fix idempotency issues when restoring incomplete iptables dumps \([https\://github\.com/ansible\-collections/community\.general/issues/8029](https\://github\.com/ansible\-collections/community\.general/issues/8029)\)\.
+* linode inventory plugin \- add descriptive error message for linode inventory plugin \([https\://github\.com/ansible\-collections/community\.general/pull/8133](https\://github\.com/ansible\-collections/community\.general/pull/8133)\)\.
+* pacemaker\_cluster \- actually implement check mode\, which the module claims to support\. This means that until now the module also did changes in check mode \([https\://github\.com/ansible\-collections/community\.general/pull/8081](https\://github\.com/ansible\-collections/community\.general/pull/8081)\)\.
+* pam\_limits \- when the file does not exist\, do not create it in check mode \([https\://github\.com/ansible\-collections/community\.general/issues/8050](https\://github\.com/ansible\-collections/community\.general/issues/8050)\, [https\://github\.com/ansible\-collections/community\.general/pull/8057](https\://github\.com/ansible\-collections/community\.general/pull/8057)\)\.
+* proxmox\_kvm \- fixed status check getting from node\-specific API endpoint \([https\://github\.com/ansible\-collections/community\.general/issues/7817](https\://github\.com/ansible\-collections/community\.general/issues/7817)\)\.
+
+<a id="v7-5-5"></a>
+## v7\.5\.5
+
+<a id="release-summary-1"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="bugfixes-1"></a>
+### Bugfixes
+
+* cargo \- fix idempotency issues when using a custom installation path for packages \(using the <code>\-\-path</code> parameter\)\. The initial installation runs fine\, but subsequent runs use the <code>get\_installed\(\)</code> function which did not check the given installation location\, before running <code>cargo install</code>\. This resulted in a false <code>changed</code> state\. Also the removal of packeges using <code>state\: absent</code> failed\, as the installation check did not use the given parameter \([https\://github\.com/ansible\-collections/community\.general/pull/7970](https\://github\.com/ansible\-collections/community\.general/pull/7970)\)\.
+* keycloak\_client \- fixes issue when metadata is provided in desired state when task is in check mode \([https\://github\.com/ansible\-collections/community\.general/issues/1226](https\://github\.com/ansible\-collections/community\.general/issues/1226)\, [https\://github\.com/ansible\-collections/community\.general/pull/7881](https\://github\.com/ansible\-collections/community\.general/pull/7881)\)\.
+* modprobe \- listing modules files or modprobe files could trigger a FileNotFoundError if <code>/etc/modprobe\.d</code> or <code>/etc/modules\-load\.d</code> did not exist\. Relevant functions now return empty lists if the directories do not exist to avoid crashing the module \([https\://github\.com/ansible\-collections/community\.general/issues/7717](https\://github\.com/ansible\-collections/community\.general/issues/7717)\)\.
+* onepassword lookup plugin \- failed for fields that were in sections and had uppercase letters in the label/ID\. Field lookups are now case insensitive in all cases \([https\://github\.com/ansible\-collections/community\.general/pull/7919](https\://github\.com/ansible\-collections/community\.general/pull/7919)\)\.
+* pkgin \- pkgin \(pkgsrc package manager used by SmartOS\) raises erratic exceptions and spurious <code>changed\=true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7971](https\://github\.com/ansible\-collections/community\.general/pull/7971)\)\.
+* redfish\_info \- allow for a GET operation invoked by <code>GetUpdateStatus</code> to allow for an empty response body for cases where a service returns 204 No Content \([https\://github\.com/ansible\-collections/community\.general/issues/8003](https\://github\.com/ansible\-collections/community\.general/issues/8003)\)\.
+* redfish\_info \- correct uncaught exception when attempting to retrieve <code>Chassis</code> information \([https\://github\.com/ansible\-collections/community\.general/pull/7952](https\://github\.com/ansible\-collections/community\.general/pull/7952)\)\.
+
+<a id="v7-5-4"></a>
+## v7\.5\.4
+
+<a id="release-summary-2"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="bugfixes-2"></a>
+### Bugfixes
+
+* homebrew \- detect already installed formulae and casks using JSON output from <code>brew info</code> \([https\://github\.com/ansible\-collections/community\.general/issues/864](https\://github\.com/ansible\-collections/community\.general/issues/864)\)\.
+* ipa\_otptoken \- the module expect <code>ipatokendisabled</code> as string but the <code>ipatokendisabled</code> value is returned as a boolean \([https\://github\.com/ansible\-collections/community\.general/pull/7795](https\://github\.com/ansible\-collections/community\.general/pull/7795)\)\.
+* ldap \- previously the order number \(if present\) was expected to follow an equals sign in the DN\. This makes it so the order number string is identified correctly anywhere within the DN \([https\://github\.com/ansible\-collections/community\.general/issues/7646](https\://github\.com/ansible\-collections/community\.general/issues/7646)\)\.
+* mssql\_script \- make the module work with Python 2 \([https\://github\.com/ansible\-collections/community\.general/issues/7818](https\://github\.com/ansible\-collections/community\.general/issues/7818)\, [https\://github\.com/ansible\-collections/community\.general/pull/7821](https\://github\.com/ansible\-collections/community\.general/pull/7821)\)\.
+* nmcli \- fix <code>connection\.slave\-type</code> wired to <code>bond</code> and not with parameter <code>slave\_type</code> in case of connection type <code>wifi</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7389](https\://github\.com/ansible\-collections/community\.general/issues/7389)\)\.
+
+<a id="v7-5-3"></a>
+## v7\.5\.3
+
+<a id="release-summary-3"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="bugfixes-3"></a>
+### Bugfixes
+
+* keycloak\_identity\_provider \- <code>mappers</code> processing was not idempotent if the mappers configuration list had not been sorted by name \(in ascending order\)\. Fix resolves the issue by sorting mappers in the desired state using the same key which is used for obtaining existing state \([https\://github\.com/ansible\-collections/community\.general/pull/7418](https\://github\.com/ansible\-collections/community\.general/pull/7418)\)\.
+* keycloak\_identity\_provider \- it was not possible to reconfigure \(add\, remove\) <code>mappers</code> once they were created initially\. Removal was ignored\, adding new ones resulted in dropping the pre\-existing unmodified mappers\. Fix resolves the issue by supplying correct input to the internal update call \([https\://github\.com/ansible\-collections/community\.general/pull/7418](https\://github\.com/ansible\-collections/community\.general/pull/7418)\)\.
+* keycloak\_user \- when <code>force</code> is set\, but user does not exist\, do not try to delete it \([https\://github\.com/ansible\-collections/community\.general/pull/7696](https\://github\.com/ansible\-collections/community\.general/pull/7696)\)\.
+* statusio\_maintenance \- fix error caused by incorrectly formed API data payload\. Was raising \"Failed to create maintenance HTTP Error 400 Bad Request\" caused by bad data type for date/time and deprecated dict keys \([https\://github\.com/ansible\-collections/community\.general/pull/7754](https\://github\.com/ansible\-collections/community\.general/pull/7754)\)\.
+
+<a id="v7-5-2"></a>
+## v7\.5\.2
+
+<a id="release-summary-4"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="minor-changes"></a>
+### Minor Changes
+
+* elastic callback plugin \- close elastic client to not leak resources \([https\://github\.com/ansible\-collections/community\.general/pull/7517](https\://github\.com/ansible\-collections/community\.general/pull/7517)\)\.
+
+<a id="bugfixes-4"></a>
+### Bugfixes
+
+* cloudflare\_dns \- fix Cloudflare lookup of SHFP records \([https\://github\.com/ansible\-collections/community\.general/issues/7652](https\://github\.com/ansible\-collections/community\.general/issues/7652)\)\.
+* interface\_files \- also consider <code>address\_family</code> when changing <code>option\=method</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7610](https\://github\.com/ansible\-collections/community\.general/issues/7610)\, [https\://github\.com/ansible\-collections/community\.general/pull/7612](https\://github\.com/ansible\-collections/community\.general/pull/7612)\)\.
+* irc \- replace <code>ssl\.wrap\_socket</code> that was removed from Python 3\.12 with code for creating a proper SSL context \([https\://github\.com/ansible\-collections/community\.general/pull/7542](https\://github\.com/ansible\-collections/community\.general/pull/7542)\)\.
+* keycloak\_\* \- fix Keycloak API client to quote <code>/</code> properly \([https\://github\.com/ansible\-collections/community\.general/pull/7641](https\://github\.com/ansible\-collections/community\.general/pull/7641)\)\.
+* keycloak\_authz\_permission \- resource payload variable for scope\-based permission was constructed as a string\, when it needs to be a list\, even for a single item \([https\://github\.com/ansible\-collections/community\.general/issues/7151](https\://github\.com/ansible\-collections/community\.general/issues/7151)\)\.
+* log\_entries callback plugin \- replace <code>ssl\.wrap\_socket</code> that was removed from Python 3\.12 with code for creating a proper SSL context \([https\://github\.com/ansible\-collections/community\.general/pull/7542](https\://github\.com/ansible\-collections/community\.general/pull/7542)\)\.
+* lvol \- test for output messages in both <code>stdout</code> and <code>stderr</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7601](https\://github\.com/ansible\-collections/community\.general/pull/7601)\, [https\://github\.com/ansible\-collections/community\.general/issues/7182](https\://github\.com/ansible\-collections/community\.general/issues/7182)\)\.
+* ocapi\_utils\, oci\_utils\, redfish\_utils module utils \- replace <code>type\(\)</code> calls with <code>isinstance\(\)</code> calls \([https\://github\.com/ansible\-collections/community\.general/pull/7501](https\://github\.com/ansible\-collections/community\.general/pull/7501)\)\.
+* onepassword lookup plugin \- field and section titles are now case insensitive when using op CLI version two or later\. This matches the behavior of version one \([https\://github\.com/ansible\-collections/community\.general/pull/7564](https\://github\.com/ansible\-collections/community\.general/pull/7564)\)\.
+* pipx module utils \- change the CLI argument formatter for the <code>pip\_args</code> parameter \([https\://github\.com/ansible\-collections/community\.general/issues/7497](https\://github\.com/ansible\-collections/community\.general/issues/7497)\, [https\://github\.com/ansible\-collections/community\.general/pull/7506](https\://github\.com/ansible\-collections/community\.general/pull/7506)\)\.
+* redhat\_subscription \- use the D\-Bus registration on RHEL 7 only on 7\.4 and
+  greater\; older versions of RHEL 7 do not have it
+  \([https\://github\.com/ansible\-collections/community\.general/issues/7622](https\://github\.com/ansible\-collections/community\.general/issues/7622)\,
+  [https\://github\.com/ansible\-collections/community\.general/pull/7624](https\://github\.com/ansible\-collections/community\.general/pull/7624)\)\.
+* terraform \- fix multiline string handling in complex variables \([https\://github\.com/ansible\-collections/community\.general/pull/7535](https\://github\.com/ansible\-collections/community\.general/pull/7535)\)\.
+
+<a id="v7-5-1"></a>
+## v7\.5\.1
+
+<a id="release-summary-5"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="bugfixes-5"></a>
+### Bugfixes
+
+* composer \- fix impossible to run <code>working\_dir</code> dependent commands\. The module was throwing an error when trying to run a <code>working\_dir</code> dependent command\, because it tried to get the command help without passing the <code>working\_dir</code> \([https\://github\.com/ansible\-collections/community\.general/issues/3787](https\://github\.com/ansible\-collections/community\.general/issues/3787)\)\.
+* github\_deploy\_key \- fix pagination behaviour causing a crash when only a single page of deploy keys exist \([https\://github\.com/ansible\-collections/community\.general/pull/7375](https\://github\.com/ansible\-collections/community\.general/pull/7375)\)\.
+* gitlab\_group\_members \- fix gitlab constants call in <code>gitlab\_group\_members</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
+* gitlab\_project\_members \- fix gitlab constants call in <code>gitlab\_project\_members</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
+* gitlab\_protected\_branches \- fix gitlab constants call in <code>gitlab\_protected\_branches</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
+* gitlab\_user \- fix gitlab constants call in <code>gitlab\_user</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
+* kernel\_blacklist \- simplified the mechanism to update the file\, fixing the error \([https\://github\.com/ansible\-collections/community\.general/pull/7382](https\://github\.com/ansible\-collections/community\.general/pull/7382)\, [https\://github\.com/ansible\-collections/community\.general/issues/7362](https\://github\.com/ansible\-collections/community\.general/issues/7362)\)\.
+* memset module utils \- make compatible with ansible\-core 2\.17 \([https\://github\.com/ansible\-collections/community\.general/pull/7379](https\://github\.com/ansible\-collections/community\.general/pull/7379)\)\.
+* proxmox\_pool\_member \- absent state for type VM did not delete VMs from the pools \([https\://github\.com/ansible\-collections/community\.general/pull/7464](https\://github\.com/ansible\-collections/community\.general/pull/7464)\)\.
+* redfish\_command \- fix usage of message parsing in <code>SimpleUpdate</code> and <code>MultipartHTTPPushUpdate</code> commands to treat the lack of a <code>MessageId</code> as no message \([https\://github\.com/ansible\-collections/community\.general/issues/7465](https\://github\.com/ansible\-collections/community\.general/issues/7465)\, [https\://github\.com/ansible\-collections/community\.general/pull/7471](https\://github\.com/ansible\-collections/community\.general/pull/7471)\)\.
+* redhat\_subscription \- use the right D\-Bus options for the consumer type when
+  registering a RHEL system older than 9 or a RHEL 9 system older than 9\.2
+  and using <code>consumer\_type</code>
+  \([https\://github\.com/ansible\-collections/community\.general/pull/7378](https\://github\.com/ansible\-collections/community\.general/pull/7378)\)\.
+* selective callback plugin \- fix length of task name lines in output always being 3 characters longer than desired \([https\://github\.com/ansible\-collections/community\.general/pull/7374](https\://github\.com/ansible\-collections/community\.general/pull/7374)\)\.
+
+<a id="v7-5-0"></a>
+## v7\.5\.0
+
+<a id="release-summary-6"></a>
+### Release Summary
+
+Regular bugfix and feature release\.
+
+Please note that this is the last minor 7\.x\.0 release\. Further releases
+with major version 7 will be bugfix releases 7\.5\.y\.
+
+<a id="minor-changes-1"></a>
+### Minor Changes
+
+* cargo \- add option <code>executable</code>\, which allows user to specify path to the cargo binary \([https\://github\.com/ansible\-collections/community\.general/pull/7352](https\://github\.com/ansible\-collections/community\.general/pull/7352)\)\.
+* cargo \- add option <code>locked</code> which allows user to specify install the locked version of dependency instead of latest compatible version \([https\://github\.com/ansible\-collections/community\.general/pull/6134](https\://github\.com/ansible\-collections/community\.general/pull/6134)\)\.
+* dig lookup plugin \- add TCP option to enable the use of TCP connection during DNS lookup \([https\://github\.com/ansible\-collections/community\.general/pull/7343](https\://github\.com/ansible\-collections/community\.general/pull/7343)\)\.
+* gitlab\_group \- add option <code>force\_delete</code> \(default\: false\) which allows delete group even if projects exists in it \([https\://github\.com/ansible\-collections/community\.general/pull/7364](https\://github\.com/ansible\-collections/community\.general/pull/7364)\)\.
+* ini\_file \- add <code>ignore\_spaces</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/7273](https\://github\.com/ansible\-collections/community\.general/pull/7273)\)\.
+* newrelic\_deployment \- add option <code>app\_name\_exact\_match</code>\, which filters results for the exact app\_name provided \([https\://github\.com/ansible\-collections/community\.general/pull/7355](https\://github\.com/ansible\-collections/community\.general/pull/7355)\)\.
+* onepassword lookup plugin \- introduce <code>account\_id</code> option which allows specifying which account to use \([https\://github\.com/ansible\-collections/community\.general/pull/7308](https\://github\.com/ansible\-collections/community\.general/pull/7308)\)\.
+* onepassword\_raw lookup plugin \- introduce <code>account\_id</code> option which allows specifying which account to use \([https\://github\.com/ansible\-collections/community\.general/pull/7308](https\://github\.com/ansible\-collections/community\.general/pull/7308)\)\.
+* parted \- on resize\, use <code>\-\-fix</code> option if available \([https\://github\.com/ansible\-collections/community\.general/pull/7304](https\://github\.com/ansible\-collections/community\.general/pull/7304)\)\.
+* pnpm \- set correct version when state is latest or version is not mentioned\. Resolves previous idempotency problem \([https\://github\.com/ansible\-collections/community\.general/pull/7339](https\://github\.com/ansible\-collections/community\.general/pull/7339)\)\.
+* proxmox \- add <code>vmid</code> \(and <code>taskid</code> when possible\) to return values \([https\://github\.com/ansible\-collections/community\.general/pull/7263](https\://github\.com/ansible\-collections/community\.general/pull/7263)\)\.
+* random\_string \- added new <code>ignore\_similar\_chars</code> and <code>similar\_chars</code> option to ignore certain chars \([https\://github\.com/ansible\-collections/community\.general/pull/7242](https\://github\.com/ansible\-collections/community\.general/pull/7242)\)\.
+* redfish\_command \- add new option <code>update\_oem\_params</code> for the <code>MultipartHTTPPushUpdate</code> command \([https\://github\.com/ansible\-collections/community\.general/issues/7331](https\://github\.com/ansible\-collections/community\.general/issues/7331)\)\.
+* redfish\_config \- add <code>CreateVolume</code> command to allow creation of volumes on servers \([https\://github\.com/ansible\-collections/community\.general/pull/6813](https\://github\.com/ansible\-collections/community\.general/pull/6813)\)\.
+* redfish\_config \- adding <code>SetSecureBoot</code> command \([https\://github\.com/ansible\-collections/community\.general/pull/7129](https\://github\.com/ansible\-collections/community\.general/pull/7129)\)\.
+* redfish\_info \- add support for <code>GetBiosRegistries</code> command \([https\://github\.com/ansible\-collections/community\.general/pull/7144](https\://github\.com/ansible\-collections/community\.general/pull/7144)\)\.
+* redfish\_info \- adds <code>LinkStatus</code> to NIC inventory \([https\://github\.com/ansible\-collections/community\.general/pull/7318](https\://github\.com/ansible\-collections/community\.general/pull/7318)\)\.
+* redis\_info \- refactor the redis\_info module to use the redis module\_utils enabling to pass TLS parameters to the Redis client \([https\://github\.com/ansible\-collections/community\.general/pull/7267](https\://github\.com/ansible\-collections/community\.general/pull/7267)\)\.
+* supervisorctl \- allow to stop matching running processes before removing them with <code>stop\_before\_removing\=true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7284](https\://github\.com/ansible\-collections/community\.general/pull/7284)\)\.
+
+<a id="deprecated-features"></a>
+### Deprecated Features
+
+* The next major release\, community\.general 8\.0\.0\, will drop support for ansible\-core 2\.11 and 2\.12\, which have been End of Life for some time now\. This means that this collection no longer supports Python 2\.6 on the target\. Individual content might still work with unsupported ansible\-core versions\, but that can change at any time\. Also please note that from now on\, for every new major community\.general release\, we will drop support for all ansible\-core versions that have been End of Life for more than a few weeks on the date of the major release \([https\://github\.com/ansible\-community/community\-topics/discussions/271](https\://github\.com/ansible\-community/community\-topics/discussions/271)\, [https\://github\.com/ansible\-collections/community\.general/pull/7259](https\://github\.com/ansible\-collections/community\.general/pull/7259)\)\.
+* redfish\_info\, redfish\_config\, redfish\_command \- the default value <code>10</code> for the <code>timeout</code> option is deprecated and will change to <code>60</code> in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/7295](https\://github\.com/ansible\-collections/community\.general/pull/7295)\)\.
+
+<a id="bugfixes-6"></a>
+### Bugfixes
+
+* gitlab\_group\_variable \- deleted all variables when used with <code>purge\=true</code> due to missing <code>raw</code> property in KNOWN attributes \([https\://github\.com/ansible\-collections/community\.general/issues/7250](https\://github\.com/ansible\-collections/community\.general/issues/7250)\)\.
+* gitlab\_project\_variable \- deleted all variables when used with <code>purge\=true</code> due to missing <code>raw</code> property in KNOWN attributes \([https\://github\.com/ansible\-collections/community\.general/issues/7250](https\://github\.com/ansible\-collections/community\.general/issues/7250)\)\.
+* ldap\_search \- fix string normalization and the <code>base64\_attributes</code> option on Python 3 \([https\://github\.com/ansible\-collections/community\.general/issues/5704](https\://github\.com/ansible\-collections/community\.general/issues/5704)\, [https\://github\.com/ansible\-collections/community\.general/pull/7264](https\://github\.com/ansible\-collections/community\.general/pull/7264)\)\.
+* lxc connection plugin \- properly evaluate options \([https\://github\.com/ansible\-collections/community\.general/pull/7369](https\://github\.com/ansible\-collections/community\.general/pull/7369)\)\.
+* mail \- skip headers containing equals characters due to missing <code>maxsplit</code> on header key/value parsing \([https\://github\.com/ansible\-collections/community\.general/pull/7303](https\://github\.com/ansible\-collections/community\.general/pull/7303)\)\.
+* nmap inventory plugin \- fix <code>get\_option</code> calls \([https\://github\.com/ansible\-collections/community\.general/pull/7323](https\://github\.com/ansible\-collections/community\.general/pull/7323)\)\.
+* onepassword \- fix KeyError exception when trying to access value of a field that is not filled out in OnePassword item \([https\://github\.com/ansible\-collections/community\.general/pull/7241](https\://github\.com/ansible\-collections/community\.general/pull/7241)\)\.
+* snap \- change the change detection mechanism from \"parsing installation\" to \"comparing end state with initial state\" \([https\://github\.com/ansible\-collections/community\.general/pull/7340](https\://github\.com/ansible\-collections/community\.general/pull/7340)\, [https\://github\.com/ansible\-collections/community\.general/issues/7265](https\://github\.com/ansible\-collections/community\.general/issues/7265)\)\.
+* terraform \- prevents <code>\-backend\-config</code> option double encapsulating with <code>shlex\_quote</code> function\. \([https\://github\.com/ansible\-collections/community\.general/pull/7301](https\://github\.com/ansible\-collections/community\.general/pull/7301)\)\.
+
+<a id="new-modules"></a>
+### New Modules
+
+* consul\_role \- Manipulate Consul roles
+* gio\_mime \- Set default handler for MIME type\, for applications using Gnome GIO
+* keycloak\_authz\_custom\_policy \- Allows administration of Keycloak client custom Javascript policies via Keycloak API
+* keycloak\_realm\_key \- Allows administration of Keycloak realm keys via Keycloak API
+* simpleinit\_msb \- Manage services on Source Mage GNU/Linux
+
+<a id="v7-4-0"></a>
+## v7\.4\.0
+
+<a id="release-summary-7"></a>
+### Release Summary
+
+Bugfix and feature release\.
+
+<a id="minor-changes-2"></a>
+### Minor Changes
+
+* cobbler inventory plugin \- add <code>exclude\_mgmt\_classes</code> and <code>include\_mgmt\_classes</code> options to exclude or include hosts based on management classes \([https\://github\.com/ansible\-collections/community\.general/pull/7184](https\://github\.com/ansible\-collections/community\.general/pull/7184)\)\.
+* cpanm \- minor refactor when creating the <code>CmdRunner</code> object \([https\://github\.com/ansible\-collections/community\.general/pull/7231](https\://github\.com/ansible\-collections/community\.general/pull/7231)\)\.
+* gitlab\_group\_variable \- add support for <code>raw</code> variables suboption \([https\://github\.com/ansible\-collections/community\.general/pull/7132](https\://github\.com/ansible\-collections/community\.general/pull/7132)\)\.
+* gitlab\_project\_variable \- add support for <code>raw</code> variables suboption \([https\://github\.com/ansible\-collections/community\.general/pull/7132](https\://github\.com/ansible\-collections/community\.general/pull/7132)\)\.
+* jenkins\_build \- add new <code>detach</code> option\, which allows the module to exit successfully as long as the build is created \(default functionality is still waiting for the build to end before exiting\) \([https\://github\.com/ansible\-collections/community\.general/pull/7204](https\://github\.com/ansible\-collections/community\.general/pull/7204)\)\.
+* jenkins\_build \- add new <code>time\_between\_checks</code> option\, which allows to configure the wait time between requests to the Jenkins server \([https\://github\.com/ansible\-collections/community\.general/pull/7204](https\://github\.com/ansible\-collections/community\.general/pull/7204)\)\.
+* make \- allows <code>params</code> to be used without value \([https\://github\.com/ansible\-collections/community\.general/pull/7180](https\://github\.com/ansible\-collections/community\.general/pull/7180)\)\.
+* nmap inventory plugin \- now has a <code>use\_arp\_ping</code> option to allow the user to disable the default ARP ping query for a more reliable form \([https\://github\.com/ansible\-collections/community\.general/pull/7119](https\://github\.com/ansible\-collections/community\.general/pull/7119)\)\.
+* pagerduty \- adds in option to use v2 API for creating pagerduty incidents \([https\://github\.com/ansible\-collections/community\.general/issues/6151](https\://github\.com/ansible\-collections/community\.general/issues/6151)\)
+* pritunl module utils \- ensure <code>validate\_certs</code> parameter is honoured in all methods \([https\://github\.com/ansible\-collections/community\.general/pull/7156](https\://github\.com/ansible\-collections/community\.general/pull/7156)\)\.
+* redfish\_info \- report <code>Id</code> in the output of <code>GetManagerInventory</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7140](https\://github\.com/ansible\-collections/community\.general/pull/7140)\)\.
+* redfish\_utils module utils \- support <code>Volumes</code> in response for <code>GetDiskInventory</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6819](https\://github\.com/ansible\-collections/community\.general/pull/6819)\)\.
+* unixy callback plugin \- add support for <code>check\_mode\_markers</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/7179](https\://github\.com/ansible\-collections/community\.general/pull/7179)\)\.
+
+<a id="bugfixes-7"></a>
+### Bugfixes
+
+* CmdRunner module utils \- does not attempt to resolve path if executable is a relative or absolute path \([https\://github\.com/ansible\-collections/community\.general/pull/7200](https\://github\.com/ansible\-collections/community\.general/pull/7200)\)\.
+* nmap inventory plugin \- now uses <code>get\_option</code> in all cases to get its configuration information \([https\://github\.com/ansible\-collections/community\.general/pull/7119](https\://github\.com/ansible\-collections/community\.general/pull/7119)\)\.
+* nsupdate \- fix a possible <code>list index out of range</code> exception \([https\://github\.com/ansible\-collections/community\.general/issues/836](https\://github\.com/ansible\-collections/community\.general/issues/836)\)\.
+* oci\_utils module util \- fix inappropriate logical comparison expressions and makes them simpler\. The previous checks had logical short circuits \([https\://github\.com/ansible\-collections/community\.general/pull/7125](https\://github\.com/ansible\-collections/community\.general/pull/7125)\)\.
+* pritunl module utils \- fix incorrect URL parameter for orgnization add method \([https\://github\.com/ansible\-collections/community\.general/pull/7161](https\://github\.com/ansible\-collections/community\.general/pull/7161)\)\.
+* snap \- an exception was being raised when snap list was empty \([https\://github\.com/ansible\-collections/community\.general/pull/7124](https\://github\.com/ansible\-collections/community\.general/pull/7124)\, [https\://github\.com/ansible\-collections/community\.general/issues/7120](https\://github\.com/ansible\-collections/community\.general/issues/7120)\)\.
+
+<a id="new-modules-1"></a>
+### New Modules
+
+* jenkins\_build\_info \- Get information about Jenkins builds
+* pnpm \- Manage node\.js packages with pnpm
+
+<a id="v7-3-0"></a>
+## v7\.3\.0
+
+<a id="release-summary-8"></a>
+### Release Summary
+
+Feature and bugfix release\.
+
+<a id="minor-changes-3"></a>
+### Minor Changes
+
+* chroot connection plugin \- add <code>disable\_root\_check</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/7099](https\://github\.com/ansible\-collections/community\.general/pull/7099)\)\.
+* ejabberd\_user \- module now using <code>CmdRunner</code> to execute external command \([https\://github\.com/ansible\-collections/community\.general/pull/7075](https\://github\.com/ansible\-collections/community\.general/pull/7075)\)\.
+* ipa\_config \- add module parameters to manage FreeIPA user and group objectclasses \([https\://github\.com/ansible\-collections/community\.general/pull/7019](https\://github\.com/ansible\-collections/community\.general/pull/7019)\)\.
+* ipa\_config \- adds <code>idp</code> choice to <code>ipauserauthtype</code> parameter\'s choices \([https\://github\.com/ansible\-collections/community\.general/pull/7051](https\://github\.com/ansible\-collections/community\.general/pull/7051)\)\.
+* npm \- module now using <code>CmdRunner</code> to execute external commands \([https\://github\.com/ansible\-collections/community\.general/pull/6989](https\://github\.com/ansible\-collections/community\.general/pull/6989)\)\.
+* proxmox\_kvm \- enabled force restart of VM\, bringing the <code>force</code> parameter functionality in line with what is described in the docs \([https\://github\.com/ansible\-collections/community\.general/pull/6914](https\://github\.com/ansible\-collections/community\.general/pull/6914)\)\.
+* proxmox\_vm\_info \- <code>node</code> parameter is no longer required\. Information can be obtained for the whole cluster \([https\://github\.com/ansible\-collections/community\.general/pull/6976](https\://github\.com/ansible\-collections/community\.general/pull/6976)\)\.
+* proxmox\_vm\_info \- non\-existing provided by name/vmid VM would return empty results instead of failing \([https\://github\.com/ansible\-collections/community\.general/pull/7049](https\://github\.com/ansible\-collections/community\.general/pull/7049)\)\.
+* redfish\_config \- add <code>DeleteAllVolumes</code> command to allow deletion of all volumes on servers \([https\://github\.com/ansible\-collections/community\.general/pull/6814](https\://github\.com/ansible\-collections/community\.general/pull/6814)\)\.
+* redfish\_utils \- use <code>Controllers</code> key in redfish data to obtain Storage controllers properties \([https\://github\.com/ansible\-collections/community\.general/pull/7081](https\://github\.com/ansible\-collections/community\.general/pull/7081)\)\.
+* redfish\_utils module utils \- add support for <code>PowerCycle</code> reset type for <code>redfish\_command</code> responses feature \([https\://github\.com/ansible\-collections/community\.general/issues/7083](https\://github\.com/ansible\-collections/community\.general/issues/7083)\)\.
+* redfish\_utils module utils \- add support for following <code>\@odata\.nextLink</code> pagination in <code>software\_inventory</code> responses feature \([https\://github\.com/ansible\-collections/community\.general/pull/7020](https\://github\.com/ansible\-collections/community\.general/pull/7020)\)\.
+* shutdown \- use <code>shutdown \-p \.\.\.</code> with FreeBSD to halt and power off machine \([https\://github\.com/ansible\-collections/community\.general/pull/7102](https\://github\.com/ansible\-collections/community\.general/pull/7102)\)\.
+* sorcery \- add grimoire \(repository\) management support \([https\://github\.com/ansible\-collections/community\.general/pull/7012](https\://github\.com/ansible\-collections/community\.general/pull/7012)\)\.
+
+<a id="deprecated-features-1"></a>
+### Deprecated Features
+
+* ejabberd\_user \- deprecate the parameter <code>logging</code> in favour of producing more detailed information in the module output \([https\://github\.com/ansible\-collections/community\.general/pull/7043](https\://github\.com/ansible\-collections/community\.general/pull/7043)\)\.
+
+<a id="bugfixes-8"></a>
+### Bugfixes
+
+* bitwarden lookup plugin \- the plugin made assumptions about the structure of a Bitwarden JSON object which may have been broken by an update in the Bitwarden API\. Remove assumptions\, and allow queries for general fields such as <code>notes</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7061](https\://github\.com/ansible\-collections/community\.general/pull/7061)\)\.
+* ejabberd\_user \- module was failing to detect whether user was already created and/or password was changed \([https\://github\.com/ansible\-collections/community\.general/pull/7033](https\://github\.com/ansible\-collections/community\.general/pull/7033)\)\.
+* keycloak module util \- fix missing <code>http\_agent</code>\, <code>timeout</code>\, and <code>validate\_certs</code> <code>open\_url\(\)</code> parameters \([https\://github\.com/ansible\-collections/community\.general/pull/7067](https\://github\.com/ansible\-collections/community\.general/pull/7067)\)\.
+* keycloak\_client inventory plugin \- fix missing client secret \([https\://github\.com/ansible\-collections/community\.general/pull/6931](https\://github\.com/ansible\-collections/community\.general/pull/6931)\)\.
+* lvol \- add support for percentage of origin size specification when creating snapshot volumes \([https\://github\.com/ansible\-collections/community\.general/issues/1630](https\://github\.com/ansible\-collections/community\.general/issues/1630)\, [https\://github\.com/ansible\-collections/community\.general/pull/7053](https\://github\.com/ansible\-collections/community\.general/pull/7053)\)\.
+* lxc connection plugin \- now handles <code>remote\_addr</code> defaulting to <code>inventory\_hostname</code> correctly \([https\://github\.com/ansible\-collections/community\.general/pull/7104](https\://github\.com/ansible\-collections/community\.general/pull/7104)\)\.
+* oci\_utils module utils \- avoid direct type comparisons \([https\://github\.com/ansible\-collections/community\.general/pull/7085](https\://github\.com/ansible\-collections/community\.general/pull/7085)\)\.
+* proxmox\_user\_info \- avoid direct type comparisons \([https\://github\.com/ansible\-collections/community\.general/pull/7085](https\://github\.com/ansible\-collections/community\.general/pull/7085)\)\.
+* snap \- fix crash when multiple snaps are specified and one has <code>\-\-\-</code> in its description \([https\://github\.com/ansible\-collections/community\.general/pull/7046](https\://github\.com/ansible\-collections/community\.general/pull/7046)\)\.
+* sorcery \- fix interruption of the multi\-stage process \([https\://github\.com/ansible\-collections/community\.general/pull/7012](https\://github\.com/ansible\-collections/community\.general/pull/7012)\)\.
+* sorcery \- fix queue generation before the whole system rebuild \([https\://github\.com/ansible\-collections/community\.general/pull/7012](https\://github\.com/ansible\-collections/community\.general/pull/7012)\)\.
+* sorcery \- latest state no longer triggers update\_cache \([https\://github\.com/ansible\-collections/community\.general/pull/7012](https\://github\.com/ansible\-collections/community\.general/pull/7012)\)\.
+
+<a id="v7-2-1"></a>
+## v7\.2\.1
+
+<a id="release-summary-9"></a>
+### Release Summary
+
+Bugfix release\.
+
+<a id="bugfixes-9"></a>
+### Bugfixes
+
+* cmd\_runner module utils \- when a parameter in <code>argument\_spec</code> has no type\, meaning it is implicitly a <code>str</code>\, <code>CmdRunner</code> would fail trying to find the <code>type</code> key in that dictionary \([https\://github\.com/ansible\-collections/community\.general/pull/6968](https\://github\.com/ansible\-collections/community\.general/pull/6968)\)\.
+* ejabberd\_user \- provide meaningful error message when the <code>ejabberdctl</code> command is not found \([https\://github\.com/ansible\-collections/community\.general/pull/7028](https\://github\.com/ansible\-collections/community\.general/pull/7028)\, [https\://github\.com/ansible\-collections/community\.general/issues/6949](https\://github\.com/ansible\-collections/community\.general/issues/6949)\)\.
+* proxmox module utils \- fix proxmoxer library version check \([https\://github\.com/ansible\-collections/community\.general/issues/6974](https\://github\.com/ansible\-collections/community\.general/issues/6974)\, [https\://github\.com/ansible\-collections/community\.general/issues/6975](https\://github\.com/ansible\-collections/community\.general/issues/6975)\, [https\://github\.com/ansible\-collections/community\.general/pull/6980](https\://github\.com/ansible\-collections/community\.general/pull/6980)\)\.
+* proxmox\_kvm \- when <code>name</code> option is provided without <code>vmid</code> and VM with that name already exists then no new VM will be created \([https\://github\.com/ansible\-collections/community\.general/issues/6911](https\://github\.com/ansible\-collections/community\.general/issues/6911)\, [https\://github\.com/ansible\-collections/community\.general/pull/6981](https\://github\.com/ansible\-collections/community\.general/pull/6981)\)\.
+* rundeck \- fix <code>TypeError</code> on 404 API response \([https\://github\.com/ansible\-collections/community\.general/pull/6983](https\://github\.com/ansible\-collections/community\.general/pull/6983)\)\.
+
+<a id="v7-2-0"></a>
+## v7\.2\.0
+
+<a id="release-summary-10"></a>
+### Release Summary
+
+Regular bugfix and feature release\.
+
+<a id="minor-changes-4"></a>
+### Minor Changes
+
+* cobbler inventory plugin \- convert Ansible unicode strings to native Python unicode strings before passing user/password to XMLRPC client \([https\://github\.com/ansible\-collections/community\.general/pull/6923](https\://github\.com/ansible\-collections/community\.general/pull/6923)\)\.
+* consul\_session \- drops requirement for the <code>python\-consul</code> library to communicate with the Consul API\, instead relying on the existing <code>requests</code> library requirement \([https\://github\.com/ansible\-collections/community\.general/pull/6755](https\://github\.com/ansible\-collections/community\.general/pull/6755)\)\.
+* gitlab\_project\_variable \- minor refactor removing unnecessary code statements \([https\://github\.com/ansible\-collections/community\.general/pull/6928](https\://github\.com/ansible\-collections/community\.general/pull/6928)\)\.
+* gitlab\_runner \- minor refactor removing unnecessary code statements \([https\://github\.com/ansible\-collections/community\.general/pull/6927](https\://github\.com/ansible\-collections/community\.general/pull/6927)\)\.
+* htpasswd \- the parameter <code>crypt\_scheme</code> is being renamed as <code>hash\_scheme</code> and added as an alias to it \([https\://github\.com/ansible\-collections/community\.general/pull/6841](https\://github\.com/ansible\-collections/community\.general/pull/6841)\)\.
+* keycloak\_authentication \- added provider ID choices\, since Keycloak supports only those two specific ones \([https\://github\.com/ansible\-collections/community\.general/pull/6763](https\://github\.com/ansible\-collections/community\.general/pull/6763)\)\.
+* keyring \- minor refactor removing unnecessary code statements \([https\://github\.com/ansible\-collections/community\.general/pull/6927](https\://github\.com/ansible\-collections/community\.general/pull/6927)\)\.
+* locale\_gen \- module has been refactored to use <code>ModuleHelper</code> and <code>CmdRunner</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6903](https\://github\.com/ansible\-collections/community\.general/pull/6903)\)\.
+* locale\_gen \- module now using <code>CmdRunner</code> to execute external commands \([https\://github\.com/ansible\-collections/community\.general/pull/6820](https\://github\.com/ansible\-collections/community\.general/pull/6820)\)\.
+* make \- add new <code>targets</code> parameter allowing multiple targets to be used with <code>make</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6882](https\://github\.com/ansible\-collections/community\.general/pull/6882)\, [https\://github\.com/ansible\-collections/community\.general/issues/4919](https\://github\.com/ansible\-collections/community\.general/issues/4919)\)\.
+* nmcli \- add support for <code>ipv4\.dns\-options</code> and <code>ipv6\.dns\-options</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6902](https\://github\.com/ansible\-collections/community\.general/pull/6902)\)\.
+* npm \- minor improvement on parameter validation \([https\://github\.com/ansible\-collections/community\.general/pull/6848](https\://github\.com/ansible\-collections/community\.general/pull/6848)\)\.
+* opkg \- add <code>executable</code> parameter allowing to specify the path of the <code>opkg</code> command \([https\://github\.com/ansible\-collections/community\.general/pull/6862](https\://github\.com/ansible\-collections/community\.general/pull/6862)\)\.
+* pubnub\_blocks \- minor refactor removing unnecessary code statements \([https\://github\.com/ansible\-collections/community\.general/pull/6928](https\://github\.com/ansible\-collections/community\.general/pull/6928)\)\.
+* redfish\_command \- add <code>account\_types</code> and <code>oem\_account\_types</code> as optional inputs to <code>AddUser</code> \([https\://github\.com/ansible\-collections/community\.general/issues/6823](https\://github\.com/ansible\-collections/community\.general/issues/6823)\, [https\://github\.com/ansible\-collections/community\.general/pull/6871](https\://github\.com/ansible\-collections/community\.general/pull/6871)\)\.
+* redfish\_info \- add <code>AccountTypes</code> and <code>OEMAccountTypes</code> to the output of <code>ListUsers</code> \([https\://github\.com/ansible\-collections/community\.general/issues/6823](https\://github\.com/ansible\-collections/community\.general/issues/6823)\, [https\://github\.com/ansible\-collections/community\.general/pull/6871](https\://github\.com/ansible\-collections/community\.general/pull/6871)\)\.
+* redfish\_info \- adds <code>ProcessorArchitecture</code> to CPU inventory \([https\://github\.com/ansible\-collections/community\.general/pull/6864](https\://github\.com/ansible\-collections/community\.general/pull/6864)\)\.
+* redfish\_info \- fix for <code>GetVolumeInventory</code>\, Controller name was getting populated incorrectly and duplicates were seen in the volumes retrieved \([https\://github\.com/ansible\-collections/community\.general/pull/6719](https\://github\.com/ansible\-collections/community\.general/pull/6719)\)\.
+* rhsm\_repository \- the interaction with <code>subscription\-manager</code> was
+  refactored by grouping things together\, removing unused bits\, and hardening
+  the way it is run\; also\, the parsing of <code>subscription\-manager repos \-\-list</code>
+  was improved and made slightly faster\; no behaviour change is expected
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6783](https\://github\.com/ansible\-collections/community\.general/pull/6783)\,
+  [https\://github\.com/ansible\-collections/community\.general/pull/6837](https\://github\.com/ansible\-collections/community\.general/pull/6837)\)\.
+* scaleway\_security\_group\_rule \- minor refactor removing unnecessary code statements \([https\://github\.com/ansible\-collections/community\.general/pull/6928](https\://github\.com/ansible\-collections/community\.general/pull/6928)\)\.
+* snap \- add option <code>dangerous</code> to the module\, that will map into the command line argument <code>\-\-dangerous</code>\, allowing unsigned snap files to be installed \([https\://github\.com/ansible\-collections/community\.general/pull/6908](https\://github\.com/ansible\-collections/community\.general/pull/6908)\, [https\://github\.com/ansible\-collections/community\.general/issues/5715](https\://github\.com/ansible\-collections/community\.general/issues/5715)\)\.
+* tss lookup plugin \- allow to fetch secret by path\. Previously\, we could not fetch secret by path but now use <code>secret\_path</code> option to indicate to fetch secret by secret path \([https\://github\.com/ansible\-collections/community\.general/pull/6881](https\://github\.com/ansible\-collections/community\.general/pull/6881)\)\.
+* xenserver\_guest\_info \- minor refactor removing unnecessary code statements \([https\://github\.com/ansible\-collections/community\.general/pull/6928](https\://github\.com/ansible\-collections/community\.general/pull/6928)\)\.
+* xenserver\_guest\_powerstate \- minor refactor removing unnecessary code statements \([https\://github\.com/ansible\-collections/community\.general/pull/6928](https\://github\.com/ansible\-collections/community\.general/pull/6928)\)\.
+* yum\_versionlock \- add support to pin specific package versions instead of only the package itself \([https\://github\.com/ansible\-collections/community\.general/pull/6861](https\://github\.com/ansible\-collections/community\.general/pull/6861)\, [https\://github\.com/ansible\-collections/community\.general/issues/4470](https\://github\.com/ansible\-collections/community\.general/issues/4470)\)\.
+
+<a id="deprecated-features-2"></a>
+### Deprecated Features
+
+* flowdock \- module relies entirely on no longer responsive API endpoints\, and it will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/6930](https\://github\.com/ansible\-collections/community\.general/pull/6930)\)\.
+* proxmox \- old feature flag <code>proxmox\_default\_behavior</code> will be removed in community\.general 10\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/6836](https\://github\.com/ansible\-collections/community\.general/pull/6836)\)\.
+* stackdriver \- module relies entirely on no longer existent API endpoints\, and it will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/6887](https\://github\.com/ansible\-collections/community\.general/pull/6887)\)\.
+* webfaction\_app \- module relies entirely on no longer existent API endpoints\, and it will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/6909](https\://github\.com/ansible\-collections/community\.general/pull/6909)\)\.
+* webfaction\_db \- module relies entirely on no longer existent API endpoints\, and it will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/6909](https\://github\.com/ansible\-collections/community\.general/pull/6909)\)\.
+* webfaction\_domain \- module relies entirely on no longer existent API endpoints\, and it will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/6909](https\://github\.com/ansible\-collections/community\.general/pull/6909)\)\.
+* webfaction\_mailbox \- module relies entirely on no longer existent API endpoints\, and it will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/6909](https\://github\.com/ansible\-collections/community\.general/pull/6909)\)\.
+* webfaction\_site \- module relies entirely on no longer existent API endpoints\, and it will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/6909](https\://github\.com/ansible\-collections/community\.general/pull/6909)\)\.
+
+<a id="bugfixes-10"></a>
+### Bugfixes
+
+* cobbler inventory plugin \- fix calculation of cobbler\_ipv4/6\_address \([https\://github\.com/ansible\-collections/community\.general/pull/6925](https\://github\.com/ansible\-collections/community\.general/pull/6925)\)\.
+* datadog\_downtime \- presence of <code>rrule</code> param lead to the Datadog API returning Bad Request due to a missing recurrence type \([https\://github\.com/ansible\-collections/community\.general/pull/6811](https\://github\.com/ansible\-collections/community\.general/pull/6811)\)\.
+* ipa\_dnszone \- fix \'idnsallowsyncptr\' key error for reverse zone \([https\://github\.com/ansible\-collections/community\.general/pull/6906](https\://github\.com/ansible\-collections/community\.general/pull/6906)\, [https\://github\.com/ansible\-collections/community\.general/issues/6905](https\://github\.com/ansible\-collections/community\.general/issues/6905)\)\.
+* keycloak\_authentication \- fix Keycloak authentication flow \(step or sub\-flow\) indexing during update\, if not specified by the user \([https\://github\.com/ansible\-collections/community\.general/pull/6734](https\://github\.com/ansible\-collections/community\.general/pull/6734)\)\.
+* locale\_gen \- now works for locales without the underscore character such as <code>C\.UTF\-8</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6774](https\://github\.com/ansible\-collections/community\.general/pull/6774)\, [https\://github\.com/ansible\-collections/community\.general/issues/5142](https\://github\.com/ansible\-collections/community\.general/issues/5142)\, [https\://github\.com/ansible\-collections/community\.general/issues/4305](https\://github\.com/ansible\-collections/community\.general/issues/4305)\)\.
+* machinectl become plugin \- mark plugin as <code>require\_tty</code> to automatically disable pipelining\, with which this plugin is not compatible \([https\://github\.com/ansible\-collections/community\.general/issues/6932](https\://github\.com/ansible\-collections/community\.general/issues/6932)\, [https\://github\.com/ansible\-collections/community\.general/pull/6935](https\://github\.com/ansible\-collections/community\.general/pull/6935)\)\.
+* nmcli \- fix support for empty list \(in compare and scrape\) \([https\://github\.com/ansible\-collections/community\.general/pull/6769](https\://github\.com/ansible\-collections/community\.general/pull/6769)\)\.
+* openbsd\_pkg \- the pkg\_info\(1\) behavior has changed in OpenBSD \>7\.3\. The error message <code>Can\'t find</code> should not lead to an error case \([https\://github\.com/ansible\-collections/community\.general/pull/6785](https\://github\.com/ansible\-collections/community\.general/pull/6785)\)\.
+* pacman \- module recognizes the output of <code>yay</code> running as <code>root</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6713](https\://github\.com/ansible\-collections/community\.general/pull/6713)\)\.
+* proxmox \- fix error when a configuration had no <code>template</code> field \([https\://github\.com/ansible\-collections/community\.general/pull/6838](https\://github\.com/ansible\-collections/community\.general/pull/6838)\, [https\://github\.com/ansible\-collections/community\.general/issues/5372](https\://github\.com/ansible\-collections/community\.general/issues/5372)\)\.
+* proxmox module utils \- add logic to detect whether an old Promoxer complains about the <code>token\_name</code> and <code>token\_value</code> parameters and provide a better error message when that happens \([https\://github\.com/ansible\-collections/community\.general/pull/6839](https\://github\.com/ansible\-collections/community\.general/pull/6839)\, [https\://github\.com/ansible\-collections/community\.general/issues/5371](https\://github\.com/ansible\-collections/community\.general/issues/5371)\)\.
+* proxmox\_disk \- fix unable to create <code>cdrom</code> media due to <code>size</code> always being appended \([https\://github\.com/ansible\-collections/community\.general/pull/6770](https\://github\.com/ansible\-collections/community\.general/pull/6770)\)\.
+* proxmox\_kvm \- <code>absent</code> state with <code>force</code> specified failed to stop the VM due to the <code>timeout</code> value not being passed to <code>stop\_vm</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6827](https\://github\.com/ansible\-collections/community\.general/pull/6827)\)\.
+* proxmox\_kvm \- <code>restarted</code> state did not actually restart a VM in some VM configurations\. The state now uses the Proxmox reboot endpoint instead of calling the <code>stop\_vm</code> and <code>start\_vm</code> functions \([https\://github\.com/ansible\-collections/community\.general/pull/6773](https\://github\.com/ansible\-collections/community\.general/pull/6773)\)\.
+* proxmox\_template \- require <code>requests\_toolbelt</code> module to fix issue with uploading large templates \([https\://github\.com/ansible\-collections/community\.general/issues/5579](https\://github\.com/ansible\-collections/community\.general/issues/5579)\, [https\://github\.com/ansible\-collections/community\.general/pull/6757](https\://github\.com/ansible\-collections/community\.general/pull/6757)\)\.
+* redfish\_info \- fix <code>ListUsers</code> to not show empty account slots \([https\://github\.com/ansible\-collections/community\.general/issues/6771](https\://github\.com/ansible\-collections/community\.general/issues/6771)\, [https\://github\.com/ansible\-collections/community\.general/pull/6772](https\://github\.com/ansible\-collections/community\.general/pull/6772)\)\.
+* refish\_utils module utils \- changing variable names to avoid issues occuring when fetching Volumes data \([https\://github\.com/ansible\-collections/community\.general/pull/6883](https\://github\.com/ansible\-collections/community\.general/pull/6883)\)\.
+* snap \- assume default track <code>latest</code> in parameter <code>channel</code> when not specified \([https\://github\.com/ansible\-collections/community\.general/pull/6835](https\://github\.com/ansible\-collections/community\.general/pull/6835)\, [https\://github\.com/ansible\-collections/community\.general/issues/6821](https\://github\.com/ansible\-collections/community\.general/issues/6821)\)\.
+* snap \- fix the processing of the commands\' output\, stripping spaces and newlines from it \([https\://github\.com/ansible\-collections/community\.general/pull/6826](https\://github\.com/ansible\-collections/community\.general/pull/6826)\, [https\://github\.com/ansible\-collections/community\.general/issues/6803](https\://github\.com/ansible\-collections/community\.general/issues/6803)\)\.
+
+<a id="new-plugins"></a>
+### New Plugins
+
+<a id="lookup"></a>
+#### Lookup
+
+* bitwarden\_secrets\_manager \- Retrieve secrets from Bitwarden Secrets Manager
+
+<a id="new-modules-2"></a>
+### New Modules
+
+* consul\_policy \- Manipulate Consul policies
+* keycloak\_authz\_permission \- Allows administration of Keycloak client authorization permissions via Keycloak API
+* keycloak\_authz\_permission\_info \- Query Keycloak client authorization permissions information
+* proxmox\_vm\_info \- Retrieve information about one or more Proxmox VE virtual machines
+
+<a id="v7-1-0"></a>
+## v7\.1\.0
+
+<a id="release-summary-11"></a>
+### Release Summary
+
+Regular bugfix and feature release\.
+
+From this version on\, community\.general is using the new [Ansible semantic markup](https\://docs\.ansible\.com/ansible/devel/dev\_guide/developing\_modules\_documenting\.html\#semantic\-markup\-within\-module\-documentation)
+in its documentation\. If you look at documentation with the ansible\-doc CLI tool
+from ansible\-core before 2\.15\, please note that it does not render the markup
+correctly\. You should be still able to read it in most cases\, but you need
+ansible\-core 2\.15 or later to see it as it is intended\. Alternatively you can
+look at [the devel docsite](https\://docs\.ansible\.com/ansible/devel/collections/community/general/)
+for the rendered HTML version of the documentation of the latest release\.
+
+<a id="minor-changes-5"></a>
+### Minor Changes
+
+* The collection will start using semantic markup \([https\://github\.com/ansible\-collections/community\.general/pull/6539](https\://github\.com/ansible\-collections/community\.general/pull/6539)\)\.
+* VarDict module utils \- add method <code>VarDict\.as\_dict\(\)</code> to convert to a plain <code>dict</code> object \([https\://github\.com/ansible\-collections/community\.general/pull/6602](https\://github\.com/ansible\-collections/community\.general/pull/6602)\)\.
+* cobbler inventory plugin \- add <code>inventory\_hostname</code> option to allow using the system name for the inventory hostname \([https\://github\.com/ansible\-collections/community\.general/pull/6502](https\://github\.com/ansible\-collections/community\.general/pull/6502)\)\.
+* cobbler inventory plugin \- add <code>want\_ip\_addresses</code> option to collect all interface DNS name to IP address mapping \([https\://github\.com/ansible\-collections/community\.general/pull/6711](https\://github\.com/ansible\-collections/community\.general/pull/6711)\)\.
+* cobbler inventory plugin \- add primary IP addess to <code>cobbler\_ipv4\_address</code> and IPv6 address to <code>cobbler\_ipv6\_address</code> host variable \([https\://github\.com/ansible\-collections/community\.general/pull/6711](https\://github\.com/ansible\-collections/community\.general/pull/6711)\)\.
+* cobbler inventory plugin \- add warning for systems with empty profiles \([https\://github\.com/ansible\-collections/community\.general/pull/6502](https\://github\.com/ansible\-collections/community\.general/pull/6502)\)\.
+* copr \- respawn module to use the system python interpreter when the <code>dnf</code> python module is not available in <code>ansible\_python\_interpreter</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6522](https\://github\.com/ansible\-collections/community\.general/pull/6522)\)\.
+* datadog\_monitor \- adds <code>notification\_preset\_name</code>\, <code>renotify\_occurrences</code> and <code>renotify\_statuses</code> parameters \([https\://github\.com/ansible\-collections/community\.general/issues/6521\,https\://github\.com/ansible\-collections/community\.general/issues/5823](https\://github\.com/ansible\-collections/community\.general/issues/6521\,https\://github\.com/ansible\-collections/community\.general/issues/5823)\)\.
+* filesystem \- add <code>uuid</code> parameter for UUID change feature \([https\://github\.com/ansible\-collections/community\.general/pull/6680](https\://github\.com/ansible\-collections/community\.general/pull/6680)\)\.
+* keycloak\_client\_rolemapping \- adds support for subgroups with additional parameter <code>parents</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6687](https\://github\.com/ansible\-collections/community\.general/pull/6687)\)\.
+* keycloak\_role \- add composite roles support for realm and client roles \([https\://github\.com/ansible\-collections/community\.general/pull/6469](https\://github\.com/ansible\-collections/community\.general/pull/6469)\)\.
+* ldap\_\* \- add new arguments <code>client\_cert</code> and <code>client\_key</code> to the LDAP modules in order to allow certificate authentication \([https\://github\.com/ansible\-collections/community\.general/pull/6668](https\://github\.com/ansible\-collections/community\.general/pull/6668)\)\.
+* ldap\_search \- add a new <code>page\_size</code> option to enable paged searches \([https\://github\.com/ansible\-collections/community\.general/pull/6648](https\://github\.com/ansible\-collections/community\.general/pull/6648)\)\.
+* lvg \- add <code>active</code> and <code>inactive</code> values to the <code>state</code> option for active state management feature \([https\://github\.com/ansible\-collections/community\.general/pull/6682](https\://github\.com/ansible\-collections/community\.general/pull/6682)\)\.
+* lvg \- add <code>reset\_vg\_uuid</code>\, <code>reset\_pv\_uuid</code> options for UUID reset feature \([https\://github\.com/ansible\-collections/community\.general/pull/6682](https\://github\.com/ansible\-collections/community\.general/pull/6682)\)\.
+* mas \- disable sign\-in check for macOS 12\+ as <code>mas account</code> is non\-functional \([https\://github\.com/ansible\-collections/community\.general/pull/6520](https\://github\.com/ansible\-collections/community\.general/pull/6520)\)\.
+* onepassword lookup plugin \- add service account support \([https\://github\.com/ansible\-collections/community\.general/issues/6635](https\://github\.com/ansible\-collections/community\.general/issues/6635)\, [https\://github\.com/ansible\-collections/community\.general/pull/6660](https\://github\.com/ansible\-collections/community\.general/pull/6660)\)\.
+* onepassword\_raw lookup plugin \- add service account support \([https\://github\.com/ansible\-collections/community\.general/issues/6635](https\://github\.com/ansible\-collections/community\.general/issues/6635)\, [https\://github\.com/ansible\-collections/community\.general/pull/6660](https\://github\.com/ansible\-collections/community\.general/pull/6660)\)\.
+* opentelemetry callback plugin \- add span attributes in the span event \([https\://github\.com/ansible\-collections/community\.general/pull/6531](https\://github\.com/ansible\-collections/community\.general/pull/6531)\)\.
+* opkg \- remove default value <code>\"\"</code> for parameter <code>force</code> as it causes the same behaviour of not having that parameter \([https\://github\.com/ansible\-collections/community\.general/pull/6513](https\://github\.com/ansible\-collections/community\.general/pull/6513)\)\.
+* proxmox \- support <code>timezone</code> parameter at container creation \([https\://github\.com/ansible\-collections/community\.general/pull/6510](https\://github\.com/ansible\-collections/community\.general/pull/6510)\)\.
+* proxmox inventory plugin \- add composite variables support for Proxmox nodes \([https\://github\.com/ansible\-collections/community\.general/issues/6640](https\://github\.com/ansible\-collections/community\.general/issues/6640)\)\.
+* proxmox\_kvm \- added support for <code>tpmstate0</code> parameter to configure TPM \(Trusted Platform Module\) disk\. TPM is required for Windows 11 installations \([https\://github\.com/ansible\-collections/community\.general/pull/6533](https\://github\.com/ansible\-collections/community\.general/pull/6533)\)\.
+* proxmox\_kvm \- re\-use <code>timeout</code> module param to forcefully shutdown a virtual machine when <code>state</code> is <code>stopped</code> \([https\://github\.com/ansible\-collections/community\.general/issues/6257](https\://github\.com/ansible\-collections/community\.general/issues/6257)\)\.
+* proxmox\_snap \- add <code>retention</code> parameter to delete old snapshots \([https\://github\.com/ansible\-collections/community\.general/pull/6576](https\://github\.com/ansible\-collections/community\.general/pull/6576)\)\.
+* redfish\_command \- add <code>MultipartHTTPPushUpdate</code> command \([https\://github\.com/ansible\-collections/community\.general/issues/6471](https\://github\.com/ansible\-collections/community\.general/issues/6471)\, [https\://github\.com/ansible\-collections/community\.general/pull/6612](https\://github\.com/ansible\-collections/community\.general/pull/6612)\)\.
+* redhat\_subscription \- the internal <code>RegistrationBase</code> class was folded
+  into the other internal <code>Rhsm</code> class\, as the separation had no purpose
+  anymore
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6658](https\://github\.com/ansible\-collections/community\.general/pull/6658)\)\.
+* rhsm\_release \- improve/harden the way <code>subscription\-manager</code> is run\;
+  no behaviour change is expected
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6669](https\://github\.com/ansible\-collections/community\.general/pull/6669)\)\.
+* snap \- module is now aware of channel when deciding whether to install or refresh the snap \([https\://github\.com/ansible\-collections/community\.general/pull/6435](https\://github\.com/ansible\-collections/community\.general/pull/6435)\, [https\://github\.com/ansible\-collections/community\.general/issues/1606](https\://github\.com/ansible\-collections/community\.general/issues/1606)\)\.
+* sorcery \- minor refactor \([https\://github\.com/ansible\-collections/community\.general/pull/6525](https\://github\.com/ansible\-collections/community\.general/pull/6525)\)\.
+* tss lookup plugin \- allow to fetch secret IDs which are in a folder based on folder ID\. Previously\, we could not fetch secrets based on folder ID but now use <code>fetch\_secret\_ids\_from\_folder</code> option to indicate to fetch secret IDs based on folder ID \([https\://github\.com/ansible\-collections/community\.general/issues/6223](https\://github\.com/ansible\-collections/community\.general/issues/6223)\)\.
+
+<a id="deprecated-features-3"></a>
+### Deprecated Features
+
+* CmdRunner module utils \- deprecate <code>cmd\_runner\_fmt\.as\_default\_type\(\)</code> formatter \([https\://github\.com/ansible\-collections/community\.general/pull/6601](https\://github\.com/ansible\-collections/community\.general/pull/6601)\)\.
+* MH VarsMixin module utils \- deprecates <code>VarsMixin</code> and supporting classes in favor of plain <code>vardict</code> module util \([https\://github\.com/ansible\-collections/community\.general/pull/6649](https\://github\.com/ansible\-collections/community\.general/pull/6649)\)\.
+* cpanm \- value <code>compatibility</code> is deprecated as default for parameter <code>mode</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6512](https\://github\.com/ansible\-collections/community\.general/pull/6512)\)\.
+* redhat module utils \- the <code>module\_utils\.redhat</code> module is deprecated\, as
+  effectively unused\: the <code>Rhsm</code>\, <code>RhsmPool</code>\, and <code>RhsmPools</code> classes
+  will be removed in community\.general 9\.0\.0\; the <code>RegistrationBase</code> class
+  will be removed in community\.general 10\.0\.0 together with the
+  <code>rhn\_register</code> module\, as it is the only user of this class\; this means
+  that the whole <code>module\_utils\.redhat</code> module will be dropped in
+  community\.general 10\.0\.0\, so importing it without even using anything of it
+  will fail
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6663](https\://github\.com/ansible\-collections/community\.general/pull/6663)\)\.
+* redhat\_subscription \- the <code>autosubscribe</code> alias for the <code>auto\_attach</code> option has been
+  deprecated for many years\, although only in the documentation\. Officially mark this alias
+  as deprecated\, and it will be removed in community\.general 9\.0\.0
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6646](https\://github\.com/ansible\-collections/community\.general/pull/6646)\)\.
+* redhat\_subscription \- the <code>pool</code> option is deprecated in favour of the
+  more precise and flexible <code>pool\_ids</code> option
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6650](https\://github\.com/ansible\-collections/community\.general/pull/6650)\)\.
+* rhsm\_repository \- <code>state\=present</code> has not been working as expected for many years\,
+  and it seems it was not noticed so far\; also\, \"presence\" is not really a valid concept
+  for subscription repositories\, which can only be enabled or disabled\. Hence\, mark the
+  <code>present</code> and <code>absent</code> values of the <code>state</code> option as deprecated\, slating them
+  for removal in community\.general 10\.0\.0
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6673](https\://github\.com/ansible\-collections/community\.general/pull/6673)\)\.
+
+<a id="bugfixes-11"></a>
+### Bugfixes
+
+* MH DependencyMixin module utils \- deprecation notice was popping up for modules not using dependencies \([https\://github\.com/ansible\-collections/community\.general/pull/6644](https\://github\.com/ansible\-collections/community\.general/pull/6644)\, [https\://github\.com/ansible\-collections/community\.general/issues/6639](https\://github\.com/ansible\-collections/community\.general/issues/6639)\)\.
+* csv module utils \- detects and remove unicode BOM markers from incoming CSV content \([https\://github\.com/ansible\-collections/community\.general/pull/6662](https\://github\.com/ansible\-collections/community\.general/pull/6662)\)\.
+* gitlab\_group \- the module passed parameters to the API call even when not set\. The module is now filtering out <code>None</code> values to remediate this \([https\://github\.com/ansible\-collections/community\.general/pull/6712](https\://github\.com/ansible\-collections/community\.general/pull/6712)\)\.
+* icinga2\_host \- fix a key error when updating an existing host \([https\://github\.com/ansible\-collections/community\.general/pull/6748](https\://github\.com/ansible\-collections/community\.general/pull/6748)\)\.
+* ini\_file \- add the <code>follow</code> paramter to follow the symlinks instead of replacing them \([https\://github\.com/ansible\-collections/community\.general/pull/6546](https\://github\.com/ansible\-collections/community\.general/pull/6546)\)\.
+* ini\_file \- fix a bug where the inactive options were not used when possible \([https\://github\.com/ansible\-collections/community\.general/pull/6575](https\://github\.com/ansible\-collections/community\.general/pull/6575)\)\.
+* keycloak module utils \- fix <code>is\_struct\_included</code> handling of lists of lists/dictionaries \([https\://github\.com/ansible\-collections/community\.general/pull/6688](https\://github\.com/ansible\-collections/community\.general/pull/6688)\)\.
+* keycloak module utils \- the function <code>get\_user\_by\_username</code> now return the user representation or <code>None</code> as stated in the documentation \([https\://github\.com/ansible\-collections/community\.general/pull/6758](https\://github\.com/ansible\-collections/community\.general/pull/6758)\)\.
+* proxmox\_kvm \- allow creation of VM with existing name but new vmid \([https\://github\.com/ansible\-collections/community\.general/issues/6155](https\://github\.com/ansible\-collections/community\.general/issues/6155)\, [https\://github\.com/ansible\-collections/community\.general/pull/6709](https\://github\.com/ansible\-collections/community\.general/pull/6709)\)\.
+* rhsm\_repository \- when using the <code>purge</code> option\, the <code>repositories</code>
+  dictionary element in the returned JSON is now properly updated according
+  to the pruning operation
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6676](https\://github\.com/ansible\-collections/community\.general/pull/6676)\)\.
+* tss lookup plugin \- fix multiple issues when using <code>fetch\_attachments\=true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6720](https\://github\.com/ansible\-collections/community\.general/pull/6720)\)\.
+
+<a id="known-issues"></a>
+### Known Issues
+
+* Ansible markup will show up in raw form on ansible\-doc text output for ansible\-core before 2\.15\. If you have trouble deciphering the documentation markup\, please upgrade to ansible\-core 2\.15 \(or newer\)\, or read the HTML documentation on [https\://docs\.ansible\.com/ansible/devel/collections/community/general/](https\://docs\.ansible\.com/ansible/devel/collections/community/general/) \([https\://github\.com/ansible\-collections/community\.general/pull/6539](https\://github\.com/ansible\-collections/community\.general/pull/6539)\)\.
+
+<a id="new-modules-3"></a>
+### New Modules
+
+* gitlab\_instance\_variable \- Creates\, updates\, or deletes GitLab instance variables
+* gitlab\_merge\_request \- Create\, update\, or delete GitLab merge requests
+* keycloak\_authentication\_required\_actions \- Allows administration of Keycloak authentication required actions
+* keycloak\_user \- Create and configure a user in Keycloak
+* lvg\_rename \- Renames LVM volume groups
+* proxmox\_pool \- Pool management for Proxmox VE cluster
+* proxmox\_pool\_member \- Add or delete members from Proxmox VE cluster pools
+
+<a id="v7-0-1"></a>
+## v7\.0\.1
+
+<a id="release-summary-12"></a>
+### Release Summary
+
+Bugfix release for Ansible 8\.0\.0rc1\.
+
+<a id="bugfixes-12"></a>
+### Bugfixes
+
+* nmcli \- fix bond option <code>xmit\_hash\_policy</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6527](https\://github\.com/ansible\-collections/community\.general/pull/6527)\)\.
+* portage \- fix <code>changed\_use</code> and <code>newuse</code> not triggering rebuilds \([https\://github\.com/ansible\-collections/community\.general/issues/6008](https\://github\.com/ansible\-collections/community\.general/issues/6008)\, [https\://github\.com/ansible\-collections/community\.general/pull/6548](https\://github\.com/ansible\-collections/community\.general/pull/6548)\)\.
+* proxmox\_tasks\_info \- remove <code>api\_user</code> \+ <code>api\_password</code> constraint from <code>required\_together</code> as it causes to require <code>api\_password</code> even when API token param is used \([https\://github\.com/ansible\-collections/community\.general/issues/6201](https\://github\.com/ansible\-collections/community\.general/issues/6201)\)\.
+* zypper \- added handling of zypper exitcode 102\. Changed state is set correctly now and rc 102 is still preserved to be evaluated by the playbook \([https\://github\.com/ansible\-collections/community\.general/pull/6534](https\://github\.com/ansible\-collections/community\.general/pull/6534)\)\.
+
+<a id="v7-0-0"></a>
+## v7\.0\.0
+
+<a id="release-summary-13"></a>
+### Release Summary
+
+This is release 7\.0\.0 of <code>community\.general</code>\, released on 2023\-05\-09\.
+
+<a id="minor-changes-6"></a>
+### Minor Changes
+
+* apache2\_module \- add module argument <code>warn\_mpm\_absent</code> to control whether warning are raised in some edge cases \([https\://github\.com/ansible\-collections/community\.general/pull/5793](https\://github\.com/ansible\-collections/community\.general/pull/5793)\)\.
+* apt\_rpm \- adds <code>clean</code>\, <code>dist\_upgrade</code> and <code>update\_kernel</code>  parameters for clear caches\, complete upgrade system\, and upgrade kernel packages \([https\://github\.com/ansible\-collections/community\.general/pull/5867](https\://github\.com/ansible\-collections/community\.general/pull/5867)\)\.
+* bitwarden lookup plugin \- can now retrieve secrets from custom fields \([https\://github\.com/ansible\-collections/community\.general/pull/5694](https\://github\.com/ansible\-collections/community\.general/pull/5694)\)\.
+* bitwarden lookup plugin \- implement filtering results by <code>collection\_id</code> parameter \([https\://github\.com/ansible\-collections/community\.general/issues/5849](https\://github\.com/ansible\-collections/community\.general/issues/5849)\)\.
+* cmd\_runner module utils \- <code>cmd\_runner\_fmt\.as\_bool\(\)</code> can now take an extra parameter to format when value is false \([https\://github\.com/ansible\-collections/community\.general/pull/5647](https\://github\.com/ansible\-collections/community\.general/pull/5647)\)\.
+* cpanm \- minor change\, use feature from <code>ModuleHelper</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6385](https\://github\.com/ansible\-collections/community\.general/pull/6385)\)\.
+* dconf \- be forgiving about boolean values\: convert them to GVariant booleans automatically \([https\://github\.com/ansible\-collections/community\.general/pull/6206](https\://github\.com/ansible\-collections/community\.general/pull/6206)\)\.
+* dconf \- if <code>gi\.repository\.GLib</code> is missing\, try to respawn in a Python interpreter that has it \([https\://github\.com/ansible\-collections/community\.general/pull/6491](https\://github\.com/ansible\-collections/community\.general/pull/6491)\)\.
+* dconf \- minor refactoring improving parameters and dependencies validation \([https\://github\.com/ansible\-collections/community\.general/pull/6336](https\://github\.com/ansible\-collections/community\.general/pull/6336)\)\.
+* dconf \- parse GVariants for equality comparison when the Python module <code>gi\.repository</code> is available \([https\://github\.com/ansible\-collections/community\.general/pull/6049](https\://github\.com/ansible\-collections/community\.general/pull/6049)\)\.
+* deps module utils \- add function <code>failed\(\)</code> providing the ability to check the dependency check result without triggering an exception \([https\://github\.com/ansible\-collections/community\.general/pull/6383](https\://github\.com/ansible\-collections/community\.general/pull/6383)\)\.
+* dig lookup plugin \- Support multiple domains to be queried as indicated in docs \([https\://github\.com/ansible\-collections/community\.general/pull/6334](https\://github\.com/ansible\-collections/community\.general/pull/6334)\)\.
+* dig lookup plugin \- support CAA record type \([https\://github\.com/ansible\-collections/community\.general/pull/5913](https\://github\.com/ansible\-collections/community\.general/pull/5913)\)\.
+* dnsimple \- set custom User\-Agent for API requests to DNSimple \([https\://github\.com/ansible\-collections/community\.general/pull/5927](https\://github\.com/ansible\-collections/community\.general/pull/5927)\)\.
+* dnsimple\_info \- minor refactor in the code \([https\://github\.com/ansible\-collections/community\.general/pull/6440](https\://github\.com/ansible\-collections/community\.general/pull/6440)\)\.
+* flatpak\_remote \- add new boolean option <code>enabled</code>\. It controls\, whether the remote is enabled or not \([https\://github\.com/ansible\-collections/community\.general/pull/5926](https\://github\.com/ansible\-collections/community\.general/pull/5926)\)\.
+* gconftool2 \- refactor using <code>ModuleHelper</code> and <code>CmdRunner</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5545](https\://github\.com/ansible\-collections/community\.general/pull/5545)\)\.
+* gitlab\_group\_variable\, gitlab\_project\_variable \- refactor function out to module utils \([https\://github\.com/ansible\-collections/community\.general/pull/6384](https\://github\.com/ansible\-collections/community\.general/pull/6384)\)\.
+* gitlab\_project \- add <code>builds\_access\_level</code>\, <code>container\_registry\_access\_level</code> and <code>forking\_access\_level</code> options \([https\://github\.com/ansible\-collections/community\.general/pull/5706](https\://github\.com/ansible\-collections/community\.general/pull/5706)\)\.
+* gitlab\_project \- add <code>releases\_access\_level</code>\, <code>environments\_access\_level</code>\, <code>feature\_flags\_access\_level</code>\, <code>infrastructure\_access\_level</code>\, <code>monitor\_access\_level</code>\, and <code>security\_and\_compliance\_access\_level</code> options \([https\://github\.com/ansible\-collections/community\.general/pull/5986](https\://github\.com/ansible\-collections/community\.general/pull/5986)\)\.
+* gitlab\_project \- add new option <code>topics</code> for adding topics to GitLab projects \([https\://github\.com/ansible\-collections/community\.general/pull/6278](https\://github\.com/ansible\-collections/community\.general/pull/6278)\)\.
+* gitlab\_runner \- add new boolean option <code>access\_level\_on\_creation</code>\. It controls\, whether the value of <code>access\_level</code> is used for runner registration or not\. The option <code>access\_level</code> has been ignored on registration so far and was only used on updates \([https\://github\.com/ansible\-collections/community\.general/issues/5907](https\://github\.com/ansible\-collections/community\.general/issues/5907)\, [https\://github\.com/ansible\-collections/community\.general/pull/5908](https\://github\.com/ansible\-collections/community\.general/pull/5908)\)\.
+* gitlab\_runner \- allow to register group runner \([https\://github\.com/ansible\-collections/community\.general/pull/3935](https\://github\.com/ansible\-collections/community\.general/pull/3935)\)\.
+* homebrew\_cask \- allows passing <code>\-\-greedy</code> option to <code>upgrade\_all</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6267](https\://github\.com/ansible\-collections/community\.general/pull/6267)\)\.
+* idrac\_redfish\_command \- add <code>job\_id</code> to <code>CreateBiosConfigJob</code> response \([https\://github\.com/ansible\-collections/community\.general/issues/5603](https\://github\.com/ansible\-collections/community\.general/issues/5603)\)\.
+* ilo\_redfish\_utils module utils \- change implementation of DNS Server IP and NTP Server IP update \([https\://github\.com/ansible\-collections/community\.general/pull/5804](https\://github\.com/ansible\-collections/community\.general/pull/5804)\)\.
+* ipa\_group \- allow to add and remove external users with the <code>external\_user</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/5897](https\://github\.com/ansible\-collections/community\.general/pull/5897)\)\.
+* ipa\_hostgroup \- add <code>append</code> parameter for adding a new hosts to existing hostgroups without changing existing hostgroup members \([https\://github\.com/ansible\-collections/community\.general/pull/6203](https\://github\.com/ansible\-collections/community\.general/pull/6203)\)\.
+* iptables\_state \- minor refactoring within the module \([https\://github\.com/ansible\-collections/community\.general/pull/5844](https\://github\.com/ansible\-collections/community\.general/pull/5844)\)\.
+* java\_certs \- add more detailed error output when extracting certificate from PKCS12 fails \([https\://github\.com/ansible\-collections/community\.general/pull/5550](https\://github\.com/ansible\-collections/community\.general/pull/5550)\)\.
+* jc filter plugin \- added the ability to use parser plugins \([https\://github\.com/ansible\-collections/community\.general/pull/6043](https\://github\.com/ansible\-collections/community\.general/pull/6043)\)\.
+* jenkins\_plugin \- refactor code to module util to fix sanity check \([https\://github\.com/ansible\-collections/community\.general/pull/5565](https\://github\.com/ansible\-collections/community\.general/pull/5565)\)\.
+* jira \- add worklog functionality \([https\://github\.com/ansible\-collections/community\.general/issues/6209](https\://github\.com/ansible\-collections/community\.general/issues/6209)\, [https\://github\.com/ansible\-collections/community\.general/pull/6210](https\://github\.com/ansible\-collections/community\.general/pull/6210)\)\.
+* keycloak\_authentication \- add flow type option to sub flows to allow the creation of \'form\-flow\' sub flows like in Keycloak\'s built\-in registration flow \([https\://github\.com/ansible\-collections/community\.general/pull/6318](https\://github\.com/ansible\-collections/community\.general/pull/6318)\)\.
+* keycloak\_group \- add new optional module parameter <code>parents</code> to properly handle keycloak subgroups \([https\://github\.com/ansible\-collections/community\.general/pull/5814](https\://github\.com/ansible\-collections/community\.general/pull/5814)\)\.
+* keycloak\_user\_federation \- make <code>org\.keycloak\.storage\.ldap\.mappers\.LDAPStorageMapper</code> the default value for mappers <code>providerType</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5863](https\://github\.com/ansible\-collections/community\.general/pull/5863)\)\.
+* ldap modules \- add <code>ca\_path</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/6185](https\://github\.com/ansible\-collections/community\.general/pull/6185)\)\.
+* ldap modules \- add <code>xorder\_discovery</code> option \([https\://github\.com/ansible\-collections/community\.general/issues/6045](https\://github\.com/ansible\-collections/community\.general/issues/6045)\, [https\://github\.com/ansible\-collections/community\.general/pull/6109](https\://github\.com/ansible\-collections/community\.general/pull/6109)\)\.
+* ldap\_search \- the new <code>base64\_attributes</code> allows to specify which attribute values should be Base64 encoded \([https\://github\.com/ansible\-collections/community\.general/pull/6473](https\://github\.com/ansible\-collections/community\.general/pull/6473)\)\.
+* lxd\_container \- add diff and check mode \([https\://github\.com/ansible\-collections/community\.general/pull/5866](https\://github\.com/ansible\-collections/community\.general/pull/5866)\)\.
+* lxd\_project \- refactored code out to module utils to clear sanity check \([https\://github\.com/ansible\-collections/community\.general/pull/5549](https\://github\.com/ansible\-collections/community\.general/pull/5549)\)\.
+* make \- add <code>command</code> return value to the module output \([https\://github\.com/ansible\-collections/community\.general/pull/6160](https\://github\.com/ansible\-collections/community\.general/pull/6160)\)\.
+* mattermost\, rocketchat\, slack \- replace missing default favicon with docs\.ansible\.com favicon \([https\://github\.com/ansible\-collections/community\.general/pull/5928](https\://github\.com/ansible\-collections/community\.general/pull/5928)\)\.
+* mksysb \- improved the output of the module in case of errors \([https\://github\.com/ansible\-collections/community\.general/issues/6263](https\://github\.com/ansible\-collections/community\.general/issues/6263)\)\.
+* modprobe \- add <code>persistent</code> option \([https\://github\.com/ansible\-collections/community\.general/issues/4028](https\://github\.com/ansible\-collections/community\.general/issues/4028)\, [https\://github\.com/ansible\-collections/community\.general/pull/542](https\://github\.com/ansible\-collections/community\.general/pull/542)\)\.
+* module\_helper module utils \- updated the imports to make more MH features available at <code>plugins/module\_utils/module\_helper\.py</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6464](https\://github\.com/ansible\-collections/community\.general/pull/6464)\)\.
+* mssql\_script \- allow for <code>GO</code> statement to be mixed\-case for scripts not using strict syntax \([https\://github\.com/ansible\-collections/community\.general/pull/6457](https\://github\.com/ansible\-collections/community\.general/pull/6457)\)\.
+* mssql\_script \- handle error condition for empty resultsets to allow for non\-returning SQL statements \(for example <code>UPDATE</code> and <code>INSERT</code>\) \([https\://github\.com/ansible\-collections/community\.general/pull/6457](https\://github\.com/ansible\-collections/community\.general/pull/6457)\)\.
+* mssql\_script \- improve batching logic to allow a wider variety of input scripts\. For example\, SQL scripts slurped from Windows machines which may contain carriage return \(\'\'r\'\'\) characters \([https\://github\.com/ansible\-collections/community\.general/pull/6457](https\://github\.com/ansible\-collections/community\.general/pull/6457)\)\.
+* nmap inventory plugin \- add new option <code>open</code> for only returning open ports \([https\://github\.com/ansible\-collections/community\.general/pull/6200](https\://github\.com/ansible\-collections/community\.general/pull/6200)\)\.
+* nmap inventory plugin \- add new option <code>port</code> for port specific scan \([https\://github\.com/ansible\-collections/community\.general/pull/6165](https\://github\.com/ansible\-collections/community\.general/pull/6165)\)\.
+* nmap inventory plugin \- add new options <code>udp\_scan</code>\, <code>icmp\_timestamp</code>\, and <code>dns\_resolve</code> for different types of scans \([https\://github\.com/ansible\-collections/community\.general/pull/5566](https\://github\.com/ansible\-collections/community\.general/pull/5566)\)\.
+* nmap inventory plugin \- added environment variables for configure <code>address</code> and <code>exclude</code> \([https\://github\.com/ansible\-collections/community\.general/issues/6351](https\://github\.com/ansible\-collections/community\.general/issues/6351)\)\.
+* nmcli \- add <code>default</code> and <code>default\-or\-eui64</code> to the list of valid choices for <code>addr\_gen\_mode6</code> parameter \([https\://github\.com/ansible\-collections/community\.general/pull/5974](https\://github\.com/ansible\-collections/community\.general/pull/5974)\)\.
+* nmcli \- add <code>macvlan</code> connection type \([https\://github\.com/ansible\-collections/community\.general/pull/6312](https\://github\.com/ansible\-collections/community\.general/pull/6312)\)\.
+* nmcli \- add support for <code>team\.runner\-fast\-rate</code> parameter for <code>team</code> connections \([https\://github\.com/ansible\-collections/community\.general/issues/6065](https\://github\.com/ansible\-collections/community\.general/issues/6065)\)\.
+* nmcli \- new module option <code>slave\_type</code> added to allow creation of various types of slave devices \([https\://github\.com/ansible\-collections/community\.general/issues/473](https\://github\.com/ansible\-collections/community\.general/issues/473)\, [https\://github\.com/ansible\-collections/community\.general/pull/6108](https\://github\.com/ansible\-collections/community\.general/pull/6108)\)\.
+* one\_vm \- add a new <code>updateconf</code> option which implements the <code>one\.vm\.updateconf</code> API call \([https\://github\.com/ansible\-collections/community\.general/pull/5812](https\://github\.com/ansible\-collections/community\.general/pull/5812)\)\.
+* openbsd\_pkg \- set <code>TERM</code> to <code>\'dumb\'</code> in <code>execute\_command\(\)</code> to make module less dependant on the <code>TERM</code> environment variable set on the Ansible controller \([https\://github\.com/ansible\-collections/community\.general/pull/6149](https\://github\.com/ansible\-collections/community\.general/pull/6149)\)\.
+* opkg \- allow installing a package in a certain version \([https\://github\.com/ansible\-collections/community\.general/pull/5688](https\://github\.com/ansible\-collections/community\.general/pull/5688)\)\.
+* opkg \- refactored module to use <code>CmdRunner</code> for executing <code>opkg</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5718](https\://github\.com/ansible\-collections/community\.general/pull/5718)\)\.
+* osx\_defaults \- include stderr in error messages \([https\://github\.com/ansible\-collections/community\.general/pull/6011](https\://github\.com/ansible\-collections/community\.general/pull/6011)\)\.
+* pipx \- add <code>system\_site\_packages</code> parameter to give application access to system\-wide packages \([https\://github\.com/ansible\-collections/community\.general/pull/6308](https\://github\.com/ansible\-collections/community\.general/pull/6308)\)\.
+* pipx \- ensure <code>include\_injected</code> parameter works with <code>state\=upgrade</code> and <code>state\=latest</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6212](https\://github\.com/ansible\-collections/community\.general/pull/6212)\)\.
+* pipx \- optional <code>install\_apps</code> parameter added to install applications from injected packages \([https\://github\.com/ansible\-collections/community\.general/pull/6198](https\://github\.com/ansible\-collections/community\.general/pull/6198)\)\.
+* proxmox \- added new module parameter <code>tags</code> for use with PVE 7\+ \([https\://github\.com/ansible\-collections/community\.general/pull/5714](https\://github\.com/ansible\-collections/community\.general/pull/5714)\)\.
+* proxmox \- suppress urllib3 <code>InsecureRequestWarnings</code> when <code>validate\_certs</code> option is <code>false</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5931](https\://github\.com/ansible\-collections/community\.general/pull/5931)\)\.
+* proxmox\_kvm \- add new <code>archive</code> parameter\. This is needed to create a VM from an archive \(backup\) \([https\://github\.com/ansible\-collections/community\.general/pull/6159](https\://github\.com/ansible\-collections/community\.general/pull/6159)\)\.
+* proxmox\_kvm \- adds <code>migrate</code> parameter to manage online migrations between hosts \([https\://github\.com/ansible\-collections/community\.general/pull/6448](https\://github\.com/ansible\-collections/community\.general/pull/6448)\)
+* puppet \- add new options <code>skip\_tags</code> to exclude certain tagged resources during a puppet agent or apply \([https\://github\.com/ansible\-collections/community\.general/pull/6293](https\://github\.com/ansible\-collections/community\.general/pull/6293)\)\.
+* puppet \- refactored module to use <code>CmdRunner</code> for executing <code>puppet</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5612](https\://github\.com/ansible\-collections/community\.general/pull/5612)\)\.
+* rax\_scaling\_group \- refactored out code to the <code>rax</code> module utils to clear the sanity check \([https\://github\.com/ansible\-collections/community\.general/pull/5563](https\://github\.com/ansible\-collections/community\.general/pull/5563)\)\.
+* redfish\_command \- add <code>PerformRequestedOperations</code> command to perform any operations necessary to continue the update flow \([https\://github\.com/ansible\-collections/community\.general/issues/4276](https\://github\.com/ansible\-collections/community\.general/issues/4276)\)\.
+* redfish\_command \- add <code>update\_apply\_time</code> to <code>SimpleUpdate</code> command \([https\://github\.com/ansible\-collections/community\.general/issues/3910](https\://github\.com/ansible\-collections/community\.general/issues/3910)\)\.
+* redfish\_command \- add <code>update\_status</code> to output of <code>SimpleUpdate</code> command to allow a user monitor the update in progress \([https\://github\.com/ansible\-collections/community\.general/issues/4276](https\://github\.com/ansible\-collections/community\.general/issues/4276)\)\.
+* redfish\_command \- adding <code>EnableSecureBoot</code> functionality \([https\://github\.com/ansible\-collections/community\.general/pull/5899](https\://github\.com/ansible\-collections/community\.general/pull/5899)\)\.
+* redfish\_command \- adding <code>VerifyBiosAttributes</code> functionality \([https\://github\.com/ansible\-collections/community\.general/pull/5900](https\://github\.com/ansible\-collections/community\.general/pull/5900)\)\.
+* redfish\_info \- add <code>GetUpdateStatus</code> command to check the progress of a previous update request \([https\://github\.com/ansible\-collections/community\.general/issues/4276](https\://github\.com/ansible\-collections/community\.general/issues/4276)\)\.
+* redfish\_info \- adds commands to retrieve the HPE ThermalConfiguration and FanPercentMinimum settings from iLO \([https\://github\.com/ansible\-collections/community\.general/pull/6208](https\://github\.com/ansible\-collections/community\.general/pull/6208)\)\.
+* redfish\_utils module utils \- added PUT \(<code>put\_request\(\)</code>\) functionality \([https\://github\.com/ansible\-collections/community\.general/pull/5490](https\://github\.com/ansible\-collections/community\.general/pull/5490)\)\.
+* redhat\_subscription \- add a <code>server\_proxy\_scheme</code> parameter to configure the scheme for the proxy server \([https\://github\.com/ansible\-collections/community\.general/pull/5662](https\://github\.com/ansible\-collections/community\.general/pull/5662)\)\.
+* redhat\_subscription \- adds <code>token</code> parameter for subscription\-manager authentication using Red Hat API token \([https\://github\.com/ansible\-collections/community\.general/pull/5725](https\://github\.com/ansible\-collections/community\.general/pull/5725)\)\.
+* redhat\_subscription \- credentials \(<code>username</code>\, <code>activationkey</code>\, and so on\) are required now only if a system needs to be registered\, or <code>force\_register</code> is specified \([https\://github\.com/ansible\-collections/community\.general/pull/5664](https\://github\.com/ansible\-collections/community\.general/pull/5664)\)\.
+* redhat\_subscription \- the registration is done using the D\-Bus <code>rhsm</code> service instead of spawning a <code>subscription\-manager register</code> command\, if possible\; this avoids passing plain\-text credentials as arguments to <code>subscription\-manager register</code>\, which can be seen while that command runs \([https\://github\.com/ansible\-collections/community\.general/pull/6122](https\://github\.com/ansible\-collections/community\.general/pull/6122)\)\.
+* sefcontext \- add support for path substitutions \([https\://github\.com/ansible\-collections/community\.general/issues/1193](https\://github\.com/ansible\-collections/community\.general/issues/1193)\)\.
+* shutdown \- if no shutdown commands are found in the <code>search\_paths</code> then the module will attempt to shutdown the system using <code>systemctl shutdown</code> \([https\://github\.com/ansible\-collections/community\.general/issues/4269](https\://github\.com/ansible\-collections/community\.general/issues/4269)\, [https\://github\.com/ansible\-collections/community\.general/pull/6171](https\://github\.com/ansible\-collections/community\.general/pull/6171)\)\.
+* slack \- add option <code>prepend\_hash</code> which allows to control whether a <code>\#</code> is prepended to <code>channel\_id</code>\. The current behavior \(value <code>auto</code>\) is to prepend <code>\#</code> unless some specific prefixes are found\. That list of prefixes is incomplete\, and there does not seem to exist a documented condition on when exactly <code>\#</code> must not be prepended\. We recommend to explicitly set <code>prepend\_hash\=always</code> or <code>prepend\_hash\=never</code> to avoid any ambiguity \([https\://github\.com/ansible\-collections/community\.general/pull/5629](https\://github\.com/ansible\-collections/community\.general/pull/5629)\)\.
+* snap \- minor refactor when executing module \([https\://github\.com/ansible\-collections/community\.general/pull/5773](https\://github\.com/ansible\-collections/community\.general/pull/5773)\)\.
+* snap \- refactor module to use <code>CmdRunner</code> to execute external commands \([https\://github\.com/ansible\-collections/community\.general/pull/6468](https\://github\.com/ansible\-collections/community\.general/pull/6468)\)\.
+* snap\_alias \- refactor code to module utils \([https\://github\.com/ansible\-collections/community\.general/pull/6441](https\://github\.com/ansible\-collections/community\.general/pull/6441)\)\.
+* snap\_alias \- refactored module to use <code>CmdRunner</code> to execute <code>snap</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5486](https\://github\.com/ansible\-collections/community\.general/pull/5486)\)\.
+* spotinst\_aws\_elastigroup \- add <code>elements</code> attribute when missing in <code>list</code> parameters \([https\://github\.com/ansible\-collections/community\.general/pull/5553](https\://github\.com/ansible\-collections/community\.general/pull/5553)\)\.
+* ssh\_config \- add <code>host\_key\_algorithms</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/5605](https\://github\.com/ansible\-collections/community\.general/pull/5605)\)\.
+* ssh\_config \- add <code>proxyjump</code> option \([https\://github\.com/ansible\-collections/community\.general/pull/5970](https\://github\.com/ansible\-collections/community\.general/pull/5970)\)\.
+* ssh\_config \- refactor code to module util to fix sanity check \([https\://github\.com/ansible\-collections/community\.general/pull/5720](https\://github\.com/ansible\-collections/community\.general/pull/5720)\)\.
+* ssh\_config \- vendored StormSSH\'s config parser to avoid having to install StormSSH to use the module \([https\://github\.com/ansible\-collections/community\.general/pull/6117](https\://github\.com/ansible\-collections/community\.general/pull/6117)\)\.
+* sudoers \- add <code>setenv</code> parameters to support passing environment variables via sudo\. \([https\://github\.com/ansible\-collections/community\.general/pull/5883](https\://github\.com/ansible\-collections/community\.general/pull/5883)\)
+* sudoers \- adds <code>host</code> parameter for setting hostname restrictions in sudoers rules \([https\://github\.com/ansible\-collections/community\.general/issues/5702](https\://github\.com/ansible\-collections/community\.general/issues/5702)\)\.
+* terraform \- remove state file check condition and error block\, because in the native implementation of terraform will not cause errors due to the non\-existent file \([https\://github\.com/ansible\-collections/community\.general/pull/6296](https\://github\.com/ansible\-collections/community\.general/pull/6296)\)\.
+* udm\_dns\_record \- minor refactor to the code \([https\://github\.com/ansible\-collections/community\.general/pull/6382](https\://github\.com/ansible\-collections/community\.general/pull/6382)\)\.
+* udm\_share \- added <code>elements</code> attribute to <code>list</code> type parameters \([https\://github\.com/ansible\-collections/community\.general/pull/5557](https\://github\.com/ansible\-collections/community\.general/pull/5557)\)\.
+* udm\_user \- add <code>elements</code> attribute when missing in <code>list</code> parameters \([https\://github\.com/ansible\-collections/community\.general/pull/5559](https\://github\.com/ansible\-collections/community\.general/pull/5559)\)\.
+* znode module \- optional <code>use\_tls</code> parameter added for encrypted communication \([https\://github\.com/ansible\-collections/community\.general/issues/6154](https\://github\.com/ansible\-collections/community\.general/issues/6154)\)\.
+
+<a id="breaking-changes--porting-guide"></a>
+### Breaking Changes / Porting Guide
+
+* If you are not using this collection as part of Ansible\, but installed \(and/or upgraded\) community\.general manually\, you need to make sure to also install <code>community\.sap\_libs</code> if you are using any of the <code>sapcar\_extract</code>\, <code>sap\_task\_list\_execute</code>\, and <code>hana\_query</code> modules\.
+  Without that collection installed\, the redirects for these modules do not work\.
+* ModuleHelper module utils \- when the module sets output variables named <code>msg</code>\, <code>exception</code>\, <code>output</code>\, <code>vars</code>\, or <code>changed</code>\, the actual output will prefix those names with <code>\_</code> \(underscore symbol\) only when they clash with output variables generated by ModuleHelper itself\, which only occurs when handling exceptions\. Please note that this breaking change does not require a new major release since before this release\, it was not possible to add such variables to the output [due to a bug](https\://github\.com/ansible\-collections/community\.general/pull/5755) \([https\://github\.com/ansible\-collections/community\.general/pull/5765](https\://github\.com/ansible\-collections/community\.general/pull/5765)\)\.
+* gconftool2 \- fix processing of <code>gconftool\-2</code> when <code>key</code> does not exist\, returning <code>null</code> instead of empty string for both <code>value</code> and <code>previous\_value</code> return values \([https\://github\.com/ansible\-collections/community\.general/issues/6028](https\://github\.com/ansible\-collections/community\.general/issues/6028)\)\.
+* gitlab\_runner \- the default of <code>access\_level\_on\_creation</code> changed from <code>false</code> to <code>true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6428](https\://github\.com/ansible\-collections/community\.general/pull/6428)\)\.
+* ldap\_search \- convert all string\-like values to UTF\-8 \([https\://github\.com/ansible\-collections/community\.general/issues/5704](https\://github\.com/ansible\-collections/community\.general/issues/5704)\, [https\://github\.com/ansible\-collections/community\.general/pull/6473](https\://github\.com/ansible\-collections/community\.general/pull/6473)\)\.
+* nmcli \- the default of the <code>hairpin</code> option changed from <code>true</code> to <code>false</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6428](https\://github\.com/ansible\-collections/community\.general/pull/6428)\)\.
+* proxmox \- the default of the <code>unprivileged</code> option changed from <code>false</code> to <code>true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6428](https\://github\.com/ansible\-collections/community\.general/pull/6428)\)\.
+
+<a id="deprecated-features-4"></a>
+### Deprecated Features
+
+* ModuleHelper module\_utils \- <code>deps</code> mixin for MH classes deprecated in favour of using the <code>deps</code> module\_utils \([https\://github\.com/ansible\-collections/community\.general/pull/6465](https\://github\.com/ansible\-collections/community\.general/pull/6465)\)\.
+* consul \- deprecate using parameters unused for <code>state\=absent</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5772](https\://github\.com/ansible\-collections/community\.general/pull/5772)\)\.
+* gitlab\_runner \- the default of the new option <code>access\_level\_on\_creation</code> will change from <code>false</code> to <code>true</code> in community\.general 7\.0\.0\. This will cause <code>access\_level</code> to be used during runner registration as well\, and not only during updates \([https\://github\.com/ansible\-collections/community\.general/pull/5908](https\://github\.com/ansible\-collections/community\.general/pull/5908)\)\.
+* gitlab\_runner \- the option <code>access\_level</code> will lose its default value in community\.general 8\.0\.0\. From that version on\, you have set this option to <code>ref\_protected</code> explicitly\, if you want to have a protected runner \([https\://github\.com/ansible\-collections/community\.general/issues/5925](https\://github\.com/ansible\-collections/community\.general/issues/5925)\)\.
+* manageiq\_policies \- deprecate <code>state\=list</code> in favour of using <code>community\.general\.manageiq\_policies\_info</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5721](https\://github\.com/ansible\-collections/community\.general/pull/5721)\)\.
+* manageiq\_tags \- deprecate <code>state\=list</code> in favour of using <code>community\.general\.manageiq\_tags\_info</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5727](https\://github\.com/ansible\-collections/community\.general/pull/5727)\)\.
+* rax \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax module utils \- module utils code relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_cbs \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_cbs\_attachments \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_cdb \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_cdb\_database \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_cdb\_user \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_clb \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_clb\_nodes \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_clb\_ssl \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_dns \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_dns\_record \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_facts \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_files \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_files\_objects \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_identity \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_keypair \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_meta \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_mon\_alarm \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_mon\_check \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_mon\_entity \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_mon\_notification \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_mon\_notification\_plan \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_network \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_queue \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_scaling\_group \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rax\_scaling\_policy \- module relies on deprecated library <code>pyrax</code> and will be removed in community\.general 9\.0\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5752](https\://github\.com/ansible\-collections/community\.general/pull/5752)\)\.
+* rhn\_channel\, rhn\_register \- RHN hosted at redhat\.com was discontinued years
+  ago\, and Spacewalk 5 \(which uses RHN\) is EOL since 2020\, May 31st\;
+  while these modules could work on Uyuni / SUSE Manager \(fork of Spacewalk 5\)\,
+  we have not heard about anyone using them in those setups\. Hence\, these
+  modules are deprecated\, and will be removed in community\.general 10\.0\.0
+  in case there are no reports about being still useful\, and potentially
+  no one that steps up to maintain them
+  \([https\://github\.com/ansible\-collections/community\.general/pull/6493](https\://github\.com/ansible\-collections/community\.general/pull/6493)\)\.
+
+<a id="removed-features-previously-deprecated"></a>
+### Removed Features \(previously deprecated\)
+
+* All <code>sap</code> modules have been removed from this collection\.
+  They have been migrated to the [community\.sap\_libs](https\://galaxy\.ansible\.com/community/sap\_libs) collection\.
+  Redirections have been provided\.
+  Following modules are affected\:
+  \- sapcar\_extract
+  \- sap\_task\_list\_execute
+  \- hana\_query
+* cmd\_runner module utils \- the <code>fmt</code> alias of <code>cmd\_runner\_fmt</code> has been removed\. Use <code>cmd\_runner\_fmt</code> instead \([https\://github\.com/ansible\-collections/community\.general/pull/6428](https\://github\.com/ansible\-collections/community\.general/pull/6428)\)\.
+* newrelic\_deployment \- the <code>appname</code> and <code>environment</code> options have been removed\. They did not do anything \([https\://github\.com/ansible\-collections/community\.general/pull/6428](https\://github\.com/ansible\-collections/community\.general/pull/6428)\)\.
+* puppet \- the alias <code>show\-diff</code> of the <code>show\_diff</code> option has been removed\. Use <code>show\_diff</code> instead \([https\://github\.com/ansible\-collections/community\.general/pull/6428](https\://github\.com/ansible\-collections/community\.general/pull/6428)\)\.
+* xfconf \- generating facts was deprecated in community\.general 3\.0\.0\, however three factoids\, <code>property</code>\, <code>channel</code> and <code>value</code> continued to be generated by mistake\. This behaviour has been removed and <code>xfconf</code> generate no facts whatsoever \([https\://github\.com/ansible\-collections/community\.general/pull/5502](https\://github\.com/ansible\-collections/community\.general/pull/5502)\)\.
+* xfconf \- generating facts was deprecated in community\.general 3\.0\.0\, however two factoids\, <code>previous\_value</code> and <code>type</code> continued to be generated by mistake\. This behaviour has been removed and <code>xfconf</code> generate no facts whatsoever \([https\://github\.com/ansible\-collections/community\.general/pull/5502](https\://github\.com/ansible\-collections/community\.general/pull/5502)\)\.
+
+<a id="bugfixes-13"></a>
+### Bugfixes
+
+* ModuleHelper \- fix bug when adjusting the name of reserved output variables \([https\://github\.com/ansible\-collections/community\.general/pull/5755](https\://github\.com/ansible\-collections/community\.general/pull/5755)\)\.
+* alternatives \- support subcommands on Fedora 37\, which uses <code>follower</code> instead of <code>slave</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5794](https\://github\.com/ansible\-collections/community\.general/pull/5794)\)\.
+* ansible\_galaxy\_install \- set default to raise exception if command\'s return code is different from zero \([https\://github\.com/ansible\-collections/community\.general/pull/5680](https\://github\.com/ansible\-collections/community\.general/pull/5680)\)\.
+* ansible\_galaxy\_install \- try <code>C\.UTF\-8</code> and then fall back to <code>en\_US\.UTF\-8</code> before failing \([https\://github\.com/ansible\-collections/community\.general/pull/5680](https\://github\.com/ansible\-collections/community\.general/pull/5680)\)\.
+* archive \- avoid deprecated exception class on Python 3 \([https\://github\.com/ansible\-collections/community\.general/pull/6180](https\://github\.com/ansible\-collections/community\.general/pull/6180)\)\.
+* archive \- reduce RAM usage by generating CRC32 checksum over chunks \([https\://github\.com/ansible\-collections/community\.general/pull/6274](https\://github\.com/ansible\-collections/community\.general/pull/6274)\)\.
+* bitwarden lookup plugin \- clarify what to do\, if the bitwarden vault is not unlocked \([https\://github\.com/ansible\-collections/community\.general/pull/5811](https\://github\.com/ansible\-collections/community\.general/pull/5811)\)\.
+* cartesian and flattened lookup plugins \- adjust to parameter deprecation in ansible\-core 2\.14\'s <code>listify\_lookup\_plugin\_terms</code> helper function \([https\://github\.com/ansible\-collections/community\.general/pull/6074](https\://github\.com/ansible\-collections/community\.general/pull/6074)\)\.
+* chroot connection plugin \- add <code>inventory\_hostname</code> to vars under <code>remote\_addr</code>\. This is needed for compatibility with ansible\-core 2\.13 \([https\://github\.com/ansible\-collections/community\.general/pull/5570](https\://github\.com/ansible\-collections/community\.general/pull/5570)\)\.
+* cloudflare\_dns \- fixed the idempotency for SRV DNS records \([https\://github\.com/ansible\-collections/community\.general/pull/5972](https\://github\.com/ansible\-collections/community\.general/pull/5972)\)\.
+* cloudflare\_dns \- fixed the possiblity of setting a root\-level SRV DNS record \([https\://github\.com/ansible\-collections/community\.general/pull/5972](https\://github\.com/ansible\-collections/community\.general/pull/5972)\)\.
+* cmd\_runner module utils \- fixed bug when handling default cases in <code>cmd\_runner\_fmt\.as\_map\(\)</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5538](https\://github\.com/ansible\-collections/community\.general/pull/5538)\)\.
+* cmd\_runner module utils \- formatting arguments <code>cmd\_runner\_fmt\.as\_fixed\(\)</code> was expecting an non\-existing argument \([https\://github\.com/ansible\-collections/community\.general/pull/5538](https\://github\.com/ansible\-collections/community\.general/pull/5538)\)\.
+* dependent lookup plugin \- avoid warning on deprecated parameter for <code>Templar\.template\(\)</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5543](https\://github\.com/ansible\-collections/community\.general/pull/5543)\)\.
+* deps module utils \- do not fail when dependency cannot be found \([https\://github\.com/ansible\-collections/community\.general/pull/6479](https\://github\.com/ansible\-collections/community\.general/pull/6479)\)\.
+* dig lookup plugin \- correctly handle DNSKEY record type\'s <code>algorithm</code> field \([https\://github\.com/ansible\-collections/community\.general/pull/5914](https\://github\.com/ansible\-collections/community\.general/pull/5914)\)\.
+* flatpak \- fixes idempotency detection issues\. In some cases the module could fail to properly detect already existing Flatpaks because of a parameter witch only checks the installed apps \([https\://github\.com/ansible\-collections/community\.general/pull/6289](https\://github\.com/ansible\-collections/community\.general/pull/6289)\)\.
+* gconftool2 \- fix <code>changed</code> result always being <code>true</code> \([https\://github\.com/ansible\-collections/community\.general/issues/6028](https\://github\.com/ansible\-collections/community\.general/issues/6028)\)\.
+* gconftool2 \- remove requirement of parameter <code>value</code> when <code>state\=absent</code> \([https\://github\.com/ansible\-collections/community\.general/issues/6028](https\://github\.com/ansible\-collections/community\.general/issues/6028)\)\.
+* gem \- fix force parameter not being passed to gem command when uninstalling \([https\://github\.com/ansible\-collections/community\.general/pull/5822](https\://github\.com/ansible\-collections/community\.general/pull/5822)\)\.
+* gem \- fix hang due to interactive prompt for confirmation on specific version uninstall \([https\://github\.com/ansible\-collections/community\.general/pull/5751](https\://github\.com/ansible\-collections/community\.general/pull/5751)\)\.
+* github\_webhook \- fix always changed state when no secret is provided \([https\://github\.com/ansible\-collections/community\.general/pull/5994](https\://github\.com/ansible\-collections/community\.general/pull/5994)\)\.
+* gitlab\_deploy\_key \- also update <code>title</code> and not just <code>can\_push</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5888](https\://github\.com/ansible\-collections/community\.general/pull/5888)\)\.
+* gitlab\_group\_variables \- fix dropping variables accidentally when GitLab introduced new properties \([https\://github\.com/ansible\-collections/community\.general/pull/5667](https\://github\.com/ansible\-collections/community\.general/pull/5667)\)\.
+* gitlab\_project\_variables \- fix dropping variables accidentally when GitLab introduced new properties \([https\://github\.com/ansible\-collections/community\.general/pull/5667](https\://github\.com/ansible\-collections/community\.general/pull/5667)\)\.
+* gitlab\_runner \- fix <code>KeyError</code> on runner creation and update \([https\://github\.com/ansible\-collections/community\.general/issues/6112](https\://github\.com/ansible\-collections/community\.general/issues/6112)\)\.
+* icinga2\_host \- fix the data structure sent to Icinga to make use of host templates and template vars \([https\://github\.com/ansible\-collections/community\.general/pull/6286](https\://github\.com/ansible\-collections/community\.general/pull/6286)\)\.
+* idrac\_redfish\_command \- allow user to specify <code>resource\_id</code> for <code>CreateBiosConfigJob</code> to specify an exact manager \([https\://github\.com/ansible\-collections/community\.general/issues/2090](https\://github\.com/ansible\-collections/community\.general/issues/2090)\)\.
+* influxdb\_user \- fix running in check mode when the user does not exist yet \([https\://github\.com/ansible\-collections/community\.general/pull/6111](https\://github\.com/ansible\-collections/community\.general/pull/6111)\)\.
+* ini\_file \- make <code>section</code> parameter not required so it is possible to pass <code>null</code> as a value\. This only was possible in the past due to a bug in ansible\-core that now has been fixed \([https\://github\.com/ansible\-collections/community\.general/pull/6404](https\://github\.com/ansible\-collections/community\.general/pull/6404)\)\.
+* interfaces\_file \- fix reading options in lines not starting with a space \([https\://github\.com/ansible\-collections/community\.general/issues/6120](https\://github\.com/ansible\-collections/community\.general/issues/6120)\)\.
+* jail connection plugin \- add <code>inventory\_hostname</code> to vars under <code>remote\_addr</code>\. This is needed for compatibility with ansible\-core 2\.13 \([https\://github\.com/ansible\-collections/community\.general/pull/6118](https\://github\.com/ansible\-collections/community\.general/pull/6118)\)\.
+* jenkins\_build \- fix the logical flaw when deleting a Jenkins build \([https\://github\.com/ansible\-collections/community\.general/pull/5514](https\://github\.com/ansible\-collections/community\.general/pull/5514)\)\.
+* jenkins\_plugin \- fix error due to undefined variable when updates file is not downloaded \([https\://github\.com/ansible\-collections/community\.general/pull/6100](https\://github\.com/ansible\-collections/community\.general/pull/6100)\)\.
+* keycloak \- improve error messages \([https\://github\.com/ansible\-collections/community\.general/pull/6318](https\://github\.com/ansible\-collections/community\.general/pull/6318)\)\.
+* keycloak\_client \- fix accidental replacement of value for attribute <code>saml\.signing\.private\.key</code> with <code>no\_log</code> in wrong contexts \([https\://github\.com/ansible\-collections/community\.general/pull/5934](https\://github\.com/ansible\-collections/community\.general/pull/5934)\)\.
+* keycloak\_client\_rolemapping \- calculate <code>proposed</code> and <code>after</code> return values properly \([https\://github\.com/ansible\-collections/community\.general/pull/5619](https\://github\.com/ansible\-collections/community\.general/pull/5619)\)\.
+* keycloak\_client\_rolemapping \- remove only listed mappings with <code>state\=absent</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5619](https\://github\.com/ansible\-collections/community\.general/pull/5619)\)\.
+* keycloak\_user\_federation \- fixes federation creation issue\. When a new federation was created and at the same time a default / standard mapper was also changed / updated the creation process failed as a bad None set variable led to a bad malformed url request \([https\://github\.com/ansible\-collections/community\.general/pull/5750](https\://github\.com/ansible\-collections/community\.general/pull/5750)\)\.
+* keycloak\_user\_federation \- fixes idempotency detection issues\. In some cases the module could fail to properly detect already existing user federations because of a buggy seemingly superflous extra query parameter \([https\://github\.com/ansible\-collections/community\.general/pull/5732](https\://github\.com/ansible\-collections/community\.general/pull/5732)\)\.
+* loganalytics callback plugin \- adjust type of callback to <code>notification</code>\, it was incorrectly classified as <code>aggregate</code> before \([https\://github\.com/ansible\-collections/community\.general/pull/5761](https\://github\.com/ansible\-collections/community\.general/pull/5761)\)\.
+* logdna callback plugin \- adjust type of callback to <code>notification</code>\, it was incorrectly classified as <code>aggregate</code> before \([https\://github\.com/ansible\-collections/community\.general/pull/5761](https\://github\.com/ansible\-collections/community\.general/pull/5761)\)\.
+* logstash callback plugin \- adjust type of callback to <code>notification</code>\, it was incorrectly classified as <code>aggregate</code> before \([https\://github\.com/ansible\-collections/community\.general/pull/5761](https\://github\.com/ansible\-collections/community\.general/pull/5761)\)\.
+* lxc\_container \- fix the arguments of the lxc command which broke the creation and cloning of containers \([https\://github\.com/ansible\-collections/community\.general/issues/5578](https\://github\.com/ansible\-collections/community\.general/issues/5578)\)\.
+* lxd\_\* modules\, lxd inventory plugin \- fix TLS/SSL certificate validation problems by using the correct purpose when creating the TLS context \([https\://github\.com/ansible\-collections/community\.general/issues/5616](https\://github\.com/ansible\-collections/community\.general/issues/5616)\, [https\://github\.com/ansible\-collections/community\.general/pull/6034](https\://github\.com/ansible\-collections/community\.general/pull/6034)\)\.
+* memset \- fix memset urlerror handling \([https\://github\.com/ansible\-collections/community\.general/pull/6114](https\://github\.com/ansible\-collections/community\.general/pull/6114)\)\.
+* nmcli \- fix change handling of values specified as an integer 0 \([https\://github\.com/ansible\-collections/community\.general/pull/5431](https\://github\.com/ansible\-collections/community\.general/pull/5431)\)\.
+* nmcli \- fix failure to handle WIFI settings when connection type not specified \([https\://github\.com/ansible\-collections/community\.general/pull/5431](https\://github\.com/ansible\-collections/community\.general/pull/5431)\)\.
+* nmcli \- fix improper detection of changes to <code>wifi\.wake\-on\-wlan</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5431](https\://github\.com/ansible\-collections/community\.general/pull/5431)\)\.
+* nmcli \- fixed idempotency issue for bridge connections\. Module forced default value of <code>bridge\.priority</code> to nmcli if not set\; if <code>bridge\.stp</code> is disabled nmcli ignores it and keep default \([https\://github\.com/ansible\-collections/community\.general/issues/3216](https\://github\.com/ansible\-collections/community\.general/issues/3216)\, [https\://github\.com/ansible\-collections/community\.general/issues/4683](https\://github\.com/ansible\-collections/community\.general/issues/4683)\)\.
+* nmcli \- fixed idempotency issue when module params is set to <code>may\_fail4\=false</code> and <code>method4\=disabled</code>\; in this case nmcli ignores change and keeps their own default value <code>yes</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6106](https\://github\.com/ansible\-collections/community\.general/pull/6106)\)\.
+* nmcli \- implemented changing mtu value on vlan interfaces \([https\://github\.com/ansible\-collections/community\.general/issues/4387](https\://github\.com/ansible\-collections/community\.general/issues/4387)\)\.
+* nmcli \- order is significant for lists of addresses \([https\://github\.com/ansible\-collections/community\.general/pull/6048](https\://github\.com/ansible\-collections/community\.general/pull/6048)\)\.
+* nsupdate \- fix zone lookup\. The SOA record for an existing zone is returned as an answer RR and not as an authority RR \([https\://github\.com/ansible\-collections/community\.general/issues/5817](https\://github\.com/ansible\-collections/community\.general/issues/5817)\, [https\://github\.com/ansible\-collections/community\.general/pull/5818](https\://github\.com/ansible\-collections/community\.general/pull/5818)\)\.
+* one\_vm \- avoid splitting labels that are <code>None</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5489](https\://github\.com/ansible\-collections/community\.general/pull/5489)\)\.
+* one\_vm \- fix syntax error when creating VMs with a more complex template \([https\://github\.com/ansible\-collections/community\.general/issues/6225](https\://github\.com/ansible\-collections/community\.general/issues/6225)\)\.
+* onepassword lookup plugin \- Changed to ignore errors from \"op account get\" calls\. Previously\, errors would prevent auto\-signin code from executing \([https\://github\.com/ansible\-collections/community\.general/pull/5942](https\://github\.com/ansible\-collections/community\.general/pull/5942)\)\.
+* onepassword\_raw \- add missing parameter to plugin documentation \([https\://github\.com/ansible\-collections/community\.general/issues/5506](https\://github\.com/ansible\-collections/community\.general/issues/5506)\)\.
+* opkg \- fix issue that <code>force\=reinstall</code> would not reinstall an existing package \([https\://github\.com/ansible\-collections/community\.general/pull/5705](https\://github\.com/ansible\-collections/community\.general/pull/5705)\)\.
+* opkg \- fixes bug when using <code>update\_cache\=true</code> \([https\://github\.com/ansible\-collections/community\.general/issues/6004](https\://github\.com/ansible\-collections/community\.general/issues/6004)\)\.
+* passwordstore lookup plugin \- make compatible with ansible\-core 2\.16 \([https\://github\.com/ansible\-collections/community\.general/pull/6447](https\://github\.com/ansible\-collections/community\.general/pull/6447)\)\.
+* pipx \- fixed handling of <code>install\_deps\=true</code> with <code>state\=latest</code> and <code>state\=upgrade</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6303](https\://github\.com/ansible\-collections/community\.general/pull/6303)\)\.
+* portage \- update the logic for generating the emerge command arguments to ensure that <code>withbdeps\: false</code> results in a passing an <code>n</code> argument with the <code>\-\-with\-bdeps</code> emerge flag \([https\://github\.com/ansible\-collections/community\.general/issues/6451](https\://github\.com/ansible\-collections/community\.general/issues/6451)\, [https\://github\.com/ansible\-collections/community\.general/pull/6456](https\://github\.com/ansible\-collections/community\.general/pull/6456)\)\.
+* proxmox inventory plugin \- fix bug while templating when using templates for the <code>url</code>\, <code>user</code>\, <code>password</code>\, <code>token\_id</code>\, or <code>token\_secret</code> options \([https\://github\.com/ansible\-collections/community\.general/pull/5640](https\://github\.com/ansible\-collections/community\.general/pull/5640)\)\.
+* proxmox inventory plugin \- handle tags delimited by semicolon instead of comma\, which happens from Proxmox 7\.3 on \([https\://github\.com/ansible\-collections/community\.general/pull/5602](https\://github\.com/ansible\-collections/community\.general/pull/5602)\)\.
+* proxmox\_disk \- avoid duplicate <code>vmid</code> reference \([https\://github\.com/ansible\-collections/community\.general/issues/5492](https\://github\.com/ansible\-collections/community\.general/issues/5492)\, [https\://github\.com/ansible\-collections/community\.general/pull/5493](https\://github\.com/ansible\-collections/community\.general/pull/5493)\)\.
+* proxmox\_disk \- fixed issue with read timeout on import action \([https\://github\.com/ansible\-collections/community\.general/pull/5803](https\://github\.com/ansible\-collections/community\.general/pull/5803)\)\.
+* proxmox\_disk \- fixed possible issues with redundant <code>vmid</code> parameter \([https\://github\.com/ansible\-collections/community\.general/issues/5492](https\://github\.com/ansible\-collections/community\.general/issues/5492)\, [https\://github\.com/ansible\-collections/community\.general/pull/5672](https\://github\.com/ansible\-collections/community\.general/pull/5672)\)\.
+* proxmox\_nic \- fixed possible issues with redundant <code>vmid</code> parameter \([https\://github\.com/ansible\-collections/community\.general/issues/5492](https\://github\.com/ansible\-collections/community\.general/issues/5492)\, [https\://github\.com/ansible\-collections/community\.general/pull/5672](https\://github\.com/ansible\-collections/community\.general/pull/5672)\)\.
+* puppet \- handling <code>noop</code> parameter was not working at all\, now it is has been fixed \([https\://github\.com/ansible\-collections/community\.general/issues/6452](https\://github\.com/ansible\-collections/community\.general/issues/6452)\, [https\://github\.com/ansible\-collections/community\.general/issues/6458](https\://github\.com/ansible\-collections/community\.general/issues/6458)\)\.
+* redfish\_utils \- removed basic auth HTTP header when performing a GET on the service root resource and when performing a POST to the session collection \([https\://github\.com/ansible\-collections/community\.general/issues/5886](https\://github\.com/ansible\-collections/community\.general/issues/5886)\)\.
+* redhat\_subscription \- do not ignore <code>consumer\_name</code> and other variables if <code>activationkey</code> is specified \([https\://github\.com/ansible\-collections/community\.general/issues/3486](https\://github\.com/ansible\-collections/community\.general/issues/3486)\, [https\://github\.com/ansible\-collections/community\.general/pull/5627](https\://github\.com/ansible\-collections/community\.general/pull/5627)\)\.
+* redhat\_subscription \- do not pass arguments to <code>subscription\-manager register</code> for things already configured\; now a specified <code>rhsm\_baseurl</code> is properly set for subscription\-manager \([https\://github\.com/ansible\-collections/community\.general/pull/5583](https\://github\.com/ansible\-collections/community\.general/pull/5583)\)\.
+* redhat\_subscription \- do not use D\-Bus for registering when <code>environment</code> is specified\, so it possible to specify again the environment names for registering\, as the D\-Bus APIs work only with IDs \([https\://github\.com/ansible\-collections/community\.general/pull/6319](https\://github\.com/ansible\-collections/community\.general/pull/6319)\)\.
+* redhat\_subscription \- try to unregister only when already registered when <code>force\_register</code> is specified \([https\://github\.com/ansible\-collections/community\.general/issues/6258](https\://github\.com/ansible\-collections/community\.general/issues/6258)\, [https\://github\.com/ansible\-collections/community\.general/pull/6259](https\://github\.com/ansible\-collections/community\.general/pull/6259)\)\.
+* redhat\_subscription \- use the right D\-Bus options for environments when registering a CentOS Stream 8 system and using <code>environment</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6275](https\://github\.com/ansible\-collections/community\.general/pull/6275)\)\.
+* redhat\_subscription\, rhsm\_release\, rhsm\_repository \- cleanly fail when not running as root\, rather than hanging on an interactive <code>console\-helper</code> prompt\; they all interact with <code>subscription\-manager</code>\, which already requires to be run as root \([https\://github\.com/ansible\-collections/community\.general/issues/734](https\://github\.com/ansible\-collections/community\.general/issues/734)\, [https\://github\.com/ansible\-collections/community\.general/pull/6211](https\://github\.com/ansible\-collections/community\.general/pull/6211)\)\.
+* rhsm\_release \- make <code>release</code> parameter not required so it is possible to pass <code>null</code> as a value\. This only was possible in the past due to a bug in ansible\-core that now has been fixed \([https\://github\.com/ansible\-collections/community\.general/pull/6401](https\://github\.com/ansible\-collections/community\.general/pull/6401)\)\.
+* rundeck module utils \- fix errors caused by the API empty responses \([https\://github\.com/ansible\-collections/community\.general/pull/6300](https\://github\.com/ansible\-collections/community\.general/pull/6300)\)
+* rundeck\_acl\_policy \- fix <code>TypeError \- byte indices must be integers or slices\, not str</code> error caused by empty API response\. Update the module to use <code>module\_utils\.rundeck</code> functions \([https\://github\.com/ansible\-collections/community\.general/pull/5887](https\://github\.com/ansible\-collections/community\.general/pull/5887)\, [https\://github\.com/ansible\-collections/community\.general/pull/6300](https\://github\.com/ansible\-collections/community\.general/pull/6300)\)\.
+* rundeck\_project \- update the module to use <code>module\_utils\.rundeck</code> functions \([https\://github\.com/ansible\-collections/community\.general/issues/5742](https\://github\.com/ansible\-collections/community\.general/issues/5742)\) \([https\://github\.com/ansible\-collections/community\.general/pull/6300](https\://github\.com/ansible\-collections/community\.general/pull/6300)\)
+* snap\_alias \- module would only recognize snap names containing letter\, numbers or the underscore character\, failing to identify valid snap names such as <code>lxd\.lxc</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6361](https\://github\.com/ansible\-collections/community\.general/pull/6361)\)\.
+* splunk callback plugin \- adjust type of callback to <code>notification</code>\, it was incorrectly classified as <code>aggregate</code> before \([https\://github\.com/ansible\-collections/community\.general/pull/5761](https\://github\.com/ansible\-collections/community\.general/pull/5761)\)\.
+* sumologic callback plugin \- adjust type of callback to <code>notification</code>\, it was incorrectly classified as <code>aggregate</code> before \([https\://github\.com/ansible\-collections/community\.general/pull/5761](https\://github\.com/ansible\-collections/community\.general/pull/5761)\)\.
+* syslog\_json callback plugin \- adjust type of callback to <code>notification</code>\, it was incorrectly classified as <code>aggregate</code> before \([https\://github\.com/ansible\-collections/community\.general/pull/5761](https\://github\.com/ansible\-collections/community\.general/pull/5761)\)\.
+* terraform \- fix <code>current</code> workspace never getting appended to the <code>all</code> key in the <code>workspace\_ctf</code> object \([https\://github\.com/ansible\-collections/community\.general/pull/5735](https\://github\.com/ansible\-collections/community\.general/pull/5735)\)\.
+* terraform \- fix <code>terraform init</code> failure when there are multiple workspaces on the remote backend and when <code>default</code> workspace is missing by setting <code>TF\_WORKSPACE</code> environmental variable to the value of <code>workspace</code> when used \([https\://github\.com/ansible\-collections/community\.general/pull/5735](https\://github\.com/ansible\-collections/community\.general/pull/5735)\)\.
+* terraform \- fix broken <code>warn\(\)</code> call \([https\://github\.com/ansible\-collections/community\.general/pull/6497](https\://github\.com/ansible\-collections/community\.general/pull/6497)\)\.
+* terraform and timezone \- slight refactoring to avoid linter reporting potentially undefined variables \([https\://github\.com/ansible\-collections/community\.general/pull/5933](https\://github\.com/ansible\-collections/community\.general/pull/5933)\)\.
+* terraform module \- disable ANSI escape sequences during validation phase \([https\://github\.com/ansible\-collections/community\.general/pull/5843](https\://github\.com/ansible\-collections/community\.general/pull/5843)\)\.
+* tss lookup plugin \- allow to download secret attachments\. Previously\, we could not download secret attachments but now use <code>fetch\_attachments</code> and <code>file\_download\_path</code> variables to download attachments \([https\://github\.com/ansible\-collections/community\.general/issues/6224](https\://github\.com/ansible\-collections/community\.general/issues/6224)\)\.
+* unixy callback plugin \- fix plugin to work with ansible\-core 2\.14 by using Ansible\'s configuration manager for handling options \([https\://github\.com/ansible\-collections/community\.general/issues/5600](https\://github\.com/ansible\-collections/community\.general/issues/5600)\)\.
+* unixy callback plugin \- fix typo introduced when updating to use Ansible\'s configuration manager for handling options \([https\://github\.com/ansible\-collections/community\.general/issues/5600](https\://github\.com/ansible\-collections/community\.general/issues/5600)\)\.
+* various plugins and modules \- remove unnecessary imports \([https\://github\.com/ansible\-collections/community\.general/pull/5940](https\://github\.com/ansible\-collections/community\.general/pull/5940)\)\.
+* vdo \- now uses <code>yaml\.safe\_load\(\)</code> to parse command output instead of the deprecated <code>yaml\.load\(\)</code> which is potentially unsafe\. Using <code>yaml\.load\(\)</code> without explicitely setting a <code>Loader\=</code> is also an error in pyYAML 6\.0 \([https\://github\.com/ansible\-collections/community\.general/pull/5632](https\://github\.com/ansible\-collections/community\.general/pull/5632)\)\.
+* vmadm \- fix for index out of range error in <code>get\_vm\_uuid</code> \([https\://github\.com/ansible\-collections/community\.general/pull/5628](https\://github\.com/ansible\-collections/community\.general/pull/5628)\)\.
+* xenorchestra inventory plugin \- fix failure to receive objects from server due to not checking the id of the response \([https\://github\.com/ansible\-collections/community\.general/pull/6227](https\://github\.com/ansible\-collections/community\.general/pull/6227)\)\.
+* xfs\_quota \- in case of a project quota\, the call to <code>xfs\_quota</code> did not initialize/reset the project \([https\://github\.com/ansible\-collections/community\.general/issues/5143](https\://github\.com/ansible\-collections/community\.general/issues/5143)\)\.
+* xml \- fixed a bug where empty <code>children</code> list would not be set \([https\://github\.com/ansible\-collections/community\.general/pull/5808](https\://github\.com/ansible\-collections/community\.general/pull/5808)\)\.
+* yarn \- fix <code>global\=true</code> to check for the configured global folder instead of assuming the default \([https\://github\.com/ansible\-collections/community\.general/pull/5829](https\://github\.com/ansible\-collections/community\.general/pull/5829)\)
+* yarn \- fix <code>global\=true</code> to not fail when <em class="title-reference">executable</em> wasn\'t specified \([https\://github\.com/ansible\-collections/community\.general/pull/6132](https\://github\.com/ansible\-collections/community\.general/pull/6132)\)
+* yarn \- fix <code>state\=absent</code> not working with <code>global\=true</code> when the package does not include a binary \([https\://github\.com/ansible\-collections/community\.general/pull/5829](https\://github\.com/ansible\-collections/community\.general/pull/5829)\)
+* yarn \- fix <code>state\=latest</code> not working with <code>global\=true</code> \([https\://github\.com/ansible\-collections/community\.general/issues/5712](https\://github\.com/ansible\-collections/community\.general/issues/5712)\)\.
+* yarn \- fixes bug where yarn module tasks would fail when warnings were emitted from Yarn\. The <code>yarn\.list</code> method was not filtering out warnings \([https\://github\.com/ansible\-collections/community\.general/issues/6127](https\://github\.com/ansible\-collections/community\.general/issues/6127)\)\.
+* zfs\_delegate\_admin \- zfs allow output can now be parsed when uids/gids are not known to the host system \([https\://github\.com/ansible\-collections/community\.general/pull/5943](https\://github\.com/ansible\-collections/community\.general/pull/5943)\)\.
+* zypper \- make package managing work on readonly filesystem of openSUSE MicroOS \([https\://github\.com/ansible\-collections/community\.general/pull/5615](https\://github\.com/ansible\-collections/community\.general/pull/5615)\)\.
+
+<a id="new-plugins-1"></a>
+### New Plugins
+
+<a id="lookup-1"></a>
+#### Lookup
+
+* merge\_variables \- merge variables with a certain suffix
+
+<a id="new-modules-4"></a>
+### New Modules
+
+* btrfs\_info \- Query btrfs filesystem info
+* btrfs\_subvolume \- Manage btrfs subvolumes
+* gitlab\_project\_badge \- Manage project badges on GitLab Server
+* ilo\_redfish\_command \- Manages Out\-Of\-Band controllers using Redfish APIs
+* ipbase\_info \- Retrieve IP geolocation and other facts of a host\'s IP address using the ipbase\.com API
+* kdeconfig \- Manage KDE configuration files
+* keycloak\_authz\_authorization\_scope \- Allows administration of Keycloak client authorization scopes via Keycloak API
+* keycloak\_clientscope\_type \- Set the type of aclientscope in realm or client via Keycloak API
+* keycloak\_clientsecret\_info \- Retrieve client secret via Keycloak API
+* keycloak\_clientsecret\_regenerate \- Regenerate Keycloak client secret via Keycloak API
+* ocapi\_command \- Manages Out\-Of\-Band controllers using Open Composable API \(OCAPI\)
+* ocapi\_info \- Manages Out\-Of\-Band controllers using Open Composable API \(OCAPI\)

CHANGELOG.md.license

@@ -0,0 +1,3 @@
+GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+SPDX-License-Identifier: GPL-3.0-or-later
+SPDX-FileCopyrightText: Ansible Project

CHANGELOG.rst

@@ -6,6 +6,310 @@ Community General Release Notes
 
 This changelog describes changes after version 6.0.0.
 
+v7.5.6
+======
+
+Release Summary
+---------------
+
+Regular bugfix release with security fixes.
+
+Security Fixes
+--------------
+
+- cobbler, gitlab_runners, icinga2, linode, lxd, nmap, online, opennebula, proxmox, scaleway, stackpath_compute, virtualbox, and xen_orchestra inventory plugin - make sure all data received from the remote servers is marked as unsafe, so remote code execution by obtaining texts that can be evaluated as templates is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, https://github.com/ansible-collections/community.general/pull/8098).
+
+Bugfixes
+--------
+
+- aix_filesystem - fix issue with empty list items in crfs logic and option order (https://github.com/ansible-collections/community.general/pull/8052).
+- homebrew - error returned from brew command was ignored and tried to parse empty JSON. Fix now checks for an error and raises it to give accurate error message to users (https://github.com/ansible-collections/community.general/issues/8047).
+- ipa_hbacrule - the module uses a string for ``ipaenabledflag`` for new FreeIPA versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
+- ipa_sudorule - the module uses a string for ``ipaenabledflag`` for new FreeIPA versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
+- iptables_state - fix idempotency issues when restoring incomplete iptables dumps (https://github.com/ansible-collections/community.general/issues/8029).
+- linode inventory plugin - add descriptive error message for linode inventory plugin (https://github.com/ansible-collections/community.general/pull/8133).
+- pacemaker_cluster - actually implement check mode, which the module claims to support. This means that until now the module also did changes in check mode (https://github.com/ansible-collections/community.general/pull/8081).
+- pam_limits - when the file does not exist, do not create it in check mode (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057).
+- proxmox_kvm - fixed status check getting from node-specific API endpoint (https://github.com/ansible-collections/community.general/issues/7817).
+
+v7.5.5
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- cargo - fix idempotency issues when using a custom installation path for packages (using the ``--path`` parameter). The initial installation runs fine, but subsequent runs use the ``get_installed()`` function which did not check the given installation location, before running ``cargo install``. This resulted in a false ``changed`` state. Also the removal of packeges using ``state: absent`` failed, as the installation check did not use the given parameter (https://github.com/ansible-collections/community.general/pull/7970).
+- keycloak_client - fixes issue when metadata is provided in desired state when task is in check mode (https://github.com/ansible-collections/community.general/issues/1226, https://github.com/ansible-collections/community.general/pull/7881).
+- modprobe - listing modules files or modprobe files could trigger a FileNotFoundError if ``/etc/modprobe.d`` or ``/etc/modules-load.d`` did not exist. Relevant functions now return empty lists if the directories do not exist to avoid crashing the module (https://github.com/ansible-collections/community.general/issues/7717).
+- onepassword lookup plugin - failed for fields that were in sections and had uppercase letters in the label/ID. Field lookups are now case insensitive in all cases (https://github.com/ansible-collections/community.general/pull/7919).
+- pkgin - pkgin (pkgsrc package manager used by SmartOS) raises erratic exceptions and spurious ``changed=true`` (https://github.com/ansible-collections/community.general/pull/7971).
+- redfish_info - allow for a GET operation invoked by ``GetUpdateStatus`` to allow for an empty response body for cases where a service returns 204 No Content (https://github.com/ansible-collections/community.general/issues/8003).
+- redfish_info - correct uncaught exception when attempting to retrieve ``Chassis`` information (https://github.com/ansible-collections/community.general/pull/7952).
+
+v7.5.4
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- homebrew - detect already installed formulae and casks using JSON output from ``brew info`` (https://github.com/ansible-collections/community.general/issues/864).
+- ipa_otptoken - the module expect ``ipatokendisabled`` as string but the ``ipatokendisabled`` value is returned as a boolean (https://github.com/ansible-collections/community.general/pull/7795).
+- ldap - previously the order number (if present) was expected to follow an equals sign in the DN. This makes it so the order number string is identified correctly anywhere within the DN (https://github.com/ansible-collections/community.general/issues/7646).
+- mssql_script - make the module work with Python 2 (https://github.com/ansible-collections/community.general/issues/7818, https://github.com/ansible-collections/community.general/pull/7821).
+- nmcli - fix ``connection.slave-type`` wired to ``bond`` and not with parameter ``slave_type`` in case of connection type ``wifi`` (https://github.com/ansible-collections/community.general/issues/7389).
+
+v7.5.3
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- keycloak_identity_provider - ``mappers`` processing was not idempotent if the mappers configuration list had not been sorted by name (in ascending order). Fix resolves the issue by sorting mappers in the desired state using the same key which is used for obtaining existing state (https://github.com/ansible-collections/community.general/pull/7418).
+- keycloak_identity_provider - it was not possible to reconfigure (add, remove) ``mappers`` once they were created initially. Removal was ignored, adding new ones resulted in dropping the pre-existing unmodified mappers. Fix resolves the issue by supplying correct input to the internal update call (https://github.com/ansible-collections/community.general/pull/7418).
+- keycloak_user - when ``force`` is set, but user does not exist, do not try to delete it (https://github.com/ansible-collections/community.general/pull/7696).
+- statusio_maintenance - fix error caused by incorrectly formed API data payload. Was raising "Failed to create maintenance HTTP Error 400 Bad Request" caused by bad data type for date/time and deprecated dict keys (https://github.com/ansible-collections/community.general/pull/7754).
+
+v7.5.2
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Minor Changes
+-------------
+
+- elastic callback plugin - close elastic client to not leak resources (https://github.com/ansible-collections/community.general/pull/7517).
+
+Bugfixes
+--------
+
+- cloudflare_dns - fix Cloudflare lookup of SHFP records (https://github.com/ansible-collections/community.general/issues/7652).
+- interface_files - also consider ``address_family`` when changing ``option=method`` (https://github.com/ansible-collections/community.general/issues/7610, https://github.com/ansible-collections/community.general/pull/7612).
+- irc - replace ``ssl.wrap_socket`` that was removed from Python 3.12 with code for creating a proper SSL context (https://github.com/ansible-collections/community.general/pull/7542).
+- keycloak_* - fix Keycloak API client to quote ``/`` properly (https://github.com/ansible-collections/community.general/pull/7641).
+- keycloak_authz_permission - resource payload variable for scope-based permission was constructed as a string, when it needs to be a list, even for a single item (https://github.com/ansible-collections/community.general/issues/7151).
+- log_entries callback plugin - replace ``ssl.wrap_socket`` that was removed from Python 3.12 with code for creating a proper SSL context (https://github.com/ansible-collections/community.general/pull/7542).
+- lvol - test for output messages in both ``stdout`` and ``stderr`` (https://github.com/ansible-collections/community.general/pull/7601, https://github.com/ansible-collections/community.general/issues/7182).
+- ocapi_utils, oci_utils, redfish_utils module utils - replace ``type()`` calls with ``isinstance()`` calls (https://github.com/ansible-collections/community.general/pull/7501).
+- onepassword lookup plugin - field and section titles are now case insensitive when using op CLI version two or later. This matches the behavior of version one (https://github.com/ansible-collections/community.general/pull/7564).
+- pipx module utils - change the CLI argument formatter for the ``pip_args`` parameter (https://github.com/ansible-collections/community.general/issues/7497, https://github.com/ansible-collections/community.general/pull/7506).
+- redhat_subscription - use the D-Bus registration on RHEL 7 only on 7.4 and
+  greater; older versions of RHEL 7 do not have it
+  (https://github.com/ansible-collections/community.general/issues/7622,
+  https://github.com/ansible-collections/community.general/pull/7624).
+- terraform - fix multiline string handling in complex variables (https://github.com/ansible-collections/community.general/pull/7535).
+
+v7.5.1
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- composer - fix impossible to run ``working_dir`` dependent commands. The module was throwing an error when trying to run a ``working_dir`` dependent command, because it tried to get the command help without passing the ``working_dir`` (https://github.com/ansible-collections/community.general/issues/3787).
+- github_deploy_key - fix pagination behaviour causing a crash when only a single page of deploy keys exist (https://github.com/ansible-collections/community.general/pull/7375).
+- gitlab_group_members - fix gitlab constants call in ``gitlab_group_members`` module (https://github.com/ansible-collections/community.general/issues/7467).
+- gitlab_project_members - fix gitlab constants call in ``gitlab_project_members`` module (https://github.com/ansible-collections/community.general/issues/7467).
+- gitlab_protected_branches - fix gitlab constants call in ``gitlab_protected_branches`` module (https://github.com/ansible-collections/community.general/issues/7467).
+- gitlab_user - fix gitlab constants call in ``gitlab_user`` module (https://github.com/ansible-collections/community.general/issues/7467).
+- kernel_blacklist - simplified the mechanism to update the file, fixing the error (https://github.com/ansible-collections/community.general/pull/7382, https://github.com/ansible-collections/community.general/issues/7362).
+- memset module utils - make compatible with ansible-core 2.17 (https://github.com/ansible-collections/community.general/pull/7379).
+- proxmox_pool_member - absent state for type VM did not delete VMs from the pools (https://github.com/ansible-collections/community.general/pull/7464).
+- redfish_command - fix usage of message parsing in ``SimpleUpdate`` and ``MultipartHTTPPushUpdate`` commands to treat the lack of a ``MessageId`` as no message (https://github.com/ansible-collections/community.general/issues/7465, https://github.com/ansible-collections/community.general/pull/7471).
+- redhat_subscription - use the right D-Bus options for the consumer type when
+  registering a RHEL system older than 9 or a RHEL 9 system older than 9.2
+  and using ``consumer_type``
+  (https://github.com/ansible-collections/community.general/pull/7378).
+- selective callback plugin - fix length of task name lines in output always being 3 characters longer than desired (https://github.com/ansible-collections/community.general/pull/7374).
+
+v7.5.0
+======
+
+Release Summary
+---------------
+
+Regular bugfix and feature release.
+
+Please note that this is the last minor 7.x.0 release. Further releases
+with major version 7 will be bugfix releases 7.5.y.
+
+Minor Changes
+-------------
+
+- cargo - add option ``executable``, which allows user to specify path to the cargo binary (https://github.com/ansible-collections/community.general/pull/7352).
+- cargo - add option ``locked`` which allows user to specify install the locked version of dependency instead of latest compatible version (https://github.com/ansible-collections/community.general/pull/6134).
+- dig lookup plugin - add TCP option to enable the use of TCP connection during DNS lookup (https://github.com/ansible-collections/community.general/pull/7343).
+- gitlab_group - add option ``force_delete`` (default: false) which allows delete group even if projects exists in it (https://github.com/ansible-collections/community.general/pull/7364).
+- ini_file - add ``ignore_spaces`` option (https://github.com/ansible-collections/community.general/pull/7273).
+- newrelic_deployment - add option ``app_name_exact_match``, which filters results for the exact app_name provided (https://github.com/ansible-collections/community.general/pull/7355).
+- onepassword lookup plugin - introduce ``account_id`` option which allows specifying which account to use (https://github.com/ansible-collections/community.general/pull/7308).
+- onepassword_raw lookup plugin - introduce ``account_id`` option which allows specifying which account to use (https://github.com/ansible-collections/community.general/pull/7308).
+- parted - on resize, use ``--fix`` option if available (https://github.com/ansible-collections/community.general/pull/7304).
+- pnpm - set correct version when state is latest or version is not mentioned. Resolves previous idempotency problem (https://github.com/ansible-collections/community.general/pull/7339).
+- proxmox - add ``vmid`` (and ``taskid`` when possible) to return values (https://github.com/ansible-collections/community.general/pull/7263).
+- random_string - added new ``ignore_similar_chars`` and ``similar_chars`` option to ignore certain chars (https://github.com/ansible-collections/community.general/pull/7242).
+- redfish_command - add new option ``update_oem_params`` for the ``MultipartHTTPPushUpdate`` command (https://github.com/ansible-collections/community.general/issues/7331).
+- redfish_config - add ``CreateVolume`` command to allow creation of volumes on servers (https://github.com/ansible-collections/community.general/pull/6813).
+- redfish_config - adding ``SetSecureBoot`` command (https://github.com/ansible-collections/community.general/pull/7129).
+- redfish_info - add support for ``GetBiosRegistries`` command (https://github.com/ansible-collections/community.general/pull/7144).
+- redfish_info - adds ``LinkStatus`` to NIC inventory (https://github.com/ansible-collections/community.general/pull/7318).
+- redis_info - refactor the redis_info module to use the redis module_utils enabling to pass TLS parameters to the Redis client (https://github.com/ansible-collections/community.general/pull/7267).
+- supervisorctl - allow to stop matching running processes before removing them with ``stop_before_removing=true`` (https://github.com/ansible-collections/community.general/pull/7284).
+
+Deprecated Features
+-------------------
+
+- The next major release, community.general 8.0.0, will drop support for ansible-core 2.11 and 2.12, which have been End of Life for some time now. This means that this collection no longer supports Python 2.6 on the target. Individual content might still work with unsupported ansible-core versions, but that can change at any time. Also please note that from now on, for every new major community.general release, we will drop support for all ansible-core versions that have been End of Life for more than a few weeks on the date of the major release (https://github.com/ansible-community/community-topics/discussions/271, https://github.com/ansible-collections/community.general/pull/7259).
+- redfish_info, redfish_config, redfish_command - the default value ``10`` for the ``timeout`` option is deprecated and will change to ``60`` in community.general 9.0.0 (https://github.com/ansible-collections/community.general/pull/7295).
+
+Bugfixes
+--------
+
+- gitlab_group_variable - deleted all variables when used with ``purge=true`` due to missing ``raw`` property in KNOWN attributes (https://github.com/ansible-collections/community.general/issues/7250).
+- gitlab_project_variable - deleted all variables when used with ``purge=true`` due to missing ``raw`` property in KNOWN attributes (https://github.com/ansible-collections/community.general/issues/7250).
+- ldap_search - fix string normalization and the ``base64_attributes`` option on Python 3 (https://github.com/ansible-collections/community.general/issues/5704, https://github.com/ansible-collections/community.general/pull/7264).
+- lxc connection plugin - properly evaluate options (https://github.com/ansible-collections/community.general/pull/7369).
+- mail - skip headers containing equals characters due to missing ``maxsplit`` on header key/value parsing (https://github.com/ansible-collections/community.general/pull/7303).
+- nmap inventory plugin - fix ``get_option`` calls (https://github.com/ansible-collections/community.general/pull/7323).
+- onepassword - fix KeyError exception when trying to access value of a field that is not filled out in OnePassword item (https://github.com/ansible-collections/community.general/pull/7241).
+- snap - change the change detection mechanism from "parsing installation" to "comparing end state with initial state" (https://github.com/ansible-collections/community.general/pull/7340, https://github.com/ansible-collections/community.general/issues/7265).
+- terraform - prevents ``-backend-config`` option double encapsulating with ``shlex_quote`` function. (https://github.com/ansible-collections/community.general/pull/7301).
+
+New Modules
+-----------
+
+- consul_role - Manipulate Consul roles
+- gio_mime - Set default handler for MIME type, for applications using Gnome GIO
+- keycloak_authz_custom_policy - Allows administration of Keycloak client custom Javascript policies via Keycloak API
+- keycloak_realm_key - Allows administration of Keycloak realm keys via Keycloak API
+- simpleinit_msb - Manage services on Source Mage GNU/Linux
+
+v7.4.0
+======
+
+Release Summary
+---------------
+
+Bugfix and feature release.
+
+Minor Changes
+-------------
+
+- cobbler inventory plugin - add ``exclude_mgmt_classes`` and ``include_mgmt_classes`` options to exclude or include hosts based on management classes (https://github.com/ansible-collections/community.general/pull/7184).
+- cpanm - minor refactor when creating the ``CmdRunner`` object (https://github.com/ansible-collections/community.general/pull/7231).
+- gitlab_group_variable - add support for ``raw`` variables suboption (https://github.com/ansible-collections/community.general/pull/7132).
+- gitlab_project_variable - add support for ``raw`` variables suboption (https://github.com/ansible-collections/community.general/pull/7132).
+- jenkins_build - add new ``detach`` option, which allows the module to exit successfully as long as the build is created (default functionality is still waiting for the build to end before exiting) (https://github.com/ansible-collections/community.general/pull/7204).
+- jenkins_build - add new ``time_between_checks`` option, which allows to configure the wait time between requests to the Jenkins server (https://github.com/ansible-collections/community.general/pull/7204).
+- make - allows ``params`` to be used without value (https://github.com/ansible-collections/community.general/pull/7180).
+- nmap inventory plugin - now has a ``use_arp_ping`` option to allow the user to disable the default ARP ping query for a more reliable form (https://github.com/ansible-collections/community.general/pull/7119).
+- pagerduty - adds in option to use v2 API for creating pagerduty incidents (https://github.com/ansible-collections/community.general/issues/6151)
+- pritunl module utils - ensure ``validate_certs`` parameter is honoured in all methods (https://github.com/ansible-collections/community.general/pull/7156).
+- redfish_info - report ``Id`` in the output of ``GetManagerInventory`` (https://github.com/ansible-collections/community.general/pull/7140).
+- redfish_utils module utils - support ``Volumes`` in response for ``GetDiskInventory`` (https://github.com/ansible-collections/community.general/pull/6819).
+- unixy callback plugin - add support for ``check_mode_markers`` option (https://github.com/ansible-collections/community.general/pull/7179).
+
+Bugfixes
+--------
+
+- CmdRunner module utils - does not attempt to resolve path if executable is a relative or absolute path (https://github.com/ansible-collections/community.general/pull/7200).
+- nmap inventory plugin - now uses ``get_option`` in all cases to get its configuration information (https://github.com/ansible-collections/community.general/pull/7119).
+- nsupdate - fix a possible ``list index out of range`` exception (https://github.com/ansible-collections/community.general/issues/836).
+- oci_utils module util - fix inappropriate logical comparison expressions and makes them simpler. The previous checks had logical short circuits (https://github.com/ansible-collections/community.general/pull/7125).
+- pritunl module utils - fix incorrect URL parameter for orgnization add method (https://github.com/ansible-collections/community.general/pull/7161).
+- snap - an exception was being raised when snap list was empty (https://github.com/ansible-collections/community.general/pull/7124, https://github.com/ansible-collections/community.general/issues/7120).
+
+New Modules
+-----------
+
+- jenkins_build_info - Get information about Jenkins builds
+- pnpm - Manage node.js packages with pnpm
+
+v7.3.0
+======
+
+Release Summary
+---------------
+
+Feature and bugfix release.
+
+Minor Changes
+-------------
+
+- chroot connection plugin - add ``disable_root_check`` option (https://github.com/ansible-collections/community.general/pull/7099).
+- ejabberd_user - module now using ``CmdRunner`` to execute external command (https://github.com/ansible-collections/community.general/pull/7075).
+- ipa_config - add module parameters to manage FreeIPA user and group objectclasses (https://github.com/ansible-collections/community.general/pull/7019).
+- ipa_config - adds ``idp`` choice to ``ipauserauthtype`` parameter's choices (https://github.com/ansible-collections/community.general/pull/7051).
+- npm - module now using ``CmdRunner`` to execute external commands (https://github.com/ansible-collections/community.general/pull/6989).
+- proxmox_kvm - enabled force restart of VM, bringing the ``force`` parameter functionality in line with what is described in the docs (https://github.com/ansible-collections/community.general/pull/6914).
+- proxmox_vm_info - ``node`` parameter is no longer required. Information can be obtained for the whole cluster (https://github.com/ansible-collections/community.general/pull/6976).
+- proxmox_vm_info - non-existing provided by name/vmid VM would return empty results instead of failing (https://github.com/ansible-collections/community.general/pull/7049).
+- redfish_config - add ``DeleteAllVolumes`` command to allow deletion of all volumes on servers (https://github.com/ansible-collections/community.general/pull/6814).
+- redfish_utils - use ``Controllers`` key in redfish data to obtain Storage controllers properties (https://github.com/ansible-collections/community.general/pull/7081).
+- redfish_utils module utils - add support for ``PowerCycle`` reset type for ``redfish_command`` responses feature (https://github.com/ansible-collections/community.general/issues/7083).
+- redfish_utils module utils - add support for following ``@odata.nextLink`` pagination in ``software_inventory`` responses feature (https://github.com/ansible-collections/community.general/pull/7020).
+- shutdown - use ``shutdown -p ...`` with FreeBSD to halt and power off machine (https://github.com/ansible-collections/community.general/pull/7102).
+- sorcery - add grimoire (repository) management support (https://github.com/ansible-collections/community.general/pull/7012).
+
+Deprecated Features
+-------------------
+
+- ejabberd_user - deprecate the parameter ``logging`` in favour of producing more detailed information in the module output (https://github.com/ansible-collections/community.general/pull/7043).
+
+Bugfixes
+--------
+
+- bitwarden lookup plugin - the plugin made assumptions about the structure of a Bitwarden JSON object which may have been broken by an update in the Bitwarden API. Remove assumptions, and allow queries for general fields such as ``notes`` (https://github.com/ansible-collections/community.general/pull/7061).
+- ejabberd_user - module was failing to detect whether user was already created and/or password was changed (https://github.com/ansible-collections/community.general/pull/7033).
+- keycloak module util - fix missing ``http_agent``, ``timeout``, and ``validate_certs`` ``open_url()`` parameters (https://github.com/ansible-collections/community.general/pull/7067).
+- keycloak_client inventory plugin - fix missing client secret (https://github.com/ansible-collections/community.general/pull/6931).
+- lvol - add support for percentage of origin size specification when creating snapshot volumes (https://github.com/ansible-collections/community.general/issues/1630, https://github.com/ansible-collections/community.general/pull/7053).
+- lxc connection plugin - now handles ``remote_addr`` defaulting to ``inventory_hostname`` correctly (https://github.com/ansible-collections/community.general/pull/7104).
+- oci_utils module utils - avoid direct type comparisons (https://github.com/ansible-collections/community.general/pull/7085).
+- proxmox_user_info - avoid direct type comparisons (https://github.com/ansible-collections/community.general/pull/7085).
+- snap - fix crash when multiple snaps are specified and one has ``---`` in its description (https://github.com/ansible-collections/community.general/pull/7046).
+- sorcery - fix interruption of the multi-stage process (https://github.com/ansible-collections/community.general/pull/7012).
+- sorcery - fix queue generation before the whole system rebuild (https://github.com/ansible-collections/community.general/pull/7012).
+- sorcery - latest state no longer triggers update_cache (https://github.com/ansible-collections/community.general/pull/7012).
+
+v7.2.1
+======
+
+Release Summary
+---------------
+
+Bugfix release.
+
+Bugfixes
+--------
+
+- cmd_runner module utils - when a parameter in ``argument_spec`` has no type, meaning it is implicitly a ``str``, ``CmdRunner`` would fail trying to find the ``type`` key in that dictionary (https://github.com/ansible-collections/community.general/pull/6968).
+- ejabberd_user - provide meaningful error message when the ``ejabberdctl`` command is not found (https://github.com/ansible-collections/community.general/pull/7028, https://github.com/ansible-collections/community.general/issues/6949).
+- proxmox module utils - fix proxmoxer library version check (https://github.com/ansible-collections/community.general/issues/6974, https://github.com/ansible-collections/community.general/issues/6975, https://github.com/ansible-collections/community.general/pull/6980).
+- proxmox_kvm - when ``name`` option is provided without ``vmid`` and VM with that name already exists then no new VM will be created (https://github.com/ansible-collections/community.general/issues/6911, https://github.com/ansible-collections/community.general/pull/6981).
+- rundeck - fix ``TypeError`` on 404 API response (https://github.com/ansible-collections/community.general/pull/6983).
+
 v7.2.0
 ======
 
@@ -116,7 +420,6 @@ ansible-core 2.15 or later to see it as it is intended. Alternatively you can
 look at `the devel docsite <https://docs.ansible.com/ansible/devel/collections/community/general/>`__
 for the rendered HTML version of the documentation of the latest release.
 
-
 Minor Changes
 -------------
 
@@ -405,7 +708,7 @@ Deprecated Features
   we have not heard about anyone using them in those setups. Hence, these
   modules are deprecated, and will be removed in community.general 10.0.0
   in case there are no reports about being still useful, and potentially
-  noone that steps up to maintain them
+  no one that steps up to maintain them
   (https://github.com/ansible-collections/community.general/pull/6493).
 
 Removed Features (previously deprecated)

README.md

@@ -24,7 +24,7 @@ If you encounter abusive behavior violating the [Ansible Code of Conduct](https:
 
 ## Tested with Ansible
 
-Tested with the current ansible-core 2.11, ansible-core 2.12, ansible-core 2.13, ansible-core 2.14, ansible-core 2.15 releases and the current development version of ansible-core. Ansible-core versions before 2.11.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.
+Tested with the current ansible-core 2.11, ansible-core 2.12, ansible-core 2.13, ansible-core 2.14, ansible-core 2.15, ansible-core 2.16 releases and the current development version of ansible-core. Ansible-core versions before 2.11.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.
 
 Parts of this collection will not work with ansible-core 2.11 on Python 3.12+.
 
@@ -34,13 +34,13 @@ Some modules and plugins require external libraries. Please check the requiremen
 
 ## Included content
 
-Please check the included content on the [Ansible Galaxy page for this collection](https://galaxy.ansible.com/community/general) or the [documentation on the Ansible docs site](https://docs.ansible.com/ansible/latest/collections/community/general/).
+Please check the included content on the [Ansible Galaxy page for this collection](https://galaxy.ansible.com/ui/repo/published/community/general/) or the [documentation on the Ansible docs site](https://docs.ansible.com/ansible/latest/collections/community/general/).
 
 ## Using this collection
 
 This collection is shipped with the Ansible package. So if you have it installed, no more action is required.
 
-If you have a minimal installation (only Ansible Core installed) or you want to use the latest version of the collection along with the whole Ansible package, you need to install the collection from [Ansible Galaxy](https://galaxy.ansible.com/community/general) manually with the `ansible-galaxy` command-line tool:
+If you have a minimal installation (only Ansible Core installed) or you want to use the latest version of the collection along with the whole Ansible package, you need to install the collection from [Ansible Galaxy](https://galaxy.ansible.com/ui/repo/published/community/general/) manually with the `ansible-galaxy` command-line tool:
 
     ansible-galaxy collection install community.general
 
@@ -57,7 +57,7 @@ Note that if you install the collection manually, it will not be upgraded automa
 ansible-galaxy collection install community.general --upgrade
 ```
 
-You can also install a specific version of the collection, for example, if you need to downgrade when something is broken in the latest version (please report an issue in this repository). Use the following syntax where `X.Y.Z` can be any [available version](https://galaxy.ansible.com/community/general):
+You can also install a specific version of the collection, for example, if you need to downgrade when something is broken in the latest version (please report an issue in this repository). Use the following syntax where `X.Y.Z` can be any [available version](https://galaxy.ansible.com/ui/repo/published/community/general/):
 
 ```bash
 ansible-galaxy collection install community.general:==X.Y.Z
@@ -117,7 +117,7 @@ See the [Releasing guidelines](https://github.com/ansible/community-docs/blob/ma
 
 ## Release notes
 
-See the [changelog](https://github.com/ansible-collections/community.general/blob/stable-7/CHANGELOG.rst).
+See the [changelog](https://github.com/ansible-collections/community.general/blob/stable-7/CHANGELOG.md).
 
 ## Roadmap
 

changelogs/changelog.yaml

@@ -331,7 +331,7 @@ releases:
 
         in case there are no reports about being still useful, and potentially
 
-        noone that steps up to maintain them
+        no one that steps up to maintain them
 
         (https://github.com/ansible-collections/community.general/pull/6493).
 
@@ -1271,3 +1271,520 @@ releases:
         name: bitwarden_secrets_manager
         namespace: null
     release_date: '2023-07-17'
+  7.2.1:
+    changes:
+      bugfixes:
+      - cmd_runner module utils - when a parameter in ``argument_spec`` has no type,
+        meaning it is implicitly a ``str``, ``CmdRunner`` would fail trying to find
+        the ``type`` key in that dictionary (https://github.com/ansible-collections/community.general/pull/6968).
+      - ejabberd_user - provide meaningful error message when the ``ejabberdctl``
+        command is not found (https://github.com/ansible-collections/community.general/pull/7028,
+        https://github.com/ansible-collections/community.general/issues/6949).
+      - proxmox module utils - fix proxmoxer library version check (https://github.com/ansible-collections/community.general/issues/6974,
+        https://github.com/ansible-collections/community.general/issues/6975, https://github.com/ansible-collections/community.general/pull/6980).
+      - proxmox_kvm - when ``name`` option is provided without ``vmid`` and VM with
+        that name already exists then no new VM will be created (https://github.com/ansible-collections/community.general/issues/6911,
+        https://github.com/ansible-collections/community.general/pull/6981).
+      - rundeck - fix ``TypeError`` on 404 API response (https://github.com/ansible-collections/community.general/pull/6983).
+      release_summary: Bugfix release.
+    fragments:
+    - 6949-ejabberdctl-error.yml
+    - 6968-cmdrunner-implicit-type.yml
+    - 6980-proxmox-fix-token-auth.yml
+    - 6981-proxmox-fix-vm-creation-when-only-name-provided.yml
+    - 6983-rundeck-fix-typerrror-on-404-api-response.yml
+    - 7.2.1.yml
+    release_date: '2023-07-31'
+  7.3.0:
+    changes:
+      bugfixes:
+      - bitwarden lookup plugin - the plugin made assumptions about the structure
+        of a Bitwarden JSON object which may have been broken by an update in the
+        Bitwarden API. Remove assumptions, and allow queries for general fields such
+        as ``notes`` (https://github.com/ansible-collections/community.general/pull/7061).
+      - ejabberd_user - module was failing to detect whether user was already created
+        and/or password was changed (https://github.com/ansible-collections/community.general/pull/7033).
+      - keycloak module util - fix missing ``http_agent``, ``timeout``, and ``validate_certs``
+        ``open_url()`` parameters (https://github.com/ansible-collections/community.general/pull/7067).
+      - keycloak_client inventory plugin - fix missing client secret (https://github.com/ansible-collections/community.general/pull/6931).
+      - lvol - add support for percentage of origin size specification when creating
+        snapshot volumes (https://github.com/ansible-collections/community.general/issues/1630,
+        https://github.com/ansible-collections/community.general/pull/7053).
+      - lxc connection plugin - now handles ``remote_addr`` defaulting to ``inventory_hostname``
+        correctly (https://github.com/ansible-collections/community.general/pull/7104).
+      - oci_utils module utils - avoid direct type comparisons (https://github.com/ansible-collections/community.general/pull/7085).
+      - proxmox_user_info - avoid direct type comparisons (https://github.com/ansible-collections/community.general/pull/7085).
+      - snap - fix crash when multiple snaps are specified and one has ``---`` in
+        its description (https://github.com/ansible-collections/community.general/pull/7046).
+      - sorcery - fix interruption of the multi-stage process (https://github.com/ansible-collections/community.general/pull/7012).
+      - sorcery - fix queue generation before the whole system rebuild (https://github.com/ansible-collections/community.general/pull/7012).
+      - sorcery - latest state no longer triggers update_cache (https://github.com/ansible-collections/community.general/pull/7012).
+      deprecated_features:
+      - ejabberd_user - deprecate the parameter ``logging`` in favour of producing
+        more detailed information in the module output (https://github.com/ansible-collections/community.general/pull/7043).
+      minor_changes:
+      - chroot connection plugin - add ``disable_root_check`` option (https://github.com/ansible-collections/community.general/pull/7099).
+      - ejabberd_user - module now using ``CmdRunner`` to execute external command
+        (https://github.com/ansible-collections/community.general/pull/7075).
+      - ipa_config - add module parameters to manage FreeIPA user and group objectclasses
+        (https://github.com/ansible-collections/community.general/pull/7019).
+      - ipa_config - adds ``idp`` choice to ``ipauserauthtype`` parameter's choices
+        (https://github.com/ansible-collections/community.general/pull/7051).
+      - npm - module now using ``CmdRunner`` to execute external commands (https://github.com/ansible-collections/community.general/pull/6989).
+      - proxmox_kvm - enabled force restart of VM, bringing the ``force`` parameter
+        functionality in line with what is described in the docs (https://github.com/ansible-collections/community.general/pull/6914).
+      - proxmox_vm_info - ``node`` parameter is no longer required. Information can
+        be obtained for the whole cluster (https://github.com/ansible-collections/community.general/pull/6976).
+      - proxmox_vm_info - non-existing provided by name/vmid VM would return empty
+        results instead of failing (https://github.com/ansible-collections/community.general/pull/7049).
+      - redfish_config - add ``DeleteAllVolumes`` command to allow deletion of all
+        volumes on servers (https://github.com/ansible-collections/community.general/pull/6814).
+      - redfish_utils - use ``Controllers`` key in redfish data to obtain Storage
+        controllers properties (https://github.com/ansible-collections/community.general/pull/7081).
+      - redfish_utils module utils - add support for ``PowerCycle`` reset type for
+        ``redfish_command`` responses feature (https://github.com/ansible-collections/community.general/issues/7083).
+      - redfish_utils module utils - add support for following ``@odata.nextLink``
+        pagination in ``software_inventory`` responses feature (https://github.com/ansible-collections/community.general/pull/7020).
+      - shutdown - use ``shutdown -p ...`` with FreeBSD to halt and power off machine
+        (https://github.com/ansible-collections/community.general/pull/7102).
+      - sorcery - add grimoire (repository) management support (https://github.com/ansible-collections/community.general/pull/7012).
+      release_summary: Feature and bugfix release.
+    fragments:
+    - 6814-redfish-config-add-delete-all-volumes.yml
+    - 6914-proxmox_kvm-enable-force-restart.yml
+    - 6931-keycloak_client-inventory-bugfix.yml
+    - 6976-proxmox-vm-info-not-require-node.yml
+    - 6989-npm-cmdrunner.yml
+    - 7.3.0.yml
+    - 7012-sorcery-grimoire-mgmt.yml
+    - 7019-ipa_config-user-and-group-objectclasses.yml
+    - 7020-redfish-utils-pagination.yml
+    - 7033-ejabberd-user-bugs.yml
+    - 7043-ejabberd-user-deprecate-logging.yml
+    - 7046-snap-newline-before-separator.yml
+    - 7049-proxmox-vm-info-empty-results.yml
+    - 7051-ipa-config-new-choice-idp-to-ipauserauthtype.yml
+    - 7061-fix-bitwarden-get_field.yml
+    - 7067-keycloak-api-paramerter-fix.yml
+    - 7075-ejabberd-user-cmdrunner.yml
+    - 7081-redfish-utils-fix-for-storagecontrollers-deprecated-key.yaml
+    - 7085-sanity.yml
+    - 7099-chroot-disable-root-check-option.yml
+    - 7102-freebsd-shutdown-p.yml
+    - 7104_fix_lxc_remoteaddr_default.yml
+    - 7113-redfish-utils-power-cycle.yml
+    - lvol-pct-of-origin.yml
+    release_date: '2023-08-15'
+  7.4.0:
+    changes:
+      bugfixes:
+      - CmdRunner module utils - does not attempt to resolve path if executable is
+        a relative or absolute path (https://github.com/ansible-collections/community.general/pull/7200).
+      - nmap inventory plugin - now uses ``get_option`` in all cases to get its configuration
+        information (https://github.com/ansible-collections/community.general/pull/7119).
+      - nsupdate - fix a possible ``list index out of range`` exception (https://github.com/ansible-collections/community.general/issues/836).
+      - oci_utils module util - fix inappropriate logical comparison expressions and
+        makes them simpler. The previous checks had logical short circuits (https://github.com/ansible-collections/community.general/pull/7125).
+      - pritunl module utils - fix incorrect URL parameter for orgnization add method
+        (https://github.com/ansible-collections/community.general/pull/7161).
+      - snap - an exception was being raised when snap list was empty (https://github.com/ansible-collections/community.general/pull/7124,
+        https://github.com/ansible-collections/community.general/issues/7120).
+      minor_changes:
+      - cobbler inventory plugin - add ``exclude_mgmt_classes`` and ``include_mgmt_classes``
+        options to exclude or include hosts based on management classes (https://github.com/ansible-collections/community.general/pull/7184).
+      - cpanm - minor refactor when creating the ``CmdRunner`` object (https://github.com/ansible-collections/community.general/pull/7231).
+      - gitlab_group_variable - add support for ``raw`` variables suboption (https://github.com/ansible-collections/community.general/pull/7132).
+      - gitlab_project_variable - add support for ``raw`` variables suboption (https://github.com/ansible-collections/community.general/pull/7132).
+      - jenkins_build - add new ``detach`` option, which allows the module to exit
+        successfully as long as the build is created (default functionality is still
+        waiting for the build to end before exiting) (https://github.com/ansible-collections/community.general/pull/7204).
+      - jenkins_build - add new ``time_between_checks`` option, which allows to configure
+        the wait time between requests to the Jenkins server (https://github.com/ansible-collections/community.general/pull/7204).
+      - make - allows ``params`` to be used without value (https://github.com/ansible-collections/community.general/pull/7180).
+      - nmap inventory plugin - now has a ``use_arp_ping`` option to allow the user
+        to disable the default ARP ping query for a more reliable form (https://github.com/ansible-collections/community.general/pull/7119).
+      - pagerduty - adds in option to use v2 API for creating pagerduty incidents
+        (https://github.com/ansible-collections/community.general/issues/6151)
+      - pritunl module utils - ensure ``validate_certs`` parameter is honoured in
+        all methods (https://github.com/ansible-collections/community.general/pull/7156).
+      - redfish_info - report ``Id`` in the output of ``GetManagerInventory`` (https://github.com/ansible-collections/community.general/pull/7140).
+      - redfish_utils module utils - support ``Volumes`` in response for ``GetDiskInventory``
+        (https://github.com/ansible-collections/community.general/pull/6819).
+      - unixy callback plugin - add support for ``check_mode_markers`` option (https://github.com/ansible-collections/community.general/pull/7179).
+      release_summary: Bugfix and feature release.
+    fragments:
+    - 6819-redfish-utils-add-links-parameter-for-get_disk_inventory.yml
+    - 7.4.0.yml
+    - 7118-nmap_inv_plugin_no_arp_option.yml
+    - 7124-snap-empty-list.yml
+    - 7125-fix-inappropriate-comparison.yml
+    - 7132-gitlab-raw-variables.yml
+    - 7140-id-getmanagerinv-output.yml
+    - 7156-ensure-validate-certs-parameter-is-honoured.yml
+    - 7161-fix-incorrect-post-parameter.yml
+    - 7179-unixy-support-checkmode-markers.yml
+    - 7180-make_params_without_value.yml
+    - 7184-cobbler-mgmt-classes.yml
+    - 7200-cmd-runner-abs-path.yml
+    - 7219-fix-nsupdate-cname.yaml
+    - 7231-cpanm-adjustments.yml
+    - improvements-to-jenkins-build-module.yml
+    - update-v2-pagerduty-alert.yml
+    modules:
+    - description: Get information about Jenkins builds
+      name: jenkins_build_info
+      namespace: ''
+    - description: Manage node.js packages with pnpm
+      name: pnpm
+      namespace: ''
+    release_date: '2023-09-11'
+  7.5.0:
+    changes:
+      bugfixes:
+      - gitlab_group_variable - deleted all variables when used with ``purge=true``
+        due to missing ``raw`` property in KNOWN attributes (https://github.com/ansible-collections/community.general/issues/7250).
+      - gitlab_project_variable - deleted all variables when used with ``purge=true``
+        due to missing ``raw`` property in KNOWN attributes (https://github.com/ansible-collections/community.general/issues/7250).
+      - ldap_search - fix string normalization and the ``base64_attributes`` option
+        on Python 3 (https://github.com/ansible-collections/community.general/issues/5704,
+        https://github.com/ansible-collections/community.general/pull/7264).
+      - lxc connection plugin - properly evaluate options (https://github.com/ansible-collections/community.general/pull/7369).
+      - mail - skip headers containing equals characters due to missing ``maxsplit``
+        on header key/value parsing (https://github.com/ansible-collections/community.general/pull/7303).
+      - nmap inventory plugin - fix ``get_option`` calls (https://github.com/ansible-collections/community.general/pull/7323).
+      - onepassword - fix KeyError exception when trying to access value of a field
+        that is not filled out in OnePassword item (https://github.com/ansible-collections/community.general/pull/7241).
+      - snap - change the change detection mechanism from "parsing installation" to
+        "comparing end state with initial state" (https://github.com/ansible-collections/community.general/pull/7340,
+        https://github.com/ansible-collections/community.general/issues/7265).
+      - terraform - prevents ``-backend-config`` option double encapsulating with
+        ``shlex_quote`` function. (https://github.com/ansible-collections/community.general/pull/7301).
+      deprecated_features:
+      - The next major release, community.general 8.0.0, will drop support for ansible-core
+        2.11 and 2.12, which have been End of Life for some time now. This means that
+        this collection no longer supports Python 2.6 on the target. Individual content
+        might still work with unsupported ansible-core versions, but that can change
+        at any time. Also please note that from now on, for every new major community.general
+        release, we will drop support for all ansible-core versions that have been
+        End of Life for more than a few weeks on the date of the major release (https://github.com/ansible-community/community-topics/discussions/271,
+        https://github.com/ansible-collections/community.general/pull/7259).
+      - redfish_info, redfish_config, redfish_command - the default value ``10`` for
+        the ``timeout`` option is deprecated and will change to ``60`` in community.general
+        9.0.0 (https://github.com/ansible-collections/community.general/pull/7295).
+      minor_changes:
+      - cargo - add option ``executable``, which allows user to specify path to the
+        cargo binary (https://github.com/ansible-collections/community.general/pull/7352).
+      - cargo - add option ``locked`` which allows user to specify install the locked
+        version of dependency instead of latest compatible version (https://github.com/ansible-collections/community.general/pull/6134).
+      - dig lookup plugin - add TCP option to enable the use of TCP connection during
+        DNS lookup (https://github.com/ansible-collections/community.general/pull/7343).
+      - 'gitlab_group - add option ``force_delete`` (default: false) which allows
+        delete group even if projects exists in it (https://github.com/ansible-collections/community.general/pull/7364).'
+      - ini_file - add ``ignore_spaces`` option (https://github.com/ansible-collections/community.general/pull/7273).
+      - newrelic_deployment - add option ``app_name_exact_match``, which filters results
+        for the exact app_name provided (https://github.com/ansible-collections/community.general/pull/7355).
+      - onepassword lookup plugin - introduce ``account_id`` option which allows specifying
+        which account to use (https://github.com/ansible-collections/community.general/pull/7308).
+      - onepassword_raw lookup plugin - introduce ``account_id`` option which allows
+        specifying which account to use (https://github.com/ansible-collections/community.general/pull/7308).
+      - parted - on resize, use ``--fix`` option if available (https://github.com/ansible-collections/community.general/pull/7304).
+      - pnpm - set correct version when state is latest or version is not mentioned.
+        Resolves previous idempotency problem (https://github.com/ansible-collections/community.general/pull/7339).
+      - proxmox - add ``vmid`` (and ``taskid`` when possible) to return values (https://github.com/ansible-collections/community.general/pull/7263).
+      - random_string - added new ``ignore_similar_chars`` and ``similar_chars`` option
+        to ignore certain chars (https://github.com/ansible-collections/community.general/pull/7242).
+      - redfish_command - add new option ``update_oem_params`` for the ``MultipartHTTPPushUpdate``
+        command (https://github.com/ansible-collections/community.general/issues/7331).
+      - redfish_config - add ``CreateVolume`` command to allow creation of volumes
+        on servers (https://github.com/ansible-collections/community.general/pull/6813).
+      - redfish_config - adding ``SetSecureBoot`` command (https://github.com/ansible-collections/community.general/pull/7129).
+      - redfish_info - add support for ``GetBiosRegistries`` command (https://github.com/ansible-collections/community.general/pull/7144).
+      - redfish_info - adds ``LinkStatus`` to NIC inventory (https://github.com/ansible-collections/community.general/pull/7318).
+      - redis_info - refactor the redis_info module to use the redis module_utils
+        enabling to pass TLS parameters to the Redis client (https://github.com/ansible-collections/community.general/pull/7267).
+      - supervisorctl - allow to stop matching running processes before removing them
+        with ``stop_before_removing=true`` (https://github.com/ansible-collections/community.general/pull/7284).
+      release_summary: 'Regular bugfix and feature release.
+
+
+        Please note that this is the last minor 7.x.0 release. Further releases
+
+        with major version 7 will be bugfix releases 7.5.y.
+
+        '
+    fragments:
+    - 6134-add-locked-option-for-cargo.yml
+    - 6813-redfish-config-add-create-volume.yml
+    - 7.5.0.yml
+    - 7129-adding_set_secure_boot_command_to_redfish_config.yml
+    - 7144-add-getbiosregistry-command-to-redfish-info.yml
+    - 7241-prevent-key-error-when-value-does-not-exist.yml
+    - 7242_ignore_similar_chars.yml
+    - 7251-gitlab-variables-deleteing-all-variables.yml
+    - 7263-proxmox-return-vmid-and-taskid.yaml
+    - 7264-ldap_search-strings.yml
+    - 7267-redis_info.yml
+    - 7273-ini_file_ignore_spaces.yml
+    - 7284-supervisorctl-stop-before-remove.yaml
+    - 7295-adding_deprecation_for_timeout_in_redfish_info_config_command.yml
+    - 7301-fix-backend-config-string-encapsulation.yml
+    - 7303-mail-incorrect-header-parsing.yml
+    - 7304-prevent-parted-warnings.yml
+    - 7308-onepassword-multi-acc.yml
+    - 7318-add-linkstatus-attribute-to-nic-inventory.yml
+    - 7323-nmap.yml
+    - 7330-redfish-utils-oem-params.yml
+    - 7339-pnpm-correct-version-when-state-latest.yml
+    - 7340-snap-fix.yml
+    - 7343-dig-tcp-option.yml
+    - 7352-add-executable-option-for-cargo.yml
+    - 7355-newrelic-deployment-add-exact-name.yml
+    - 7364-add-option-force-gitlab-group.yml
+    - 7369-fix-lxc-options.yml
+    - deprecate-ansible-core-2.11-2.12.yml
+    modules:
+    - description: Manipulate Consul roles
+      name: consul_role
+      namespace: ''
+    - description: Set default handler for MIME type, for applications using Gnome
+        GIO
+      name: gio_mime
+      namespace: ''
+    - description: Allows administration of Keycloak client custom Javascript policies
+        via Keycloak API
+      name: keycloak_authz_custom_policy
+      namespace: ''
+    - description: Allows administration of Keycloak realm keys via Keycloak API
+      name: keycloak_realm_key
+      namespace: ''
+    - description: Manage services on Source Mage GNU/Linux
+      name: simpleinit_msb
+      namespace: ''
+    release_date: '2023-10-09'
+  7.5.1:
+    changes:
+      bugfixes:
+      - composer - fix impossible to run ``working_dir`` dependent commands. The module
+        was throwing an error when trying to run a ``working_dir`` dependent command,
+        because it tried to get the command help without passing the ``working_dir``
+        (https://github.com/ansible-collections/community.general/issues/3787).
+      - github_deploy_key - fix pagination behaviour causing a crash when only a single
+        page of deploy keys exist (https://github.com/ansible-collections/community.general/pull/7375).
+      - gitlab_group_members - fix gitlab constants call in ``gitlab_group_members``
+        module (https://github.com/ansible-collections/community.general/issues/7467).
+      - gitlab_project_members - fix gitlab constants call in ``gitlab_project_members``
+        module (https://github.com/ansible-collections/community.general/issues/7467).
+      - gitlab_protected_branches - fix gitlab constants call in ``gitlab_protected_branches``
+        module (https://github.com/ansible-collections/community.general/issues/7467).
+      - gitlab_user - fix gitlab constants call in ``gitlab_user`` module (https://github.com/ansible-collections/community.general/issues/7467).
+      - kernel_blacklist - simplified the mechanism to update the file, fixing the
+        error (https://github.com/ansible-collections/community.general/pull/7382,
+        https://github.com/ansible-collections/community.general/issues/7362).
+      - memset module utils - make compatible with ansible-core 2.17 (https://github.com/ansible-collections/community.general/pull/7379).
+      - proxmox_pool_member - absent state for type VM did not delete VMs from the
+        pools (https://github.com/ansible-collections/community.general/pull/7464).
+      - redfish_command - fix usage of message parsing in ``SimpleUpdate`` and ``MultipartHTTPPushUpdate``
+        commands to treat the lack of a ``MessageId`` as no message (https://github.com/ansible-collections/community.general/issues/7465,
+        https://github.com/ansible-collections/community.general/pull/7471).
+      - 'redhat_subscription - use the right D-Bus options for the consumer type when
+
+        registering a RHEL system older than 9 or a RHEL 9 system older than 9.2
+
+        and using ``consumer_type``
+
+        (https://github.com/ansible-collections/community.general/pull/7378).
+
+        '
+      - selective callback plugin - fix length of task name lines in output always
+        being 3 characters longer than desired (https://github.com/ansible-collections/community.general/pull/7374).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 3787-pass-composer-working-dir.yml
+    - 7.5.1.yml
+    - 7374-fix-selective-callback-taskname-length.yml
+    - 7375-fix-github-deploy-key-pagination.yml
+    - 7378-redhat_subscription-dbus-consumer-type.yaml
+    - 7379-url.yml
+    - 7382-kernel-blacklist-bugfix.yml
+    - 7464-fix-vm-removal-in-proxmox_pool_member.yml
+    - 7465-redfish-firmware-update-message-id-hardening.yml
+    - 7467-fix-gitlab-constants-calls.yml
+    release_date: '2023-11-06'
+  7.5.2:
+    changes:
+      bugfixes:
+      - cloudflare_dns - fix Cloudflare lookup of SHFP records (https://github.com/ansible-collections/community.general/issues/7652).
+      - interface_files - also consider ``address_family`` when changing ``option=method``
+        (https://github.com/ansible-collections/community.general/issues/7610, https://github.com/ansible-collections/community.general/pull/7612).
+      - irc - replace ``ssl.wrap_socket`` that was removed from Python 3.12 with code
+        for creating a proper SSL context (https://github.com/ansible-collections/community.general/pull/7542).
+      - keycloak_* - fix Keycloak API client to quote ``/`` properly (https://github.com/ansible-collections/community.general/pull/7641).
+      - keycloak_authz_permission - resource payload variable for scope-based permission
+        was constructed as a string, when it needs to be a list, even for a single
+        item (https://github.com/ansible-collections/community.general/issues/7151).
+      - log_entries callback plugin - replace ``ssl.wrap_socket`` that was removed
+        from Python 3.12 with code for creating a proper SSL context (https://github.com/ansible-collections/community.general/pull/7542).
+      - lvol - test for output messages in both ``stdout`` and ``stderr`` (https://github.com/ansible-collections/community.general/pull/7601,
+        https://github.com/ansible-collections/community.general/issues/7182).
+      - ocapi_utils, oci_utils, redfish_utils module utils - replace ``type()`` calls
+        with ``isinstance()`` calls (https://github.com/ansible-collections/community.general/pull/7501).
+      - onepassword lookup plugin - field and section titles are now case insensitive
+        when using op CLI version two or later. This matches the behavior of version
+        one (https://github.com/ansible-collections/community.general/pull/7564).
+      - pipx module utils - change the CLI argument formatter for the ``pip_args``
+        parameter (https://github.com/ansible-collections/community.general/issues/7497,
+        https://github.com/ansible-collections/community.general/pull/7506).
+      - 'redhat_subscription - use the D-Bus registration on RHEL 7 only on 7.4 and
+
+        greater; older versions of RHEL 7 do not have it
+
+        (https://github.com/ansible-collections/community.general/issues/7622,
+
+        https://github.com/ansible-collections/community.general/pull/7624).
+
+        '
+      - terraform - fix multiline string handling in complex variables (https://github.com/ansible-collections/community.general/pull/7535).
+      minor_changes:
+      - elastic callback plugin - close elastic client to not leak resources (https://github.com/ansible-collections/community.general/pull/7517).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 000-redhat_subscription-dbus-on-7.4-plus.yaml
+    - 7.5.2.yml
+    - 7151-fix-keycloak_authz_permission-incorrect-resource-payload.yml
+    - 7501-type.yml
+    - 7506-pipx-pipargs.yml
+    - 7517-elastic-close-client.yaml
+    - 7535-terraform-fix-multiline-string-handling-in-complex-variables.yml
+    - 7542-irc-logentries-ssl.yml
+    - 7564-onepassword-lookup-case-insensitive.yaml
+    - 7601-lvol-fix.yml
+    - 7612-interface_file-method.yml
+    - 7641-fix-keycloak-api-client-to-quote-properly.yml
+    - 7653-fix-cloudflare-lookup.yml
+    release_date: '2023-12-04'
+  7.5.3:
+    changes:
+      bugfixes:
+      - keycloak_identity_provider - ``mappers`` processing was not idempotent if
+        the mappers configuration list had not been sorted by name (in ascending order).
+        Fix resolves the issue by sorting mappers in the desired state using the same
+        key which is used for obtaining existing state (https://github.com/ansible-collections/community.general/pull/7418).
+      - keycloak_identity_provider - it was not possible to reconfigure (add, remove)
+        ``mappers`` once they were created initially. Removal was ignored, adding
+        new ones resulted in dropping the pre-existing unmodified mappers. Fix resolves
+        the issue by supplying correct input to the internal update call (https://github.com/ansible-collections/community.general/pull/7418).
+      - keycloak_user - when ``force`` is set, but user does not exist, do not try
+        to delete it (https://github.com/ansible-collections/community.general/pull/7696).
+      - statusio_maintenance - fix error caused by incorrectly formed API data payload.
+        Was raising "Failed to create maintenance HTTP Error 400 Bad Request" caused
+        by bad data type for date/time and deprecated dict keys (https://github.com/ansible-collections/community.general/pull/7754).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 7.5.3.yml
+    - 7418-kc_identity_provider-mapper-reconfiguration-fixes.yml
+    - 7696-avoid-attempt-to-delete-non-existing-user.yml
+    - 7754-fixed-payload-format.yml
+    release_date: '2024-01-01'
+  7.5.4:
+    changes:
+      bugfixes:
+      - homebrew - detect already installed formulae and casks using JSON output from
+        ``brew info`` (https://github.com/ansible-collections/community.general/issues/864).
+      - ipa_otptoken - the module expect ``ipatokendisabled`` as string but the ``ipatokendisabled``
+        value is returned as a boolean (https://github.com/ansible-collections/community.general/pull/7795).
+      - ldap - previously the order number (if present) was expected to follow an
+        equals sign in the DN. This makes it so the order number string is identified
+        correctly anywhere within the DN (https://github.com/ansible-collections/community.general/issues/7646).
+      - mssql_script - make the module work with Python 2 (https://github.com/ansible-collections/community.general/issues/7818,
+        https://github.com/ansible-collections/community.general/pull/7821).
+      - nmcli - fix ``connection.slave-type`` wired to ``bond`` and not with parameter
+        ``slave_type`` in case of connection type ``wifi`` (https://github.com/ansible-collections/community.general/issues/7389).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 7.5.4.yml
+    - 7389-nmcli-issue-with-creating-a-wifi-bridge-slave.yml
+    - 7646-fix-order-number-detection-in-dn.yml
+    - 7797-ipa-fix-otp-idempotency.yml
+    - 7821-mssql_script-py2.yml
+    - 7870-homebrew-cask-installed-detection.yml
+    release_date: '2024-01-29'
+  7.5.5:
+    changes:
+      bugfixes:
+      - 'cargo - fix idempotency issues when using a custom installation path for
+        packages (using the ``--path`` parameter). The initial installation runs fine,
+        but subsequent runs use the ``get_installed()`` function which did not check
+        the given installation location, before running ``cargo install``. This resulted
+        in a false ``changed`` state. Also the removal of packeges using ``state:
+        absent`` failed, as the installation check did not use the given parameter
+        (https://github.com/ansible-collections/community.general/pull/7970).'
+      - keycloak_client - fixes issue when metadata is provided in desired state when
+        task is in check mode (https://github.com/ansible-collections/community.general/issues/1226,
+        https://github.com/ansible-collections/community.general/pull/7881).
+      - modprobe - listing modules files or modprobe files could trigger a FileNotFoundError
+        if ``/etc/modprobe.d`` or ``/etc/modules-load.d`` did not exist. Relevant
+        functions now return empty lists if the directories do not exist to avoid
+        crashing the module (https://github.com/ansible-collections/community.general/issues/7717).
+      - onepassword lookup plugin - failed for fields that were in sections and had
+        uppercase letters in the label/ID. Field lookups are now case insensitive
+        in all cases (https://github.com/ansible-collections/community.general/pull/7919).
+      - pkgin - pkgin (pkgsrc package manager used by SmartOS) raises erratic exceptions
+        and spurious ``changed=true`` (https://github.com/ansible-collections/community.general/pull/7971).
+      - redfish_info - allow for a GET operation invoked by ``GetUpdateStatus`` to
+        allow for an empty response body for cases where a service returns 204 No
+        Content (https://github.com/ansible-collections/community.general/issues/8003).
+      - redfish_info - correct uncaught exception when attempting to retrieve ``Chassis``
+        information (https://github.com/ansible-collections/community.general/pull/7952).
+      release_summary: Regular bugfix release.
+    fragments:
+    - 7.5.5.yml
+    - 7717-prevent-modprobe-error.yml
+    - 7881-fix-keycloak-client-ckeckmode.yml
+    - 7919-onepassword-fieldname-casing.yaml
+    - 7951-fix-redfish_info-exception.yml
+    - 7970-fix-cargo-path-idempotency.yaml
+    - 8003-redfish-get-update-status-empty-response.yml
+    - pkgin.yml
+    release_date: '2024-02-25'
+  7.5.6:
+    changes:
+      bugfixes:
+      - aix_filesystem - fix issue with empty list items in crfs logic and option
+        order (https://github.com/ansible-collections/community.general/pull/8052).
+      - homebrew - error returned from brew command was ignored and tried to parse
+        empty JSON. Fix now checks for an error and raises it to give accurate error
+        message to users (https://github.com/ansible-collections/community.general/issues/8047).
+      - ipa_hbacrule - the module uses a string for ``ipaenabledflag`` for new FreeIPA
+        versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
+      - ipa_sudorule - the module uses a string for ``ipaenabledflag`` for new FreeIPA
+        versions while the returned value is a boolean (https://github.com/ansible-collections/community.general/pull/7880).
+      - iptables_state - fix idempotency issues when restoring incomplete iptables
+        dumps (https://github.com/ansible-collections/community.general/issues/8029).
+      - linode inventory plugin - add descriptive error message for linode inventory
+        plugin (https://github.com/ansible-collections/community.general/pull/8133).
+      - pacemaker_cluster - actually implement check mode, which the module claims
+        to support. This means that until now the module also did changes in check
+        mode (https://github.com/ansible-collections/community.general/pull/8081).
+      - pam_limits - when the file does not exist, do not create it in check mode
+        (https://github.com/ansible-collections/community.general/issues/8050, https://github.com/ansible-collections/community.general/pull/8057).
+      - proxmox_kvm - fixed status check getting from node-specific API endpoint (https://github.com/ansible-collections/community.general/issues/7817).
+      release_summary: Regular bugfix release with security fixes.
+      security_fixes:
+      - cobbler, gitlab_runners, icinga2, linode, lxd, nmap, online, opennebula, proxmox,
+        scaleway, stackpath_compute, virtualbox, and xen_orchestra inventory plugin
+        - make sure all data received from the remote servers is marked as unsafe,
+        so remote code execution by obtaining texts that can be evaluated as templates
+        is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/,
+        https://github.com/ansible-collections/community.general/pull/8098).
+    fragments:
+    - 7.5.6.yml
+    - 7880-ipa-fix-sudo-and-hbcalrule-idempotence.yml
+    - 7953-proxmox_kvm-fix_status_check.yml
+    - 8029-iptables-state-restore-check-mode.yml
+    - 8048-fix-homebrew-module-error-reporting-on-become-true.yaml
+    - 8057-pam_limits-check-mode.yml
+    - 8133-add-error-message-for-linode-inventory-plugin.yaml
+    - aix_filesystem-crfs-issue.yml
+    - inventory-rce.yml
+    - pacemaker-cluster.yml
+    release_date: '2024-03-25'

changelogs/config.yaml

@@ -12,6 +12,9 @@ mention_ancestor: true
 flatmap: true
 new_plugins_after_name: removed_features
 notesdir: fragments
+output_formats:
+  - md
+  - rst
 prelude_section_name: release_summary
 prelude_section_title: Release Summary
 sections:

docs/docsite/rst/filter_guide_abstract_informations_counting_elements_in_sequence.rst

@@ -6,7 +6,7 @@
 Counting elements in a sequence
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-The ``community.general.counter`` filter plugin allows you to count (hashable) elements in a sequence. Elements are returned as dictionary keys and their counts are stored as dictionary values.
+The :ansplugin:`community.general.counter filter plugin <community.general.counter#filter>` allows you to count (hashable) elements in a sequence. Elements are returned as dictionary keys and their counts are stored as dictionary values.
 
 .. code-block:: yaml+jinja
 

docs/docsite/rst/filter_guide_abstract_informations_dictionaries.rst

@@ -6,7 +6,7 @@
 Dictionaries
 ^^^^^^^^^^^^
 
-You can use the ``dict_kv`` filter to create a single-entry dictionary with ``value | community.general.dict_kv(key)``:
+You can use the :ansplugin:`community.general.dict_kv filter <community.general.dict_kv#filter>` to create a single-entry dictionary with ``value | community.general.dict_kv(key)``:
 
 .. code-block:: yaml+jinja
 
@@ -58,7 +58,7 @@ This produces:
 
 .. versionadded:: 2.0.0
 
-If you need to convert a list of key-value pairs to a dictionary, you can use the ``dict`` function. Unfortunately, this function cannot be used with ``map``. For this, the ``community.general.dict`` filter can be used:
+If you need to convert a list of key-value pairs to a dictionary, you can use the ``dict`` function. Unfortunately, this function cannot be used with ``map``. For this, the :ansplugin:`community.general.dict filter <community.general.dict#filter>` can be used:
 
 .. code-block:: yaml+jinja
 

docs/docsite/rst/filter_guide_abstract_informations_grouping.rst

@@ -6,7 +6,7 @@
 Grouping
 ^^^^^^^^
 
-If you have a list of dictionaries, the Jinja2 ``groupby`` filter allows to group the list by an attribute. This results in a list of ``(grouper, list)`` namedtuples, where ``list`` contains all dictionaries where the selected attribute equals ``grouper``. If you know that for every ``grouper``, there will be a most one entry in that list, you can use the ``community.general.groupby_as_dict`` filter to convert the original list into a dictionary which maps ``grouper`` to the corresponding dictionary.
+If you have a list of dictionaries, the Jinja2 ``groupby`` filter allows to group the list by an attribute. This results in a list of ``(grouper, list)`` namedtuples, where ``list`` contains all dictionaries where the selected attribute equals ``grouper``. If you know that for every ``grouper``, there will be a most one entry in that list, you can use the :ansplugin:`community.general.groupby_as_dict filter <community.general.groupby_as_dict#filter>` to convert the original list into a dictionary which maps ``grouper`` to the corresponding dictionary.
 
 One example is ``ansible_facts.mounts``, which is a list of dictionaries where each has one ``device`` element to indicate the device which is mounted. Therefore, ``ansible_facts.mounts | community.general.groupby_as_dict('device')`` is a dictionary mapping a device to the mount information:
 

docs/docsite/rst/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst

@@ -6,7 +6,7 @@
 Merging lists of dictionaries
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-If you have two or more lists of dictionaries and want to combine them into a list of merged dictionaries, where the dictionaries are merged by an attribute, you can use the ``lists_mergeby`` filter.
+If you have two or more lists of dictionaries and want to combine them into a list of merged dictionaries, where the dictionaries are merged by an attribute, you can use the :ansplugin:`community.general.lists_mergeby filter <community.general.lists_mergeby#filter>`.
 
 .. note:: The output of the examples in this section use the YAML callback plugin. Quoting: "Ansible output that can be quite a bit easier to read than the default JSON formatting." See :ref:`the documentation for the community.general.yaml callback plugin <ansible_collections.community.general.yaml_callback>`.
 
@@ -76,15 +76,15 @@ This produces the same result as in the previous example:
     name: meh
 
 
-The filter also accepts two optional parameters: ``recursive`` and ``list_merge``. These parameters are only supported when used with ansible-base 2.10 or ansible-core, but not with Ansible 2.9. This is available since community.general 4.4.0.
+The filter also accepts two optional parameters: :ansopt:`community.general.lists_mergeby#filter:recursive` and :ansopt:`community.general.lists_mergeby#filter:list_merge`. This is available since community.general 4.4.0.
 
 **recursive**
-    Is a boolean, default to ``False``. Should the ``community.general.lists_mergeby`` recursively merge nested hashes. Note: It does not depend on the value of the ``hash_behaviour`` setting in ``ansible.cfg``.
+    Is a boolean, default to ``false``. Should the :ansplugin:`community.general.lists_mergeby#filter` filter recursively merge nested hashes. Note: It does not depend on the value of the ``hash_behaviour`` setting in ``ansible.cfg``.
 
 **list_merge**
-    Is a string, its possible values are ``replace`` (default), ``keep``, ``append``, ``prepend``, ``append_rp`` or ``prepend_rp``. It modifies the behaviour of ``community.general.lists_mergeby`` when the hashes to merge contain arrays/lists.
+    Is a string, its possible values are :ansval:`replace` (default), :ansval:`keep`, :ansval:`append`, :ansval:`prepend`, :ansval:`append_rp` or :ansval:`prepend_rp`. It modifies the behaviour of :ansplugin:`community.general.lists_mergeby#filter` when the hashes to merge contain arrays/lists.
 
-The examples below set ``recursive=true`` and display the differences among all six options of ``list_merge``. Functionality of the parameters is exactly the same as in the filter ``combine``. See :ref:`Combining hashes/dictionaries <combine_filter>` to learn details about these options.
+The examples below set :ansopt:`community.general.lists_mergeby#filter:recursive=true` and display the differences among all six options of :ansopt:`community.general.lists_mergeby#filter:list_merge`. Functionality of the parameters is exactly the same as in the filter :ansplugin:`ansible.builtin.combine#filter`. See :ref:`Combining hashes/dictionaries <combine_filter>` to learn details about these options.
 
 Let us use the lists below in the following examples
 
@@ -110,7 +110,7 @@ Let us use the lists below in the following examples
     - name: myname02
       param01: [3, 4, 4, {key: value}]
 
-Example ``list_merge=replace`` (default):
+Example :ansopt:`community.general.lists_mergeby#filter:list_merge=replace` (default):
 
 .. code-block:: yaml+jinja
 
@@ -137,7 +137,7 @@ This produces:
     - 4
     - key: value
 
-Example ``list_merge=keep``:
+Example :ansopt:`community.general.lists_mergeby#filter:list_merge=keep`:
 
 .. code-block:: yaml+jinja
 
@@ -165,7 +165,7 @@ This produces:
     - 2
     - 3
 
-Example ``list_merge=append``:
+Example :ansopt:`community.general.lists_mergeby#filter:list_merge=append`:
 
 .. code-block:: yaml+jinja
 
@@ -198,7 +198,7 @@ This produces:
     - 4
     - key: value
 
-Example ``list_merge=prepend``:
+Example :ansopt:`community.general.lists_mergeby#filter:list_merge=prepend`:
 
 .. code-block:: yaml+jinja
 
@@ -231,7 +231,7 @@ This produces:
     - 2
     - 3
 
-Example ``list_merge=append_rp``:
+Example :ansopt:`community.general.lists_mergeby#filter:list_merge=append_rp`:
 
 .. code-block:: yaml+jinja
 
@@ -263,7 +263,7 @@ This produces:
     - 4
     - key: value
 
-Example ``list_merge=prepend_rp``:
+Example :ansopt:`community.general.lists_mergeby#filter:list_merge=prepend_rp`:
 
 .. code-block:: yaml+jinja
 

docs/docsite/rst/filter_guide_conversions.rst

@@ -9,7 +9,7 @@ Conversions
 Parsing CSV files
 ^^^^^^^^^^^^^^^^^
 
-Ansible offers the :ref:`community.general.read_csv module <ansible_collections.community.general.read_csv_module>` to read CSV files. Sometimes you need to convert strings to CSV files instead. For this, the ``from_csv`` filter exists.
+Ansible offers the :ansplugin:`community.general.read_csv module <community.general.read_csv#module>` to read CSV files. Sometimes you need to convert strings to CSV files instead. For this, the :ansplugin:`community.general.from_csv filter <community.general.from_csv#filter>` exists.
 
 .. code-block:: yaml+jinja
 
@@ -42,7 +42,7 @@ This produces:
         ]
     }
 
-The ``from_csv`` filter has several keyword arguments to control its behavior:
+The :ansplugin:`community.general.from_csv filter <community.general.from_csv#filter>` has several keyword arguments to control its behavior:
 
 :dialect: Dialect of the CSV file. Default is ``excel``. Other possible choices are ``excel-tab`` and ``unix``. If one of ``delimiter``, ``skipinitialspace`` or ``strict`` is specified, ``dialect`` is ignored.
 :fieldnames: A set of column names to use. If not provided, the first line of the CSV is assumed to contain the column names.
@@ -55,7 +55,7 @@ The ``from_csv`` filter has several keyword arguments to control its behavior:
 Converting to JSON
 ^^^^^^^^^^^^^^^^^^
 
-`JC <https://pypi.org/project/jc/>`_ is a CLI tool and Python library which allows to interpret output of various CLI programs as JSON. It is also available as a filter in community.general. This filter needs the `jc Python library <https://pypi.org/project/jc/>`_ installed on the controller.
+`JC <https://pypi.org/project/jc/>`_ is a CLI tool and Python library which allows to interpret output of various CLI programs as JSON. It is also available as a filter in community.general, called :ansplugin:`community.general.jc#filter`. This filter needs the `jc Python library <https://pypi.org/project/jc/>`_ installed on the controller.
 
 .. code-block:: yaml+jinja
 

docs/docsite/rst/filter_guide_creating_identifiers.rst

@@ -11,7 +11,7 @@ The following filters allow to create identifiers.
 Hashids
 ^^^^^^^
 
-`Hashids <https://hashids.org/>`_ allow to convert sequences of integers to short unique string identifiers. This filter needs the `hashids Python library <https://pypi.org/project/hashids/>`_ installed on the controller.
+`Hashids <https://hashids.org/>`_ allow to convert sequences of integers to short unique string identifiers. The :ansplugin:`community.general.hashids_encode#filter` and :ansplugin:`community.general.hashids_decode#filter` filters need the `hashids Python library <https://pypi.org/project/hashids/>`_ installed on the controller.
 
 .. code-block:: yaml+jinja
 
@@ -52,7 +52,7 @@ The hashids filters accept keyword arguments to allow fine-tuning the hashids ge
 Random MACs
 ^^^^^^^^^^^
 
-You can use the ``random_mac`` filter to complete a partial `MAC address <https://en.wikipedia.org/wiki/MAC_address>`_ to a random 6-byte MAC address.
+You can use the :ansplugin:`community.general.random_mac filter <community.general.random_mac#filter>` to complete a partial `MAC address <https://en.wikipedia.org/wiki/MAC_address>`_ to a random 6-byte MAC address.
 
 .. code-block:: yaml+jinja
 

docs/docsite/rst/filter_guide_paths.rst

@@ -6,14 +6,4 @@
 Paths
 -----
 
-The ``path_join`` filter has been added in ansible-base 2.10. If you want to use this filter, but also need to support Ansible 2.9, you can use ``community.general``'s ``path_join`` shim, ``community.general.path_join``. This filter redirects to ``path_join`` for ansible-base 2.10 and ansible-core 2.11 or newer, and re-implements the filter for Ansible 2.9.
-
-.. code-block:: yaml+jinja
-
-    # ansible-base 2.10 or newer:
-    path: {{ ('/etc', path, 'subdir', file) | path_join }}
-
-    # Also works with Ansible 2.9:
-    path: {{ ('/etc', path, 'subdir', file) | community.general.path_join }}
-
-.. versionadded:: 3.0.0
+The :ansplugin:`ansible.builtin.path_join filter <ansible.builtin.path_join#filter>` has been added in ansible-base 2.10. Community.general 3.0.0 and newer contains an alias ``community.general.path_join`` for this filter that could be used on Ansible 2.9 as well. Since community.general no longer supports Ansible 2.9, this is now a simple redirect to :ansplugin:`ansible.builtin.path_join filter <ansible.builtin.path_join#filter>`.

docs/docsite/rst/filter_guide_selecting_json_data.rst

@@ -8,7 +8,7 @@
 Selecting JSON data: JSON queries
 ---------------------------------
 
-To select a single element or a data subset from a complex data structure in JSON format (for example, Ansible facts), use the ``json_query`` filter.  The ``json_query`` filter lets you query a complex JSON structure and iterate over it using a loop structure.
+To select a single element or a data subset from a complex data structure in JSON format (for example, Ansible facts), use the :ansplugin:`community.general.json_query filter <community.general.json_query#filter>`.  The :ansplugin:`community.general.json_query#filter` filter lets you query a complex JSON structure and iterate over it using a loop structure.
 
 .. note:: You must manually install the **jmespath** dependency on the Ansible controller before using this filter. This filter is built upon **jmespath**, and you can use the same syntax. For examples, see `jmespath examples <http://jmespath.org/examples.html>`_.
 
@@ -146,4 +146,4 @@ To extract ports from all clusters with name containing 'server1':
       vars:
         server_name_query: "domain.server[?contains(name,'server1')].port"
 
-.. note:: while using ``starts_with`` and ``contains``, you have to use `` to_json | from_json `` filter for correct parsing of data structure.
+.. note:: while using ``starts_with`` and ``contains``, you have to use ``to_json | from_json`` filter for correct parsing of data structure.

docs/docsite/rst/filter_guide_working_with_times.rst

@@ -6,9 +6,9 @@
 Working with times
 ------------------
 
-The ``to_time_unit`` filter allows to convert times from a human-readable string to a unit. For example, ``'4h 30min 12second' | community.general.to_time_unit('hour')`` gives the number of hours that correspond to 4 hours, 30 minutes and 12 seconds.
+The :ansplugin:`community.general.to_time_unit filter <community.general.to_time_unit#filter>` allows to convert times from a human-readable string to a unit. For example, ``'4h 30min 12second' | community.general.to_time_unit('hour')`` gives the number of hours that correspond to 4 hours, 30 minutes and 12 seconds.
 
-There are shorthands to directly convert to various units, like ``to_hours``, ``to_minutes``, ``to_seconds``, and so on. The following table lists all units that can be used:
+There are shorthands to directly convert to various units, like :ansplugin:`community.general.to_hours#filter`, :ansplugin:`community.general.to_minutes#filter`, :ansplugin:`community.general.to_seconds#filter`, and so on. The following table lists all units that can be used:
 
 .. list-table:: Units
    :widths: 25 25 25 25
@@ -21,37 +21,37 @@ There are shorthands to directly convert to various units, like ``to_hours``, ``
    * - Millisecond
      - 1/1000 second
      - ``ms``, ``millisecond``, ``milliseconds``, ``msec``, ``msecs``, ``msecond``, ``mseconds``
-     - ``to_milliseconds``
+     - :ansplugin:`community.general.to_milliseconds#filter`
    * - Second
      - 1 second
      - ``s``, ``sec``, ``secs``, ``second``, ``seconds``
-     - ``to_seconds``
+     - :ansplugin:`community.general.to_seconds#filter`
    * - Minute
      - 60 seconds
      - ``m``, ``min``, ``mins``, ``minute``, ``minutes``
-     - ``to_minutes``
+     - :ansplugin:`community.general.to_minutes#filter`
    * - Hour
      - 60*60 seconds
      - ``h``, ``hour``, ``hours``
-     - ``to_hours``
+     - :ansplugin:`community.general.to_hours#filter`
    * - Day
      - 24*60*60 seconds
      - ``d``, ``day``, ``days``
-     - ``to_days``
+     - :ansplugin:`community.general.to_days#filter`
    * - Week
      - 7*24*60*60 seconds
      - ``w``, ``week``, ``weeks``
-     - ``to_weeks``
+     - :ansplugin:`community.general.to_weeks#filter`
    * - Month
      - 30*24*60*60 seconds
      - ``mo``, ``month``, ``months``
-     - ``to_months``
+     - :ansplugin:`community.general.to_months#filter`
    * - Year
      - 365*24*60*60 seconds
      - ``y``, ``year``, ``years``
-     - ``to_years``
+     - :ansplugin:`community.general.to_years#filter`
 
-Note that months and years are using a simplified representation: a month is 30 days, and a year is 365 days. If you need different definitions of months or years, you can pass them as keyword arguments. For example, if you want a year to be 365.25 days, and a month to be 30.5 days, you can write ``'11months 4' | community.general.to_years(year=365.25, month=30.5)``. These keyword arguments can be specified to ``to_time_unit`` and to all shorthand filters.
+Note that months and years are using a simplified representation: a month is 30 days, and a year is 365 days. If you need different definitions of months or years, you can pass them as keyword arguments. For example, if you want a year to be 365.25 days, and a month to be 30.5 days, you can write ``'11months 4' | community.general.to_years(year=365.25, month=30.5)``. These keyword arguments can be specified to :ansplugin:`community.general.to_time_unit#filter` and to all shorthand filters.
 
 .. code-block:: yaml+jinja
 

docs/docsite/rst/filter_guide_working_with_unicode.rst

@@ -6,9 +6,9 @@
 Working with Unicode
 ---------------------
 
-`Unicode <https://unicode.org/main.html>`_ makes it possible to produce two strings which may be visually equivalent, but are comprised of distinctly different characters/character sequences. To address this ``Unicode`` defines `normalization forms <https://unicode.org/reports/tr15/>`_ which avoid these distinctions by choosing a unique character sequence for a given visual representation.
+`Unicode <https://unicode.org/main.html>`_ makes it possible to produce two strings which may be visually equivalent, but are comprised of distinctly different characters/character sequences. To address this Unicode defines `normalization forms <https://unicode.org/reports/tr15/>`_ which avoid these distinctions by choosing a unique character sequence for a given visual representation.
 
-You can use the ``community.general.unicode_normalize`` filter to normalize ``Unicode`` strings within your playbooks.
+You can use the :ansplugin:`community.general.unicode_normalize filter <community.general.unicode_normalize#filter>` to normalize Unicode strings within your playbooks.
 
 .. code-block:: yaml+jinja
 
@@ -28,7 +28,7 @@ This produces:
         "msg": true
     }
 
-The ``community.general.unicode_normalize`` filter accepts a keyword argument to select the ``Unicode`` form used to normalize the input string.
+The :ansplugin:`community.general.unicode_normalize filter <community.general.unicode_normalize#filter>` accepts a keyword argument :ansopt:`community.general.unicode_normalize#filter:form` to select the Unicode form used to normalize the input string.
 
 :form: One of ``'NFC'`` (default), ``'NFD'``, ``'NFKC'``, or ``'NFKD'``. See the `Unicode reference <https://unicode.org/reports/tr15/>`_ for more information.
 

docs/docsite/rst/filter_guide_working_with_versions.rst

@@ -6,7 +6,7 @@
 Working with versions
 ---------------------
 
-If you need to sort a list of version numbers, the Jinja ``sort`` filter is problematic. Since it sorts lexicographically, ``2.10`` will come before ``2.9``. To treat version numbers correctly, you can use the ``version_sort`` filter:
+If you need to sort a list of version numbers, the Jinja ``sort`` filter is problematic. Since it sorts lexicographically, ``2.10`` will come before ``2.9``. To treat version numbers correctly, you can use the :ansplugin:`community.general.version_sort filter <community.general.version_sort#filter>`:
 
 .. code-block:: yaml+jinja
 

docs/docsite/rst/test_guide.rst

@@ -15,7 +15,7 @@ The :ref:`community.general collection <plugins_in_community.general>` offers cu
 Feature Tests
 -------------
 
-The ``a_module`` test allows to check whether a given string refers to an existing module or action plugin. This can be useful in roles, which can use this to ensure that required modules are present ahead of time.
+The :ansplugin:`community.general.a_module test <community.general.a_module#test>` allows to check whether a given string refers to an existing module or action plugin. This can be useful in roles, which can use this to ensure that required modules are present ahead of time.
 
 .. code-block:: yaml+jinja
 

galaxy.yml

@@ -5,7 +5,7 @@
 
 namespace: community
 name: general
-version: 7.2.0
+version: 7.5.6
 readme: README.md
 authors:
   - Ansible (https://github.com/ansible)

plugins/action/iptables_state.py

@@ -44,7 +44,7 @@ class ActionModule(ActionBase):
 
     def _async_result(self, async_status_args, task_vars, timeout):
         '''
-        Retrieve results of the asynchonous task, and display them in place of
+        Retrieve results of the asynchronous task, and display them in place of
         the async wrapper results (those with the ansible_job_id key).
         '''
         async_status = self._task.copy()

plugins/action/shutdown.py

@@ -45,7 +45,7 @@ class ActionModule(ActionBase):
     SHUTDOWN_COMMAND_ARGS = {
         'alpine': '',
         'void': '-h +{delay_min} "{message}"',
-        'freebsd': '-h +{delay_sec}s "{message}"',
+        'freebsd': '-p +{delay_sec}s "{message}"',
         'linux': DEFAULT_SHUTDOWN_COMMAND_ARGS,
         'macosx': '-h +{delay_min} "{message}"',
         'openbsd': '-h +{delay_min} "{message}"',

plugins/cache/redis.py

@@ -150,7 +150,7 @@ class CacheModule(BaseCacheModule):
         # format: "localhost:26379;localhost2:26379;0:changeme"
         connections = uri.split(';')
         connection_args = connections.pop(-1)
-        if len(connection_args) > 0:  # hanle if no db nr is given
+        if len(connection_args) > 0:  # handle if no db nr is given
             connection_args = connection_args.split(':')
             kw['db'] = connection_args.pop(0)
             try:

plugins/callback/elastic.py

@@ -84,6 +84,7 @@ import time
 import uuid
 
 from collections import OrderedDict
+from contextlib import closing
 from os.path import basename
 
 from ansible.errors import AnsibleError, AnsibleRuntimeError
@@ -201,24 +202,25 @@ class ElasticSource(object):
 
         apm_cli = self.init_apm_client(apm_server_url, apm_service_name, apm_verify_server_cert, apm_secret_token, apm_api_key)
         if apm_cli:
-            instrument()  # Only call this once, as early as possible.
-            if traceparent:
-                parent = trace_parent_from_string(traceparent)
-                apm_cli.begin_transaction("Session", trace_parent=parent, start=parent_start_time)
-            else:
-                apm_cli.begin_transaction("Session", start=parent_start_time)
-            # Populate trace metadata attributes
-            if self.ansible_version is not None:
-                label(ansible_version=self.ansible_version)
-            label(ansible_session=self.session, ansible_host_name=self.host, ansible_host_user=self.user)
-            if self.ip_address is not None:
-                label(ansible_host_ip=self.ip_address)
+            with closing(apm_cli):
+                instrument()  # Only call this once, as early as possible.
+                if traceparent:
+                    parent = trace_parent_from_string(traceparent)
+                    apm_cli.begin_transaction("Session", trace_parent=parent, start=parent_start_time)
+                else:
+                    apm_cli.begin_transaction("Session", start=parent_start_time)
+                # Populate trace metadata attributes
+                if self.ansible_version is not None:
+                    label(ansible_version=self.ansible_version)
+                label(ansible_session=self.session, ansible_host_name=self.host, ansible_host_user=self.user)
+                if self.ip_address is not None:
+                    label(ansible_host_ip=self.ip_address)
 
-            for task_data in tasks:
-                for host_uuid, host_data in task_data.host_data.items():
-                    self.create_span_data(apm_cli, task_data, host_data)
+                for task_data in tasks:
+                    for host_uuid, host_data in task_data.host_data.items():
+                        self.create_span_data(apm_cli, task_data, host_data)
 
-            apm_cli.end_transaction(name=__name__, result=status, duration=end_time - parent_start_time)
+                apm_cli.end_transaction(name=__name__, result=status, duration=end_time - parent_start_time)
 
     def create_span_data(self, apm_cli, task_data, host_data):
         """ create the span with the given TaskData and HostData """

plugins/callback/logentries.py

@@ -18,7 +18,7 @@ DOCUMENTATION = '''
     requirements:
       - whitelisting in configuration
       - certifi (Python library)
-      - flatdict (Python library), if you want to use the 'flatten' option
+      - flatdict (Python library), if you want to use the O(flatten) option
     options:
       api:
         description: URI to the Logentries API.
@@ -90,9 +90,9 @@ examples: >
     api = data.logentries.com
     port = 10000
     tls_port = 20000
-    use_tls = no
+    use_tls = true
     token = dd21fc88-f00a-43ff-b977-e3a4233c53af
-    flatten = False
+    flatten = false
 '''
 
 import os
@@ -196,15 +196,11 @@ else:
     class TLSSocketAppender(PlainTextSocketAppender):
         def open_connection(self):
             sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-            sock = ssl.wrap_socket(
+            context = ssl.create_default_context(
+                purpose=ssl.Purpose.SERVER_AUTH,
+                cafile=certifi.where(), )
+            sock = context.wrap_socket(
                 sock=sock,
-                keyfile=None,
-                certfile=None,
-                server_side=False,
-                cert_reqs=ssl.CERT_REQUIRED,
-                ssl_version=getattr(
-                    ssl, 'PROTOCOL_TLSv1_2', ssl.PROTOCOL_TLSv1),
-                ca_certs=certifi.where(),
                 do_handshake_on_connect=True,
                 suppress_ragged_eofs=True, )
             sock.connect((self.LE_API, self.LE_TLS_PORT))

plugins/callback/nrdp.py

@@ -14,7 +14,7 @@ DOCUMENTATION = '''
     short_description: Post task results to a Nagios server through nrdp
     description:
         - This callback send playbook result to Nagios.
-        - Nagios shall use NRDP to recive passive events.
+        - Nagios shall use NRDP to receive passive events.
         - The passive check is sent to a dedicated host/service for Ansible.
     options:
         url:

plugins/callback/null.py

@@ -15,7 +15,7 @@ DOCUMENTATION = '''
       - set as main display callback
     short_description: Don't display stuff to screen
     description:
-        - This callback prevents outputing events to screen.
+        - This callback prevents outputting events to screen.
 '''
 
 from ansible.plugins.callback import CallbackBase
@@ -24,7 +24,7 @@ from ansible.plugins.callback import CallbackBase
 class CallbackModule(CallbackBase):
 
     '''
-    This callback wont print messages to stdout when new callback events are received.
+    This callback won't print messages to stdout when new callback events are received.
     '''
 
     CALLBACK_VERSION = 2.0

plugins/callback/selective.py

@@ -115,8 +115,8 @@ class CallbackModule(CallbackBase):
             line_length = 120
             if self.last_skipped:
                 print()
-            msg = colorize("# {0} {1}".format(task_name,
-                                              '*' * (line_length - len(task_name))), 'bold')
+            line = "# {0} ".format(task_name)
+            msg = colorize("{0}{1}".format(line, '*' * (line_length - len(line))), 'bold')
             print(msg)
 
     def _indent_text(self, text, indent_level):

plugins/callback/unixy.py

@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Copyright (c) 2017, Allyson Bowles <@akatch>
+# Copyright (c) 2023, Al Bowles <@akatch>
 # Copyright (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com>
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
@@ -11,7 +11,7 @@ __metaclass__ = type
 DOCUMENTATION = '''
     name: unixy
     type: stdout
-    author: Allyson Bowles (@akatch)
+    author: Al Bowles (@akatch)
     short_description: condensed Ansible output
     description:
       - Consolidated Ansible output in the style of LINUX/UNIX startup logs.
@@ -40,7 +40,6 @@ class CallbackModule(CallbackModule_default):
     - Only display task names if the task runs on at least one host
     - Add option to display all hostnames on a single line in the appropriate result color (failures may have a separate line)
     - Consolidate stats display
-    - Display whether run is in --check mode
     - Don't show play name if no hosts found
     '''
 
@@ -92,19 +91,31 @@ class CallbackModule(CallbackModule_default):
     def v2_playbook_on_task_start(self, task, is_conditional):
         self._get_task_display_name(task)
         if self.task_display_name is not None:
-            self._display.display("%s..." % self.task_display_name)
+            if task.check_mode and self.get_option('check_mode_markers'):
+                self._display.display("%s (check mode)..." % self.task_display_name)
+            else:
+                self._display.display("%s..." % self.task_display_name)
 
     def v2_playbook_on_handler_task_start(self, task):
         self._get_task_display_name(task)
         if self.task_display_name is not None:
-            self._display.display("%s (via handler)... " % self.task_display_name)
+            if task.check_mode and self.get_option('check_mode_markers'):
+                self._display.display("%s (via handler in check mode)... " % self.task_display_name)
+            else:
+                self._display.display("%s (via handler)... " % self.task_display_name)
 
     def v2_playbook_on_play_start(self, play):
         name = play.get_name().strip()
-        if name and play.hosts:
-            msg = u"\n- %s on hosts: %s -" % (name, ",".join(play.hosts))
+        if play.check_mode and self.get_option('check_mode_markers'):
+            if name and play.hosts:
+                msg = u"\n- %s (in check mode) on hosts: %s -" % (name, ",".join(play.hosts))
+            else:
+                msg = u"- check mode -"
         else:
-            msg = u"---"
+            if name and play.hosts:
+                msg = u"\n- %s on hosts: %s -" % (name, ",".join(play.hosts))
+            else:
+                msg = u"---"
 
         self._display.display(msg)
 
@@ -227,8 +238,10 @@ class CallbackModule(CallbackModule_default):
         self._display.display("  Ran out of hosts!", color=C.COLOR_ERROR)
 
     def v2_playbook_on_start(self, playbook):
-        # TODO display whether this run is happening in check mode
-        self._display.display("Executing playbook %s" % basename(playbook._file_name))
+        if context.CLIARGS['check'] and self.get_option('check_mode_markers'):
+            self._display.display("Executing playbook %s in check mode" % basename(playbook._file_name))
+        else:
+            self._display.display("Executing playbook %s" % basename(playbook._file_name))
 
         # show CLI arguments
         if self._display.verbosity > 3:

plugins/connection/chroot.py

@@ -46,11 +46,26 @@ DOCUMENTATION = '''
         vars:
           - name: ansible_chroot_exe
         default: chroot
+      disable_root_check:
+        description:
+            - Do not check that the user is not root.
+        ini:
+          - section: chroot_connection
+            key: disable_root_check
+        env:
+          - name: ANSIBLE_CHROOT_DISABLE_ROOT_CHECK
+        vars:
+          - name: ansible_chroot_disable_root_check
+        default: false
+        type: bool
+        version_added: 7.3.0
 '''
 
 EXAMPLES = r"""
-# Static inventory file
+# Plugin requires root privileges for chroot, -E preserves your env (and location of ~/.ansible):
+# sudo -E ansible-playbook ...
 #
+# Static inventory file
 # [chroots]
 # /path/to/debootstrap
 # /path/to/feboostrap
@@ -100,11 +115,7 @@ class Connection(ConnectionBase):
 
         self.chroot = self._play_context.remote_addr
 
-        if os.geteuid() != 0:
-            raise AnsibleError("chroot connection requires running as root")
-
-        # we're running as root on the local system so do some
-        # trivial checks for ensuring 'host' is actually a chroot'able dir
+        # do some trivial checks for ensuring 'host' is actually a chroot'able dir
         if not os.path.isdir(self.chroot):
             raise AnsibleError("%s is not a directory" % self.chroot)
 
@@ -118,6 +129,11 @@ class Connection(ConnectionBase):
 
     def _connect(self):
         """ connect to the chroot """
+        if not self.get_option('disable_root_check') and os.geteuid() != 0:
+            raise AnsibleError(
+                "chroot connection requires running as root. "
+                "You can override this check with the `disable_root_check` option.")
+
         if os.path.isabs(self.get_option('chroot_exe')):
             self.chroot_cmd = self.get_option('chroot_exe')
         else:

plugins/connection/funcd.py

@@ -70,7 +70,7 @@ class Connection(ConnectionBase):
         if in_data:
             raise AnsibleError("Internal Error: this module does not support optimized module pipelining")
 
-        # totally ignores privlege escalation
+        # totally ignores privilege escalation
         display.vvv("EXEC %s" % cmd, host=self.host)
         p = self.client.command.run(cmd)[self.host]
         return p[0], p[1], p[2]

plugins/connection/lxc.py

@@ -19,6 +19,7 @@ DOCUMENTATION = '''
             - Container identifier
         default: inventory_hostname
         vars:
+            - name: inventory_hostname
             - name: ansible_host
             - name: ansible_lxc_host
       executable:
@@ -59,7 +60,7 @@ class Connection(ConnectionBase):
     def __init__(self, play_context, new_stdin, *args, **kwargs):
         super(Connection, self).__init__(play_context, new_stdin, *args, **kwargs)
 
-        self.container_name = self._play_context.remote_addr
+        self.container_name = None
         self.container = None
 
     def _connect(self):
@@ -67,12 +68,14 @@ class Connection(ConnectionBase):
         super(Connection, self)._connect()
 
         if not HAS_LIBLXC:
-            msg = "lxc bindings for python2 are not installed"
+            msg = "lxc python bindings are not installed"
             raise errors.AnsibleError(msg)
 
         if self.container:
             return
 
+        self.container_name = self.get_option('remote_addr')
+
         self._display.vvv("THIS IS A LOCAL LXC DIR", host=self.container_name)
         self.container = _lxc.Container(self.container_name)
         if self.container.state == "STOPPED":
@@ -117,7 +120,7 @@ class Connection(ConnectionBase):
         super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable)
 
         # python2-lxc needs bytes. python3-lxc needs text.
-        executable = to_native(self._play_context.executable, errors='surrogate_or_strict')
+        executable = to_native(self.get_option('executable'), errors='surrogate_or_strict')
         local_cmd = [executable, '-c', to_native(cmd, errors='surrogate_or_strict')]
 
         read_stdout, write_stdout = None, None

plugins/connection/lxd.py

@@ -10,9 +10,9 @@ __metaclass__ = type
 DOCUMENTATION = '''
     author: Matt Clay (@mattclay) <matt@mystile.com>
     name: lxd
-    short_description: Run tasks in lxc containers via lxc CLI
+    short_description: Run tasks in LXD instances via C(lxc) CLI
     description:
-        - Run commands or put/fetch files to an existing lxc container using lxc CLI
+        - Run commands or put/fetch files to an existing instance using C(lxc) CLI.
     options:
       remote_addr:
         description:
@@ -24,7 +24,7 @@ DOCUMENTATION = '''
             - name: ansible_lxd_host
       executable:
         description:
-            - shell to use for execution inside container
+            - Shell to use for execution inside instance.
         default: /bin/sh
         vars:
             - name: ansible_executable
@@ -69,7 +69,7 @@ class Connection(ConnectionBase):
             raise AnsibleError("lxc command not found in PATH")
 
         if self._play_context.remote_user is not None and self._play_context.remote_user != 'root':
-            self._display.warning('lxd does not support remote_user, using container default: root')
+            self._display.warning('lxd does not support remote_user, using default: root')
 
     def _connect(self):
         """connect to lxd (nothing to do here) """

plugins/doc_fragments/nomad.py

@@ -47,6 +47,6 @@ options:
       type: str
     token:
       description:
-        - ACL token for authentification.
+        - ACL token for authentication.
       type: str
 '''

plugins/filter/from_csv.py

@@ -56,7 +56,7 @@ EXAMPLES = '''
 - name: Parse a CSV file's contents
   ansible.builtin.debug:
     msg: >-
-      {{ csv_data | community.genera.from_csv(dialect='unix') }}
+      {{ csv_data | community.general.from_csv(dialect='unix') }}
   vars:
     csv_data: |
       Column 1,Value

plugins/inventory/cobbler.py

@@ -42,6 +42,12 @@ DOCUMENTATION = '''
         description: Fallback to cached results if connection to cobbler fails.
         type: boolean
         default: false
+      exclude_mgmt_classes:
+        description: Management classes to exclude from inventory.
+        type: list
+        default: []
+        elements: str
+        version_added: 7.4.0
       exclude_profiles:
         description:
           - Profiles to exclude from inventory.
@@ -49,6 +55,12 @@ DOCUMENTATION = '''
         type: list
         default: []
         elements: str
+      include_mgmt_classes:
+        description: Management classes to include from inventory.
+        type: list
+        default: []
+        elements: str
+        version_added: 7.4.0
       include_profiles:
         description:
           - Profiles to include from inventory.
@@ -105,6 +117,7 @@ from ansible.errors import AnsibleError
 from ansible.module_utils.common.text.converters import to_text
 from ansible.plugins.inventory import BaseInventoryPlugin, Cacheable, to_safe_group_name
 from ansible.module_utils.six import text_type
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 # xmlrpc
 try:
@@ -216,6 +229,8 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
         self.cache_key = self.get_cache_key(path)
         self.use_cache = cache and self.get_option('cache')
 
+        self.exclude_mgmt_classes = self.get_option('exclude_mgmt_classes')
+        self.include_mgmt_classes = self.get_option('include_mgmt_classes')
         self.exclude_profiles = self.get_option('exclude_profiles')
         self.include_profiles = self.get_option('include_profiles')
         self.group_by = self.get_option('group_by')
@@ -260,14 +275,21 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
         for host in self._get_systems():
             # Get the FQDN for the host and add it to the right groups
             if self.inventory_hostname == 'system':
-                hostname = host['name']  # None
+                hostname = make_unsafe(host['name'])  # None
             else:
-                hostname = host['hostname']  # None
+                hostname = make_unsafe(host['hostname'])  # None
             interfaces = host['interfaces']
 
-            if self._exclude_profile(host['profile']):
-                self.display.vvvv('Excluding host %s in profile %s\n' % (host['name'], host['profile']))
-                continue
+            if set(host['mgmt_classes']) & set(self.include_mgmt_classes):
+                self.display.vvvv('Including host %s in mgmt_classes %s\n' % (host['name'], host['mgmt_classes']))
+            else:
+                if self._exclude_profile(host['profile']):
+                    self.display.vvvv('Excluding host %s in profile %s\n' % (host['name'], host['profile']))
+                    continue
+
+                if set(host['mgmt_classes']) & set(self.exclude_mgmt_classes):
+                    self.display.vvvv('Excluding host %s in mgmt_classes %s\n' % (host['name'], host['mgmt_classes']))
+                    continue
 
             # hostname is often empty for non-static IP hosts
             if hostname == '':
@@ -275,7 +297,7 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
                     if ivalue['management'] or not ivalue['static']:
                         this_dns_name = ivalue.get('dns_name', None)
                         if this_dns_name is not None and this_dns_name != "":
-                            hostname = this_dns_name
+                            hostname = make_unsafe(this_dns_name)
                             self.display.vvvv('Set hostname to %s from %s\n' % (hostname, iname))
 
             if hostname == '':
@@ -340,18 +362,18 @@ class InventoryModule(BaseInventoryPlugin, Cacheable):
             if ip_address is None and ip_address_first is not None:
                 ip_address = ip_address_first
             if ip_address is not None:
-                self.inventory.set_variable(hostname, 'cobbler_ipv4_address', ip_address)
+                self.inventory.set_variable(hostname, 'cobbler_ipv4_address', make_unsafe(ip_address))
             if ipv6_address is None and ipv6_address_first is not None:
                 ipv6_address = ipv6_address_first
             if ipv6_address is not None:
-                self.inventory.set_variable(hostname, 'cobbler_ipv6_address', ipv6_address)
+                self.inventory.set_variable(hostname, 'cobbler_ipv6_address', make_unsafe(ipv6_address))
 
             if self.get_option('want_facts'):
                 try:
-                    self.inventory.set_variable(hostname, 'cobbler', host)
+                    self.inventory.set_variable(hostname, 'cobbler', make_unsafe(host))
                 except ValueError as e:
                     self.display.warning("Could not set host info for %s: %s" % (hostname, to_text(e)))
 
         if self.get_option('want_ip_addresses'):
-            self.inventory.set_variable(self.group, 'cobbler_ipv4_addresses', ip_addresses)
-            self.inventory.set_variable(self.group, 'cobbler_ipv6_addresses', ipv6_addresses)
+            self.inventory.set_variable(self.group, 'cobbler_ipv4_addresses', make_unsafe(ip_addresses))
+            self.inventory.set_variable(self.group, 'cobbler_ipv6_addresses', make_unsafe(ipv6_addresses))

plugins/inventory/gitlab_runners.py

@@ -84,6 +84,7 @@ keyed_groups:
 from ansible.errors import AnsibleError, AnsibleParserError
 from ansible.module_utils.common.text.converters import to_native
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 try:
     import gitlab
@@ -106,11 +107,11 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
             else:
                 runners = gl.runners.all()
             for runner in runners:
-                host = str(runner['id'])
+                host = make_unsafe(str(runner['id']))
                 ip_address = runner['ip_address']
-                host_attrs = vars(gl.runners.get(runner['id']))['_attrs']
+                host_attrs = make_unsafe(vars(gl.runners.get(runner['id']))['_attrs'])
                 self.inventory.add_host(host, group='gitlab_runners')
-                self.inventory.set_variable(host, 'ansible_host', ip_address)
+                self.inventory.set_variable(host, 'ansible_host', make_unsafe(ip_address))
                 if self.get_option('verbose_output', True):
                     self.inventory.set_variable(host, 'gitlab_runner_attributes', host_attrs)
 

plugins/inventory/icinga2.py

@@ -96,6 +96,7 @@ from ansible.errors import AnsibleParserError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
 from ansible.module_utils.urls import open_url
 from ansible.module_utils.six.moves.urllib.error import HTTPError
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 
 class InventoryModule(BaseInventoryPlugin, Constructable):
@@ -233,15 +234,15 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
         """Convert Icinga2 API data to JSON format for Ansible"""
         groups_dict = {"_meta": {"hostvars": {}}}
         for entry in json_data:
-            host_attrs = entry['attrs']
+            host_attrs = make_unsafe(entry['attrs'])
             if self.inventory_attr == "name":
-                host_name = entry.get('name')
+                host_name = make_unsafe(entry.get('name'))
             if self.inventory_attr == "address":
                 # When looking for address for inventory, if missing fallback to object name
                 if host_attrs.get('address', '') != '':
-                    host_name = host_attrs.get('address')
+                    host_name = make_unsafe(host_attrs.get('address'))
                 else:
-                    host_name = entry.get('name')
+                    host_name = make_unsafe(entry.get('name'))
             if self.inventory_attr == "display_name":
                 host_name = host_attrs.get('display_name')
             if host_attrs['state'] == 0:
@@ -257,7 +258,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
             # If the address attribute is populated, override ansible_host with the value
             if host_attrs.get('address') != '':
                 self.inventory.set_variable(host_name, 'ansible_host', host_attrs.get('address'))
-            self.inventory.set_variable(host_name, 'hostname', entry.get('name'))
+            self.inventory.set_variable(host_name, 'hostname', make_unsafe(entry.get('name')))
             self.inventory.set_variable(host_name, 'display_name', host_attrs.get('display_name'))
             self.inventory.set_variable(host_name, 'state',
                                         host_attrs['state'])

plugins/inventory/linode.py

@@ -123,6 +123,7 @@ compose:
 
 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 
 try:
@@ -199,20 +200,21 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
     def _add_instances_to_groups(self):
         """Add instance names to their dynamic inventory groups."""
         for instance in self.instances:
-            self.inventory.add_host(instance.label, group=instance.group)
+            self.inventory.add_host(make_unsafe(instance.label), group=instance.group)
 
     def _add_hostvars_for_instances(self):
         """Add hostvars for instances in the dynamic inventory."""
         ip_style = self.get_option('ip_style')
         for instance in self.instances:
             hostvars = instance._raw_json
+            hostname = make_unsafe(instance.label)
             for hostvar_key in hostvars:
                 if ip_style == 'api' and hostvar_key in ['ipv4', 'ipv6']:
                     continue
                 self.inventory.set_variable(
-                    instance.label,
+                    hostname,
                     hostvar_key,
-                    hostvars[hostvar_key]
+                    make_unsafe(hostvars[hostvar_key])
                 )
             if ip_style == 'api':
                 ips = instance.ips.ipv4.public + instance.ips.ipv4.private
@@ -221,9 +223,9 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
 
                 for ip_type in set(ip.type for ip in ips):
                     self.inventory.set_variable(
-                        instance.label,
+                        hostname,
                         ip_type,
-                        self._ip_data([ip for ip in ips if ip.type == ip_type])
+                        make_unsafe(self._ip_data([ip for ip in ips if ip.type == ip_type]))
                     )
 
     def _ip_data(self, ip_list):
@@ -254,30 +256,44 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
         self._add_instances_to_groups()
         self._add_hostvars_for_instances()
         for instance in self.instances:
-            variables = self.inventory.get_host(instance.label).get_vars()
+            hostname = make_unsafe(instance.label)
+            variables = self.inventory.get_host(hostname).get_vars()
             self._add_host_to_composed_groups(
                 self.get_option('groups'),
                 variables,
-                instance.label,
+                hostname,
                 strict=strict)
             self._add_host_to_keyed_groups(
                 self.get_option('keyed_groups'),
                 variables,
-                instance.label,
+                hostname,
                 strict=strict)
             self._set_composite_vars(
                 self.get_option('compose'),
                 variables,
-                instance.label,
+                hostname,
                 strict=strict)
 
     def verify_file(self, path):
-        """Verify the Linode configuration file."""
+        """Verify the Linode configuration file.
+
+        Return true/false if the config-file is valid for this plugin
+
+        Args:
+            str(path): path to the config
+        Kwargs:
+            None
+        Raises:
+            None
+        Returns:
+            bool(valid): is valid config file"""
+        valid = False
         if super(InventoryModule, self).verify_file(path):
-            endings = ('linode.yaml', 'linode.yml')
-            if any((path.endswith(ending) for ending in endings)):
-                return True
-        return False
+            if path.endswith(("linode.yaml", "linode.yml")):
+                valid = True
+            else:
+                self.display.vvv('Inventory source not ending in "linode.yaml" or "linode.yml"')
+        return valid
 
     def parse(self, inventory, loader, path, cache=True):
         """Dynamically parse Linode the cloud inventory."""

plugins/inventory/lxd.py

@@ -47,7 +47,7 @@ DOCUMENTATION = r'''
             - You need to set this password on the lxd server before
                 running this module using the following command
                 C(lxc config set core.trust_password <some random password>)
-                See U(https://www.stgraber.org/2016/04/18/lxd-api-direct-interaction/).
+                See U(https://documentation.ubuntu.com/lxd/en/latest/authentication/#adding-client-certificates-using-a-trust-password).
             - If O(trust_password) is set, this module send a request for authentication before sending any requests.
             type: str
         state:
@@ -70,7 +70,7 @@ DOCUMENTATION = r'''
             version_added: 4.2.0
         prefered_instance_network_interface:
             description:
-            - If an instance has multiple network interfaces, select which one is the prefered as pattern.
+            - If an instance has multiple network interfaces, select which one is the preferred as pattern.
             - Combined with the first number that can be found e.g. 'eth' + 0.
             - The option has been renamed from O(prefered_container_network_interface) to O(prefered_instance_network_interface)
               in community.general 3.8.0. The old name still works as an alias.
@@ -80,7 +80,7 @@ DOCUMENTATION = r'''
               - prefered_container_network_interface
         prefered_instance_network_family:
             description:
-            - If an instance has multiple network interfaces, which one is the prefered by family.
+            - If an instance has multiple network interfaces, which one is the preferred by family.
             - Specify V(inet) for IPv4 and V(inet6) for IPv6.
             type: str
             default: inet
@@ -161,6 +161,7 @@ from ansible.module_utils.six import raise_from
 from ansible.errors import AnsibleError, AnsibleParserError
 from ansible.module_utils.six.moves.urllib.parse import urlencode
 from ansible_collections.community.general.plugins.module_utils.lxd import LXDClient, LXDClientException
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 try:
     import ipaddress
@@ -359,7 +360,7 @@ class InventoryModule(BaseInventoryPlugin):
         Kwargs:
             None
         Source:
-            https://github.com/lxc/lxd/blob/master/doc/rest-api.md
+            https://documentation.ubuntu.com/lxd/en/latest/rest-api/
         Raises:
             None
         Returns:
@@ -376,7 +377,7 @@ class InventoryModule(BaseInventoryPlugin):
     def get_instance_data(self, names):
         """Create Inventory of the instance
 
-        Iterate through the different branches of the instances and collect Informations.
+        Iterate through the different branches of the instances and collect Information.
 
         Args:
             list(names): List of instance names
@@ -398,7 +399,7 @@ class InventoryModule(BaseInventoryPlugin):
     def get_network_data(self, names):
         """Create Inventory of the instance
 
-        Iterate through the different branches of the instances and collect Informations.
+        Iterate through the different branches of the instances and collect Information.
 
         Args:
             list(names): List of instance names
@@ -451,12 +452,12 @@ class InventoryModule(BaseInventoryPlugin):
         return network_configuration
 
     def get_prefered_instance_network_interface(self, instance_name):
-        """Helper to get the prefered interface of thr instance
+        """Helper to get the preferred interface of thr instance
 
-        Helper to get the prefered interface provide by neme pattern from 'prefered_instance_network_interface'.
+        Helper to get the preferred interface provide by neme pattern from 'prefered_instance_network_interface'.
 
         Args:
-            str(containe_name): name of instance
+            str(instance_name): name of instance
         Kwargs:
             None
         Raises:
@@ -481,7 +482,7 @@ class InventoryModule(BaseInventoryPlugin):
         Helper to get the VLAN_ID from the instance
 
         Args:
-            str(containe_name): name of instance
+            str(instance_name): name of instance
         Kwargs:
             None
         Raises:
@@ -563,7 +564,7 @@ class InventoryModule(BaseInventoryPlugin):
             else:
                 path[instance_name][key] = value
         except KeyError as err:
-            raise AnsibleParserError("Unable to store Informations: {0}".format(to_native(err)))
+            raise AnsibleParserError("Unable to store Information: {0}".format(to_native(err)))
 
     def extract_information_from_instance_configs(self):
         """Process configuration information
@@ -656,7 +657,7 @@ class InventoryModule(BaseInventoryPlugin):
 
         if self._get_data_entry('inventory/{0}/network_interfaces'.format(instance_name)):  # instance have network interfaces
             self.inventory.set_variable(instance_name, 'ansible_connection', 'ssh')
-            self.inventory.set_variable(instance_name, 'ansible_host', interface_selection(instance_name))
+            self.inventory.set_variable(instance_name, 'ansible_host', make_unsafe(interface_selection(instance_name)))
         else:
             self.inventory.set_variable(instance_name, 'ansible_connection', 'local')
 
@@ -682,31 +683,39 @@ class InventoryModule(BaseInventoryPlugin):
                 if self.filter.lower() != instance_state:
                     continue
             # add instance
+            instance_name = make_unsafe(instance_name)
             self.inventory.add_host(instance_name)
-            # add network informations
+            # add network information
             self.build_inventory_network(instance_name)
             # add os
             v = self._get_data_entry('inventory/{0}/os'.format(instance_name))
             if v:
-                self.inventory.set_variable(instance_name, 'ansible_lxd_os', v.lower())
+                self.inventory.set_variable(instance_name, 'ansible_lxd_os', make_unsafe(v.lower()))
             # add release
             v = self._get_data_entry('inventory/{0}/release'.format(instance_name))
             if v:
-                self.inventory.set_variable(instance_name, 'ansible_lxd_release', v.lower())
+                self.inventory.set_variable(
+                    instance_name, 'ansible_lxd_release', make_unsafe(v.lower()))
             # add profile
-            self.inventory.set_variable(instance_name, 'ansible_lxd_profile', self._get_data_entry('inventory/{0}/profile'.format(instance_name)))
+            self.inventory.set_variable(
+                instance_name, 'ansible_lxd_profile', make_unsafe(self._get_data_entry('inventory/{0}/profile'.format(instance_name))))
             # add state
-            self.inventory.set_variable(instance_name, 'ansible_lxd_state', instance_state)
+            self.inventory.set_variable(
+                instance_name, 'ansible_lxd_state', make_unsafe(instance_state))
             # add type
-            self.inventory.set_variable(instance_name, 'ansible_lxd_type', self._get_data_entry('inventory/{0}/type'.format(instance_name)))
+            self.inventory.set_variable(
+                instance_name, 'ansible_lxd_type', make_unsafe(self._get_data_entry('inventory/{0}/type'.format(instance_name))))
             # add location information
             if self._get_data_entry('inventory/{0}/location'.format(instance_name)) != "none":  # wrong type by lxd 'none' != 'None'
-                self.inventory.set_variable(instance_name, 'ansible_lxd_location', self._get_data_entry('inventory/{0}/location'.format(instance_name)))
+                self.inventory.set_variable(
+                    instance_name, 'ansible_lxd_location', make_unsafe(self._get_data_entry('inventory/{0}/location'.format(instance_name))))
             # add VLAN_ID information
             if self._get_data_entry('inventory/{0}/vlan_ids'.format(instance_name)):
-                self.inventory.set_variable(instance_name, 'ansible_lxd_vlan_ids', self._get_data_entry('inventory/{0}/vlan_ids'.format(instance_name)))
+                self.inventory.set_variable(
+                    instance_name, 'ansible_lxd_vlan_ids', make_unsafe(self._get_data_entry('inventory/{0}/vlan_ids'.format(instance_name))))
             # add project
-            self.inventory.set_variable(instance_name, 'ansible_lxd_project', self._get_data_entry('inventory/{0}/project'.format(instance_name)))
+            self.inventory.set_variable(
+                instance_name, 'ansible_lxd_project', make_unsafe(self._get_data_entry('inventory/{0}/project'.format(instance_name))))
 
     def build_inventory_groups_location(self, group_name):
         """create group by attribute: location
@@ -979,7 +988,7 @@ class InventoryModule(BaseInventoryPlugin):
             for group_name in self.groupby:
                 if not group_name.isalnum():
                     raise AnsibleParserError('Invalid character(s) in groupname: {0}'.format(to_native(group_name)))
-                group_type(group_name)
+                group_type(make_unsafe(group_name))
 
     def build_inventory(self):
         """Build dynamic inventory

plugins/inventory/nmap.py

@@ -85,6 +85,11 @@ DOCUMENTATION = '''
             type: boolean
             default: false
             version_added: 6.1.0
+        use_arp_ping:
+            description: Whether to always (V(true)) use the quick ARP ping or (V(false)) a slower but more reliable method.
+            type: boolean
+            default: true
+            version_added: 7.4.0
     notes:
         - At least one of ipv4 or ipv6 is required to be True, both can be True, but they cannot both be False.
         - 'TODO: add OS fingerprinting'
@@ -121,6 +126,7 @@ from ansible.errors import AnsibleParserError
 from ansible.module_utils.common.text.converters import to_native, to_text
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
 from ansible.module_utils.common.process import get_bin_path
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 
 class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
@@ -138,6 +144,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
         strict = self.get_option('strict')
 
         for host in hosts:
+            host = make_unsafe(host)
             hostname = host['name']
             self.inventory.add_host(hostname)
             for var, value in host.items():
@@ -196,40 +203,43 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
             # setup command
             cmd = [self._nmap]
 
-            if self._options['sudo']:
+            if self.get_option('sudo'):
                 cmd.insert(0, 'sudo')
 
-            if self._options['port']:
+            if self.get_option('port'):
                 cmd.append('-p')
-                cmd.append(self._options['port'])
+                cmd.append(self.get_option('port'))
 
-            if not self._options['ports']:
+            if not self.get_option('ports'):
                 cmd.append('-sP')
 
-            if self._options['ipv4'] and not self._options['ipv6']:
+            if self.get_option('ipv4') and not self.get_option('ipv6'):
                 cmd.append('-4')
-            elif self._options['ipv6'] and not self._options['ipv4']:
+            elif self.get_option('ipv6') and not self.get_option('ipv4'):
                 cmd.append('-6')
-            elif not self._options['ipv6'] and not self._options['ipv4']:
+            elif not self.get_option('ipv6') and not self.get_option('ipv4'):
                 raise AnsibleParserError('One of ipv4 or ipv6 must be enabled for this plugin')
 
-            if self._options['exclude']:
+            if self.get_option('exclude'):
                 cmd.append('--exclude')
-                cmd.append(','.join(self._options['exclude']))
+                cmd.append(','.join(self.get_option('exclude')))
 
-            if self._options['dns_resolve']:
+            if self.get_option('dns_resolve'):
                 cmd.append('-n')
 
-            if self._options['udp_scan']:
+            if self.get_option('udp_scan'):
                 cmd.append('-sU')
 
-            if self._options['icmp_timestamp']:
+            if self.get_option('icmp_timestamp'):
                 cmd.append('-PP')
 
-            if self._options['open']:
+            if self.get_option('open'):
                 cmd.append('--open')
 
-            cmd.append(self._options['address'])
+            if not self.get_option('use_arp_ping'):
+                cmd.append('--disable-arp-ping')
+
+            cmd.append(self.get_option('address'))
             try:
                 # execute
                 p = Popen(cmd, stdout=PIPE, stderr=PIPE)

plugins/inventory/online.py

@@ -68,6 +68,7 @@ from ansible.plugins.inventory import BaseInventoryPlugin
 from ansible.module_utils.common.text.converters import to_text
 from ansible.module_utils.ansible_release import __version__ as ansible_version
 from ansible.module_utils.six.moves.urllib.parse import urljoin
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 
 class InventoryModule(BaseInventoryPlugin):
@@ -169,20 +170,20 @@ class InventoryModule(BaseInventoryPlugin):
             "support"
         )
         for attribute in targeted_attributes:
-            self.inventory.set_variable(hostname, attribute, host_infos[attribute])
+            self.inventory.set_variable(hostname, attribute, make_unsafe(host_infos[attribute]))
 
         if self.extract_public_ipv4(host_infos=host_infos):
-            self.inventory.set_variable(hostname, "public_ipv4", self.extract_public_ipv4(host_infos=host_infos))
-            self.inventory.set_variable(hostname, "ansible_host", self.extract_public_ipv4(host_infos=host_infos))
+            self.inventory.set_variable(hostname, "public_ipv4", make_unsafe(self.extract_public_ipv4(host_infos=host_infos)))
+            self.inventory.set_variable(hostname, "ansible_host", make_unsafe(self.extract_public_ipv4(host_infos=host_infos)))
 
         if self.extract_private_ipv4(host_infos=host_infos):
-            self.inventory.set_variable(hostname, "public_ipv4", self.extract_private_ipv4(host_infos=host_infos))
+            self.inventory.set_variable(hostname, "public_ipv4", make_unsafe(self.extract_private_ipv4(host_infos=host_infos)))
 
         if self.extract_os_name(host_infos=host_infos):
-            self.inventory.set_variable(hostname, "os_name", self.extract_os_name(host_infos=host_infos))
+            self.inventory.set_variable(hostname, "os_name", make_unsafe(self.extract_os_name(host_infos=host_infos)))
 
         if self.extract_os_version(host_infos=host_infos):
-            self.inventory.set_variable(hostname, "os_version", self.extract_os_name(host_infos=host_infos))
+            self.inventory.set_variable(hostname, "os_version", make_unsafe(self.extract_os_name(host_infos=host_infos)))
 
     def _filter_host(self, host_infos, hostname_preferences):
 
@@ -201,6 +202,8 @@ class InventoryModule(BaseInventoryPlugin):
         if not hostname:
             return
 
+        hostname = make_unsafe(hostname)
+
         self.inventory.add_host(host=hostname)
         self._fill_host_variables(hostname=hostname, host_infos=host_infos)
 
@@ -210,6 +213,8 @@ class InventoryModule(BaseInventoryPlugin):
             if not group:
                 return
 
+            group = make_unsafe(group)
+
             self.inventory.add_group(group=group)
             self.inventory.add_host(group=group, host=hostname)
 

plugins/inventory/opennebula.py

@@ -97,6 +97,7 @@ except ImportError:
 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
 from ansible.module_utils.common.text.converters import to_native
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 from collections import namedtuple
 import os
@@ -215,6 +216,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
         filter_by_label = self.get_option('filter_by_label')
         servers = self._retrieve_servers(filter_by_label)
         for server in servers:
+            server = make_unsafe(server)
             hostname = server['name']
             # check for labels
             if group_by_labels and server['LABELS']:

plugins/inventory/proxmox.py

@@ -102,7 +102,7 @@ DOCUMENTATION = '''
         type: bool
       qemu_extended_statuses:
         description:
-          - Requires O(want_facts) to be set to V(true) to function. This will allow you to differentiate betweend C(paused) and C(prelaunch)
+          - Requires O(want_facts) to be set to V(true) to function. This will allow you to differentiate between C(paused) and C(prelaunch)
             statuses of the QEMU VMs.
           - This introduces multiple groups [prefixed with O(group_prefix)] C(prelaunch) and C(paused).
         default: false
@@ -222,6 +222,7 @@ from ansible.module_utils.common.text.converters import to_native
 from ansible.module_utils.six import string_types
 from ansible.module_utils.six.moves.urllib.parse import urlencode
 from ansible.utils.display import Display
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
 
@@ -330,7 +331,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
 
             self._cache[self.cache_key][url] = data
 
-        return self._cache[self.cache_key][url]
+        return make_unsafe(self._cache[self.cache_key][url])
 
     def _get_nodes(self):
         return self._get_json("%s/api2/json/nodes" % self.proxmox_url)

plugins/inventory/scaleway.py

@@ -124,6 +124,7 @@ from ansible_collections.community.general.plugins.module_utils.scaleway import
 from ansible.module_utils.urls import open_url
 from ansible.module_utils.common.text.converters import to_native, to_text
 from ansible.module_utils.six import raise_from
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 import ansible.module_utils.six.moves.urllib.parse as urllib_parse
 
@@ -279,7 +280,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
         zone_info = SCALEWAY_LOCATION[zone]
 
         url = _build_server_url(zone_info["api_endpoint"])
-        raw_zone_hosts_infos = _fetch_information(url=url, token=token)
+        raw_zone_hosts_infos = make_unsafe(_fetch_information(url=url, token=token))
 
         for host_infos in raw_zone_hosts_infos:
 
@@ -341,4 +342,4 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
         hostname_preference = self.get_option("hostnames")
 
         for zone in self._get_zones(config_zones):
-            self.do_zone_inventory(zone=zone, token=token, tags=tags, hostname_preferences=hostname_preference)
+            self.do_zone_inventory(zone=make_unsafe(zone), token=token, tags=tags, hostname_preferences=hostname_preference)

plugins/inventory/stackpath_compute.py

@@ -72,6 +72,7 @@ from ansible.plugins.inventory import (
     Cacheable
 )
 from ansible.utils.display import Display
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 
 display = Display()
@@ -271,7 +272,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
         if not cache or cache_needs_update:
             results = self._query()
 
-        self._populate(results)
+        self._populate(make_unsafe(results))
 
         # If the cache has expired/doesn't exist or
         # if refresh_inventory/flush cache is used

plugins/inventory/virtualbox.py

@@ -62,6 +62,7 @@ from ansible.module_utils.common.text.converters import to_bytes, to_native, to_
 from ansible.module_utils.common._collections_compat import MutableMapping
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
 from ansible.module_utils.common.process import get_bin_path
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 
 class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
@@ -116,6 +117,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
             self._add_host_to_keyed_groups(self.get_option('keyed_groups'), hostvars[host], host, strict=strict)
 
     def _populate_from_cache(self, source_data):
+        source_data = make_unsafe(source_data)
         hostvars = source_data.pop('_meta', {}).get('hostvars', {})
         for group in source_data:
             if group == 'all':
@@ -162,7 +164,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
             v = v.strip()
             # found host
             if k.startswith('Name') and ',' not in v:  # some setting strings appear in Name
-                current_host = v
+                current_host = make_unsafe(v)
                 if current_host not in hostvars:
                     hostvars[current_host] = {}
                     self.inventory.add_host(current_host)
@@ -170,12 +172,13 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
                 # try to get network info
                 netdata = self._query_vbox_data(current_host, netinfo)
                 if netdata:
-                    self.inventory.set_variable(current_host, 'ansible_host', netdata)
+                    self.inventory.set_variable(current_host, 'ansible_host', make_unsafe(netdata))
 
             # found groups
             elif k == 'Groups':
                 for group in v.split('/'):
                     if group:
+                        group = make_unsafe(group)
                         group = self.inventory.add_group(group)
                         self.inventory.add_child(group, current_host)
                         if group not in cacheable_results:
@@ -185,17 +188,17 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
 
             else:
                 # found vars, accumulate in hostvars for clean inventory set
-                pref_k = 'vbox_' + k.strip().replace(' ', '_')
+                pref_k = make_unsafe('vbox_' + k.strip().replace(' ', '_'))
                 leading_spaces = len(k) - len(k.lstrip(' '))
                 if 0 < leading_spaces <= 2:
                     if prevkey not in hostvars[current_host] or not isinstance(hostvars[current_host][prevkey], dict):
                         hostvars[current_host][prevkey] = {}
-                    hostvars[current_host][prevkey][pref_k] = v
+                    hostvars[current_host][prevkey][pref_k] = make_unsafe(v)
                 elif leading_spaces > 2:
                     continue
                 else:
                     if v != '':
-                        hostvars[current_host][pref_k] = v
+                        hostvars[current_host][pref_k] = make_unsafe(v)
                 if self._ungrouped_host(current_host, cacheable_results):
                     if 'ungrouped' not in cacheable_results:
                         cacheable_results['ungrouped'] = {'hosts': []}

plugins/inventory/xen_orchestra.py

@@ -82,6 +82,7 @@ from time import sleep
 
 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
+from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
 
 from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
 
@@ -347,4 +348,4 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
             self.protocol = 'ws'
 
         objects = self._get_objects()
-        self._populate(objects)
+        self._populate(make_unsafe(objects))

plugins/lookup/bitwarden.py

@@ -25,7 +25,10 @@ DOCUMENTATION = """
         type: list
         elements: str
       search:
-        description: Field to retrieve, for example V(name) or V(id).
+        description:
+          - Field to retrieve, for example V(name) or V(id).
+          - If set to V(id), only zero or one element can be returned.
+            Use the Jinja C(first) filter to get the only list element.
         type: str
         default: name
         version_added: 5.7.0
@@ -39,27 +42,27 @@ DOCUMENTATION = """
 """
 
 EXAMPLES = """
-- name: "Get 'password' from Bitwarden record named 'a_test'"
+- name: "Get 'password' from all Bitwarden records named 'a_test'"
   ansible.builtin.debug:
     msg: >-
       {{ lookup('community.general.bitwarden', 'a_test', field='password') }}
 
-- name: "Get 'password' from Bitwarden record with id 'bafba515-af11-47e6-abe3-af1200cd18b2'"
+- name: "Get 'password' from Bitwarden record with ID 'bafba515-af11-47e6-abe3-af1200cd18b2'"
   ansible.builtin.debug:
     msg: >-
-      {{ lookup('community.general.bitwarden', 'bafba515-af11-47e6-abe3-af1200cd18b2', search='id', field='password') }}
+      {{ lookup('community.general.bitwarden', 'bafba515-af11-47e6-abe3-af1200cd18b2', search='id', field='password') | first }}
 
-- name: "Get 'password' from Bitwarden record named 'a_test' from collection"
+- name: "Get 'password' from all Bitwarden records named 'a_test' from collection"
   ansible.builtin.debug:
     msg: >-
       {{ lookup('community.general.bitwarden', 'a_test', field='password', collection_id='bafba515-af11-47e6-abe3-af1200cd18b2') }}
 
-- name: "Get full Bitwarden record named 'a_test'"
+- name: "Get list of all full Bitwarden records named 'a_test'"
   ansible.builtin.debug:
     msg: >-
       {{ lookup('community.general.bitwarden', 'a_test') }}
 
-- name: "Get custom field 'api_key' from Bitwarden record named 'a_test'"
+- name: "Get custom field 'api_key' from all Bitwarden records named 'a_test'"
   ansible.builtin.debug:
     msg: >-
       {{ lookup('community.general.bitwarden', 'a_test', field='api_key') }}
@@ -67,9 +70,12 @@ EXAMPLES = """
 
 RETURN = """
   _raw:
-    description: List of requested field or JSON object of list of matches.
+    description:
+      - A one-element list that contains a list of requested fields or JSON objects of matches.
+      - If you use C(query), you get a list of lists. If you use C(lookup) without C(wantlist=true),
+        this always gets reduced to a list of field values or JSON objects.
     type: list
-    elements: raw
+    elements: list
 """
 
 from subprocess import Popen, PIPE
@@ -132,20 +138,29 @@ class Bitwarden(object):
         If field is None, return the whole record for each match.
         """
         matches = self._get_matches(search_value, search_field, collection_id)
-
-        if field in ['autofillOnPageLoad', 'password', 'passwordRevisionDate', 'totp', 'uris', 'username']:
-            return [match['login'][field] for match in matches]
-        elif not field:
+        if not field:
             return matches
-        else:
-            custom_field_matches = []
-            for match in matches:
+        field_matches = []
+        for match in matches:
+            # if there are no custom fields, then `match` has no key 'fields'
+            if 'fields' in match:
+                custom_field_found = False
                 for custom_field in match['fields']:
-                    if custom_field['name'] == field:
-                        custom_field_matches.append(custom_field['value'])
-            if matches and not custom_field_matches:
-                raise AnsibleError("Custom field {field} does not exist in {search_value}".format(field=field, search_value=search_value))
-            return custom_field_matches
+                    if field == custom_field['name']:
+                        field_matches.append(custom_field['value'])
+                        custom_field_found = True
+                        break
+                if custom_field_found:
+                    continue
+            if 'login' in match and field in match['login']:
+                field_matches.append(match['login'][field])
+                continue
+            if field in match:
+                field_matches.append(match[field])
+                continue
+        if matches and not field_matches:
+            raise AnsibleError("field {field} does not exist in {search_value}".format(field=field, search_value=search_value))
+        return field_matches
 
 
 class LookupModule(LookupBase):

plugins/lookup/dig.py

@@ -70,6 +70,11 @@ DOCUMENTATION = '''
           - "Class."
         type: str
         default: 'IN'
+      tcp:
+        description: Use TCP to lookup DNS records.
+        default: false
+        type: bool
+        version_added: 7.5.0
     notes:
       - ALL is not a record per-se, merely the listed fields are available for any record results you retrieve in the form of a dictionary.
       - While the 'dig' lookup plugin supports anything which dnspython supports out of the box, only a subset can be converted into a dictionary.
@@ -329,6 +334,7 @@ class LookupModule(LookupBase):
         flat = self.get_option('flat')
         fail_on_error = self.get_option('fail_on_error')
         real_empty = self.get_option('real_empty')
+        tcp = self.get_option('tcp')
         try:
             rdclass = dns.rdataclass.from_text(self.get_option('class'))
         except Exception as e:
@@ -375,6 +381,8 @@ class LookupModule(LookupBase):
                     fail_on_error = boolean(arg)
                 elif opt == 'real_empty':
                     real_empty = boolean(arg)
+                elif opt == 'tcp':
+                    tcp = boolean(arg)
 
                 continue
 
@@ -408,7 +416,7 @@ class LookupModule(LookupBase):
 
         for domain in domains:
             try:
-                answers = myres.query(domain, qtype, rdclass=rdclass)
+                answers = myres.query(domain, qtype, rdclass=rdclass, tcp=tcp)
                 for rdata in answers:
                     s = rdata.to_text()
                     if qtype.upper() == 'TXT':

plugins/lookup/onepassword.py

@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Copyright (c) 2018, Scott Buchanan <sbuchanan@ri.pn>
+# Copyright (c) 2018, Scott Buchanan <scott@buchanan.works>
 # Copyright (c) 2016, Andrew Zenk <azenk@umn.edu> (lastpass.py used as starting point)
 # Copyright (c) 2018, Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
@@ -38,6 +38,10 @@ DOCUMENTATION = '''
         type: str
       subdomain:
         description: The 1Password subdomain to authenticate against.
+      account_id:
+        description: The account ID to target.
+        type: str
+        version_added: 7.5.0
       username:
         description: The username used to sign in.
       secret_key:
@@ -55,6 +59,7 @@ DOCUMENTATION = '''
         performed an initial sign in (meaning C(~/.op/config), C(~/.config/op/config) or C(~/.config/.op/config) exists), then only the
         C(master_password) is required. You may optionally specify O(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op).
       - This lookup can perform an initial login by providing O(subdomain), O(username), O(secret_key), and O(master_password).
+      - Can target a specific account by providing the O(account_id).
       - Due to the B(very) sensitive nature of these credentials, it is B(highly) recommended that you only pass in the minimal credentials
         needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength
         to the 1Password master password.
@@ -93,6 +98,12 @@ EXAMPLES = """
                 master_password=vault_master_password,
                 username='tweety@acme.com',
                 secret_key=vault_secret_key)
+
+- name: Retrieve password from specific account
+  ansible.builtin.debug:
+    var: lookup('community.general.onepassword',
+                'HAL 9000',
+                account_id='abc123')
 """
 
 RETURN = """
@@ -116,16 +127,34 @@ from ansible.module_utils.six import with_metaclass
 from ansible_collections.community.general.plugins.module_utils.onepassword import OnePasswordConfig
 
 
+def _lower_if_possible(value):
+    """Return the lower case version value, otherwise return the value"""
+    try:
+        return value.lower()
+    except AttributeError:
+        return value
+
+
 class OnePassCLIBase(with_metaclass(abc.ABCMeta, object)):
     bin = "op"
 
-    def __init__(self, subdomain=None, domain="1password.com", username=None, secret_key=None, master_password=None, service_account_token=None):
+    def __init__(
+        self,
+        subdomain=None,
+        domain="1password.com",
+        username=None,
+        secret_key=None,
+        master_password=None,
+        service_account_token=None,
+        account_id=None,
+    ):
         self.subdomain = subdomain
         self.domain = domain
         self.username = username
         self.master_password = master_password
         self.secret_key = secret_key
         self.service_account_token = service_account_token
+        self.account_id = account_id
 
         self._path = None
         self._version = None
@@ -293,7 +322,9 @@ class OnePassCLIv1(OnePassCLIBase):
 
     def assert_logged_in(self):
         args = ["get", "account"]
-        if self.subdomain:
+        if self.account_id:
+            args.extend(["--account", self.account_id])
+        elif self.subdomain:
             account = "{subdomain}.{domain}".format(subdomain=self.subdomain, domain=self.domain)
             args.extend(["--account", account])
 
@@ -326,6 +357,10 @@ class OnePassCLIv1(OnePassCLIBase):
 
     def get_raw(self, item_id, vault=None, token=None):
         args = ["get", "item", item_id]
+
+        if self.account_id:
+            args.extend(["--account", self.account_id])
+
         if vault is not None:
             args += ["--vault={0}".format(vault)]
 
@@ -453,6 +488,7 @@ class OnePassCLIv2(OnePassCLIBase):
             }
         """
         data = json.loads(data_json)
+        field_name = _lower_if_possible(field_name)
         for field in data.get("fields", []):
             if section_title is None:
                 # If the field name exists in the section, return that value
@@ -461,24 +497,26 @@ class OnePassCLIv2(OnePassCLIBase):
 
                 # If the field name doesn't exist in the section, match on the value of "label"
                 # then "id" and return "value"
-                if field.get("label") == field_name:
-                    return field["value"]
+                if field.get("label", "").lower() == field_name:
+                    return field.get("value", "")
 
-                if field.get("id") == field_name:
-                    return field["value"]
+                if field.get("id", "").lower() == field_name:
+                    return field.get("value", "")
 
-            # Look at the section data and get an indentifier. The value of 'id' is either a unique ID
+            # Look at the section data and get an identifier. The value of 'id' is either a unique ID
             # or a human-readable string. If a 'label' field exists, prefer that since
             # it is the value visible in the 1Password UI when both 'id' and 'label' exist.
             section = field.get("section", {})
-            current_section_title = section.get("label", section.get("id"))
+            section_title = _lower_if_possible(section_title)
+
+            current_section_title = section.get("label", section.get("id", "")).lower()
             if section_title == current_section_title:
                 # In the correct section. Check "label" then "id" for the desired field_name
-                if field.get("label") == field_name:
-                    return field["value"]
+                if field.get("label", "").lower() == field_name:
+                    return field.get("value", "")
 
-                if field.get("id") == field_name:
-                    return field["value"]
+                if field.get("id", "").lower() == field_name:
+                    return field.get("value", "")
 
         return ""
 
@@ -502,7 +540,9 @@ class OnePassCLIv2(OnePassCLIBase):
             # an interactive prompt. Only run 'op account get' after first listing accounts to see
             # if there are any previously configured accounts.
             args = ["account", "get"]
-            if self.subdomain:
+            if self.account_id:
+                args.extend(["--account", self.account_id])
+            elif self.subdomain:
                 account = "{subdomain}.{domain}".format(subdomain=self.subdomain, domain=self.domain)
                 args.extend(["--account", account])
 
@@ -533,6 +573,10 @@ class OnePassCLIv2(OnePassCLIBase):
 
     def get_raw(self, item_id, vault=None, token=None):
         args = ["item", "get", item_id, "--format", "json"]
+
+        if self.account_id:
+            args.extend(["--account", self.account_id])
+
         if vault is not None:
             args += ["--vault={0}".format(vault)]
 
@@ -559,13 +603,14 @@ class OnePassCLIv2(OnePassCLIBase):
 
 class OnePass(object):
     def __init__(self, subdomain=None, domain="1password.com", username=None, secret_key=None, master_password=None,
-                 service_account_token=None):
+                 service_account_token=None, account_id=None):
         self.subdomain = subdomain
         self.domain = domain
         self.username = username
         self.secret_key = secret_key
         self.master_password = master_password
         self.service_account_token = service_account_token
+        self.account_id = account_id
 
         self.logged_in = False
         self.token = None
@@ -578,7 +623,7 @@ class OnePass(object):
         for cls in OnePassCLIBase.__subclasses__():
             if cls.supports_version == version.split(".")[0]:
                 try:
-                    return cls(self.subdomain, self.domain, self.username, self.secret_key, self.master_password, self.service_account_token)
+                    return cls(self.subdomain, self.domain, self.username, self.secret_key, self.master_password, self.service_account_token, self.account_id)
                 except TypeError as e:
                     raise AnsibleLookupError(e)
 
@@ -642,8 +687,9 @@ class LookupModule(LookupBase):
         secret_key = self.get_option("secret_key")
         master_password = self.get_option("master_password")
         service_account_token = self.get_option("service_account_token")
+        account_id = self.get_option("account_id")
 
-        op = OnePass(subdomain, domain, username, secret_key, master_password, service_account_token)
+        op = OnePass(subdomain, domain, username, secret_key, master_password, service_account_token, account_id)
         op.assert_logged_in()
 
         values = []

plugins/lookup/onepassword_raw.py

@@ -35,6 +35,10 @@ DOCUMENTATION = '''
         version_added: 6.0.0
         default: '1password.com'
         type: str
+      account_id:
+        description: The account ID to target.
+        type: str
+        version_added: 7.5.0
       username:
         description: The username used to sign in.
       secret_key:
@@ -52,6 +56,7 @@ DOCUMENTATION = '''
         performed an initial sign in (meaning C(~/.op/config exists)), then only the O(master_password) is required.
         You may optionally specify O(subdomain) in this scenario, otherwise the last used subdomain will be used by C(op).
       - This lookup can perform an initial login by providing O(subdomain), O(username), O(secret_key), and O(master_password).
+      - Can target a specific account by providing the O(account_id).
       - Due to the B(very) sensitive nature of these credentials, it is B(highly) recommended that you only pass in the minimal credentials
         needed at any given time. Also, store these credentials in an Ansible Vault using a key that is equal to or greater in strength
         to the 1Password master password.
@@ -96,8 +101,9 @@ class LookupModule(LookupBase):
         secret_key = self.get_option("secret_key")
         master_password = self.get_option("master_password")
         service_account_token = self.get_option("service_account_token")
+        account_id = self.get_option("account_id")
 
-        op = OnePass(subdomain, domain, username, secret_key, master_password, service_account_token)
+        op = OnePass(subdomain, domain, username, secret_key, master_password, service_account_token, account_id)
         op.assert_logged_in()
 
         values = []

plugins/lookup/random_string.py

@@ -72,7 +72,7 @@ DOCUMENTATION = r"""
         type: int
       override_special:
         description:
-        - Overide a list of special characters to use in the string.
+        - Override a list of special characters to use in the string.
         - If set O(min_special) should be set to a non-default value.
         type: str
       override_all:
@@ -80,6 +80,19 @@ DOCUMENTATION = r"""
         - Override all values of O(numbers), O(upper), O(lower), and O(special) with
           the given list of characters.
         type: str
+      ignore_similar_chars:
+        description:
+        - Ignore similar characters, such as V(l) and V(1), or V(O) and V(0).
+        - These characters can be configured in O(similar_chars).
+        default: false
+        type: bool
+        version_added: 7.5.0
+      similar_chars:
+        description:
+        - Override a list of characters not to be use in the string.
+        default: "il1LoO0"
+        type: str
+        version_added: 7.5.0
       base64:
         description:
         - Returns base64 encoded string.
@@ -103,7 +116,7 @@ EXAMPLES = r"""
     var: lookup('community.general.random_string', base64=True)
   # Example result: ['NHZ6eWN5Qk0=']
 
-- name: Generate a random string with 1 lower, 1 upper, 1 number and 1 special char (atleast)
+- name: Generate a random string with 1 lower, 1 upper, 1 number and 1 special char (at least)
   ansible.builtin.debug:
     var: lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1)
   # Example result: ['&Qw2|E[-']
@@ -173,9 +186,17 @@ class LookupModule(LookupBase):
         length = self.get_option("length")
         base64_flag = self.get_option("base64")
         override_all = self.get_option("override_all")
+        ignore_similar_chars = self.get_option("ignore_similar_chars")
+        similar_chars = self.get_option("similar_chars")
         values = ""
         available_chars_set = ""
 
+        if ignore_similar_chars:
+            number_chars = "".join([sc for sc in number_chars if sc not in similar_chars])
+            lower_chars = "".join([sc for sc in lower_chars if sc not in similar_chars])
+            upper_chars = "".join([sc for sc in upper_chars if sc not in similar_chars])
+            special_chars = "".join([sc for sc in special_chars if sc not in similar_chars])
+
         if override_all:
             # Override all the values
             available_chars_set = override_all

plugins/module_utils/cmd_runner.py

@@ -6,6 +6,7 @@
 from __future__ import absolute_import, division, print_function
 __metaclass__ = type
 
+import os
 from functools import wraps
 
 from ansible.module_utils.common.collections import is_sequence
@@ -204,11 +205,16 @@ class CmdRunner(object):
             environ_update = {}
         self.environ_update = environ_update
 
-        self.command[0] = module.get_bin_path(self.command[0], opt_dirs=path_prefix, required=True)
+        _cmd = self.command[0]
+        self.command[0] = _cmd if (os.path.isabs(_cmd) or '/' in _cmd) else module.get_bin_path(_cmd, opt_dirs=path_prefix, required=True)
 
         for mod_param_name, spec in iteritems(module.argument_spec):
             if mod_param_name not in self.arg_formats:
-                self.arg_formats[mod_param_name] = _Format.as_default_type(spec['type'], mod_param_name)
+                self.arg_formats[mod_param_name] = _Format.as_default_type(spec.get('type', 'str'), mod_param_name)
+
+    @property
+    def binary(self):
+        return self.command[0]
 
     def __call__(self, args_order=None, output_process=None, ignore_value_none=True, check_mode_skip=False, check_mode_return=None, **kwargs):
         if output_process is None:

plugins/module_utils/consul.py

@@ -0,0 +1,29 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (c) 2022, Håkon Lerring
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+
+def get_consul_url(configuration):
+    return '%s://%s:%s/v1' % (configuration.scheme,
+                              configuration.host, configuration.port)
+
+
+def get_auth_headers(configuration):
+    if configuration.token is None:
+        return {}
+    else:
+        return {'X-Consul-Token': configuration.token}
+
+
+class RequestError(Exception):
+    pass
+
+
+def handle_consul_response_error(response):
+    if 400 <= response.status_code < 600:
+        raise RequestError('%d %s' % (response.status_code, response.content))

plugins/module_utils/dimensiondata.py

@@ -39,7 +39,7 @@ except ImportError:
     LIBCLOUD_IMP_ERR = traceback.format_exc()
     HAS_LIBCLOUD = False
 
-# MCP 2.x version patten for location (datacenter) names.
+# MCP 2.x version pattern for location (datacenter) names.
 #
 # Note that this is not a totally reliable way of determining MCP version.
 # Unfortunately, libcloud's NodeLocation currently makes no provision for extended properties.

plugins/module_utils/gio_mime.py

@@ -0,0 +1,32 @@
+# -*- coding: utf-8 -*-
+# Copyright (c) 2022, Alexei Znamensky <russoz@gmail.com>
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+from ansible_collections.community.general.plugins.module_utils.cmd_runner import CmdRunner, cmd_runner_fmt
+
+
+def gio_mime_runner(module, **kwargs):
+    return CmdRunner(
+        module,
+        command=['gio', 'mime'],
+        arg_formats=dict(
+            mime_type=cmd_runner_fmt.as_list(),
+            handler=cmd_runner_fmt.as_list(),
+        ),
+        **kwargs
+    )
+
+
+def gio_mime_get(runner, mime_type):
+    def process(rc, out, err):
+        if err.startswith("No default applications for"):
+            return None
+        out = out.splitlines()[0]
+        return out.split()[-1]
+
+    with runner("mime_type", output_process=process) as ctx:
+        return ctx.run(mime_type=mime_type)

plugins/module_utils/gitlab.py

@@ -116,7 +116,7 @@ def gitlab_authentication(module):
 def filter_returned_variables(gitlab_variables):
     # pop properties we don't know
     existing_variables = [dict(x.attributes) for x in gitlab_variables]
-    KNOWN = ['key', 'value', 'masked', 'protected', 'variable_type', 'environment_scope']
+    KNOWN = ['key', 'value', 'masked', 'protected', 'variable_type', 'environment_scope', 'raw']
     for item in existing_variables:
         for key in list(item.keys()):
             if key not in KNOWN:
@@ -135,6 +135,7 @@ def vars_to_variables(vars, module):
                     "value": str(value),
                     "masked": False,
                     "protected": False,
+                    "raw": False,
                     "variable_type": "env_var",
                 }
             )
@@ -145,6 +146,7 @@ def vars_to_variables(vars, module):
                 "value": value.get('value'),
                 "masked": value.get('masked'),
                 "protected": value.get('protected'),
+                "raw": value.get('raw'),
                 "variable_type": value.get('variable_type'),
             }
 

plugins/module_utils/hwc_utils.py

@@ -203,7 +203,7 @@ class Config(object):
 
         if url == "":
             raise HwcClientException(
-                0, "Can not find the enpoint for %s" % service_type)
+                0, "Cannot find the endpoint for %s" % service_type)
 
         if url[-1] != "/":
             url += "/"
@@ -351,7 +351,7 @@ def wait_to_finish(target, pending, refresh, timeout, min_interval=1, delay=3):
 
             if pending and status not in pending:
                 raise HwcModuleException(
-                    "unexpect status(%s) occurred" % status)
+                    "unexpected status(%s) occurred" % status)
 
         if not is_last_time:
             wait *= 2
@@ -362,7 +362,7 @@ def wait_to_finish(target, pending, refresh, timeout, min_interval=1, delay=3):
 
             time.sleep(wait)
 
-    raise HwcModuleException("asycn wait timeout after %d seconds" % timeout)
+    raise HwcModuleException("async wait timeout after %d seconds" % timeout)
 
 
 def navigate_value(data, index, array_index=None):

plugins/module_utils/identity/keycloak/keycloak.py

@@ -116,6 +116,9 @@ URL_AUTHZ_PERMISSIONS = "{url}/admin/realms/{realm}/clients/{client_id}/authz/re
 
 URL_AUTHZ_RESOURCES = "{url}/admin/realms/{realm}/clients/{client_id}/authz/resource-server/resource"
 
+URL_AUTHZ_CUSTOM_POLICY = "{url}/admin/realms/{realm}/clients/{client_id}/authz/resource-server/policy/{policy_type}"
+URL_AUTHZ_CUSTOM_POLICIES = "{url}/admin/realms/{realm}/clients/{client_id}/authz/resource-server/policy"
+
 
 def keycloak_argument_spec():
     """
@@ -541,7 +544,7 @@ class KeycloakAPI(object):
         return None
 
     def get_client_group_available_rolemappings(self, gid, cid, realm="master"):
-        """ Fetch the available role of a client in a specified goup on the Keycloak server.
+        """ Fetch the available role of a client in a specified group on the Keycloak server.
 
         :param gid: ID of the group from which to obtain the rolemappings.
         :param cid: ID of the client from which to obtain the rolemappings.
@@ -624,7 +627,7 @@ class KeycloakAPI(object):
                                       % (rid, realm, str(e)))
 
     def add_group_rolemapping(self, gid, cid, role_rep, realm="master"):
-        """ Fetch the composite role of a client in a specified goup on the Keycloak server.
+        """ Fetch the composite role of a client in a specified group on the Keycloak server.
 
         :param gid: ID of the group from which to obtain the rolemappings.
         :param cid: ID of the client from which to obtain the rolemappings.
@@ -777,7 +780,8 @@ class KeycloakAPI(object):
         users_url += '?username=%s&exact=true' % username
         try:
             userrep = None
-            users = json.loads(to_native(open_url(users_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
+            users = json.loads(to_native(open_url(users_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
+                                                  timeout=self.connection_timeout,
                                                   validate_certs=self.validate_certs).read()))
             for user in users:
                 if user['username'] == username:
@@ -803,7 +807,8 @@ class KeycloakAPI(object):
 
         service_account_user_url = URL_CLIENT_SERVICE_ACCOUNT_USER.format(url=self.baseurl, realm=realm, id=cid)
         try:
-            return json.loads(to_native(open_url(service_account_user_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
+            return json.loads(to_native(open_url(service_account_user_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
+                                                 timeout=self.connection_timeout,
                                                  validate_certs=self.validate_certs).read()))
         except ValueError as e:
             self.module.fail_json(msg='API returned incorrect JSON when trying to obtain the service-account-user for realm %s and client_id %s: %s'
@@ -1233,7 +1238,7 @@ class KeycloakAPI(object):
 
         :param realm: Realm in which the clientscope resides.
         :param client_id: The client in which the clientscope resides.
-        :return The optinal clientscopes of this realm or client
+        :return The optional clientscopes of this realm or client
         """
         url = URL_OPTIONAL_CLIENTSCOPES if client_id is None else URL_CLIENT_OPTIONAL_CLIENTSCOPES
         return self._get_clientscopes_of_type(realm, url, 'optional', client_id)
@@ -1246,7 +1251,7 @@ class KeycloakAPI(object):
 
         :param realm: Realm in which the clientscope resides.
         :param url_template the template for the right type
-        :param scope_type this can be either optinal or default
+        :param scope_type this can be either optional or default
         :param client_id: The client in which the clientscope resides.
         :return The clientscopes of the specified type of this realm
         """
@@ -1268,7 +1273,7 @@ class KeycloakAPI(object):
 
     def _decide_url_type_clientscope(self, client_id=None, scope_type="default"):
         """Decides which url to use.
-        :param scope_type this can be either optinal or default
+        :param scope_type this can be either optional or default
         :param client_id: The client in which the clientscope resides.
         """
         if client_id is None:
@@ -1347,7 +1352,8 @@ class KeycloakAPI(object):
         clientsecret_url = URL_CLIENTSECRET.format(url=self.baseurl, realm=realm, id=id)
 
         try:
-            return json.loads(to_native(open_url(clientsecret_url, method='POST', headers=self.restheaders, timeout=self.connection_timeout,
+            return json.loads(to_native(open_url(clientsecret_url, method='POST', http_agent=self.http_agent, headers=self.restheaders,
+                                                 timeout=self.connection_timeout,
                                                  validate_certs=self.validate_certs).read()))
 
         except HTTPError as e:
@@ -1370,7 +1376,8 @@ class KeycloakAPI(object):
         clientsecret_url = URL_CLIENTSECRET.format(url=self.baseurl, realm=realm, id=id)
 
         try:
-            return json.loads(to_native(open_url(clientsecret_url, method='GET', headers=self.restheaders, timeout=self.connection_timeout,
+            return json.loads(to_native(open_url(clientsecret_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
+                                                 timeout=self.connection_timeout,
                                                  validate_certs=self.validate_certs).read()))
 
         except HTTPError as e:
@@ -1513,7 +1520,7 @@ class KeycloakAPI(object):
     def get_subgroup_direct_parent(self, parents, realm="master", children_to_resolve=None):
         """ Get keycloak direct parent group API object for a given chain of parents.
 
-        To succesfully work the API for subgroups we actually dont need
+        To successfully work the API for subgroups we actually don't need
         to "walk the whole tree" for nested groups but only need to know
         the ID for the direct predecessor of current subgroup. This
         method will guarantee us this information getting there with
@@ -1672,7 +1679,7 @@ class KeycloakAPI(object):
         :param name: Name of the role to fetch.
         :param realm: Realm in which the role resides; default 'master'.
         """
-        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name))
+        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name, safe=''))
         try:
             return json.loads(to_native(open_url(role_url, method="GET", http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
                                                  validate_certs=self.validate_certs).read()))
@@ -1709,7 +1716,7 @@ class KeycloakAPI(object):
         :param rolerep: A RoleRepresentation of the updated role.
         :return HTTPResponse object on success
         """
-        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(rolerep['name']))
+        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(rolerep['name']), safe='')
         try:
             composites = None
             if "composites" in rolerep:
@@ -1730,9 +1737,9 @@ class KeycloakAPI(object):
             if clientid is not None:
                 client = self.get_client_by_clientid(client_id=clientid, realm=realm)
                 cid = client['id']
-                composite_url = URL_CLIENT_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep["name"]))
+                composite_url = URL_CLIENT_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep["name"], safe=''))
             else:
-                composite_url = URL_REALM_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, name=quote(rolerep["name"]))
+                composite_url = URL_REALM_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, name=quote(rolerep["name"], safe=''))
             # Get existing composites
             return json.loads(to_native(open_url(
                 composite_url,
@@ -1751,9 +1758,9 @@ class KeycloakAPI(object):
             if clientid is not None:
                 client = self.get_client_by_clientid(client_id=clientid, realm=realm)
                 cid = client['id']
-                composite_url = URL_CLIENT_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep["name"]))
+                composite_url = URL_CLIENT_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep["name"], safe=''))
             else:
-                composite_url = URL_REALM_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, name=quote(rolerep["name"]))
+                composite_url = URL_REALM_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, name=quote(rolerep["name"], safe=''))
             # Get existing composites
             # create new composites
             return open_url(composite_url, method='POST', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
@@ -1768,9 +1775,9 @@ class KeycloakAPI(object):
             if clientid is not None:
                 client = self.get_client_by_clientid(client_id=clientid, realm=realm)
                 cid = client['id']
-                composite_url = URL_CLIENT_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep["name"]))
+                composite_url = URL_CLIENT_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep["name"], safe=''))
             else:
-                composite_url = URL_REALM_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, name=quote(rolerep["name"]))
+                composite_url = URL_REALM_ROLE_COMPOSITES.format(url=self.baseurl, realm=realm, name=quote(rolerep["name"], safe=''))
             # Get existing composites
             # create new composites
             return open_url(composite_url, method='DELETE', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
@@ -1835,7 +1842,7 @@ class KeycloakAPI(object):
         :param name: The name of the role.
         :param realm: The realm in which this role resides, default "master".
         """
-        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name))
+        role_url = URL_REALM_ROLE.format(url=self.baseurl, realm=realm, name=quote(name, safe=''))
         try:
             return open_url(role_url, method='DELETE', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
                             validate_certs=self.validate_certs)
@@ -1879,7 +1886,7 @@ class KeycloakAPI(object):
         if cid is None:
             self.module.fail_json(msg='Could not find client %s in realm %s'
                                       % (clientid, realm))
-        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name))
+        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name, safe=''))
         try:
             return json.loads(to_native(open_url(role_url, method="GET", http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
                                                  validate_certs=self.validate_certs).read()))
@@ -1943,7 +1950,7 @@ class KeycloakAPI(object):
         if cid is None:
             self.module.fail_json(msg='Could not find client %s in realm %s'
                                       % (clientid, realm))
-        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep['name']))
+        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(rolerep['name'], safe=''))
         try:
             composites = None
             if "composites" in rolerep:
@@ -1969,7 +1976,7 @@ class KeycloakAPI(object):
         if cid is None:
             self.module.fail_json(msg='Could not find client %s in realm %s'
                                       % (clientid, realm))
-        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name))
+        role_url = URL_CLIENT_ROLE.format(url=self.baseurl, realm=realm, id=cid, name=quote(name, safe=''))
         try:
             return open_url(role_url, method='DELETE', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
                             validate_certs=self.validate_certs)
@@ -2029,7 +2036,7 @@ class KeycloakAPI(object):
                 URL_AUTHENTICATION_FLOW_COPY.format(
                     url=self.baseurl,
                     realm=realm,
-                    copyfrom=quote(config["copyFrom"])),
+                    copyfrom=quote(config["copyFrom"], safe='')),
                 method='POST',
                 http_agent=self.http_agent, headers=self.restheaders,
                 data=json.dumps(new_name),
@@ -2103,7 +2110,7 @@ class KeycloakAPI(object):
                 URL_AUTHENTICATION_FLOW_EXECUTIONS.format(
                     url=self.baseurl,
                     realm=realm,
-                    flowalias=quote(flowAlias)),
+                    flowalias=quote(flowAlias, safe='')),
                 method='PUT',
                 http_agent=self.http_agent, headers=self.restheaders,
                 data=json.dumps(updatedExec),
@@ -2152,7 +2159,7 @@ class KeycloakAPI(object):
                 URL_AUTHENTICATION_FLOW_EXECUTIONS_FLOW.format(
                     url=self.baseurl,
                     realm=realm,
-                    flowalias=quote(flowAlias)),
+                    flowalias=quote(flowAlias, safe='')),
                 method='POST',
                 http_agent=self.http_agent, headers=self.restheaders,
                 data=json.dumps(newSubFlow),
@@ -2176,7 +2183,7 @@ class KeycloakAPI(object):
                 URL_AUTHENTICATION_FLOW_EXECUTIONS_EXECUTION.format(
                     url=self.baseurl,
                     realm=realm,
-                    flowalias=quote(flowAlias)),
+                    flowalias=quote(flowAlias, safe='')),
                 method='POST',
                 http_agent=self.http_agent, headers=self.restheaders,
                 data=json.dumps(newExec),
@@ -2236,7 +2243,7 @@ class KeycloakAPI(object):
                     URL_AUTHENTICATION_FLOW_EXECUTIONS.format(
                         url=self.baseurl,
                         realm=realm,
-                        flowalias=quote(config["alias"])),
+                        flowalias=quote(config["alias"], safe='')),
                     method='GET',
                     http_agent=self.http_agent, headers=self.restheaders,
                     timeout=self.connection_timeout,
@@ -2329,7 +2336,7 @@ class KeycloakAPI(object):
             return open_url(
                 URL_AUTHENTICATION_REQUIRED_ACTIONS_ALIAS.format(
                     url=self.baseurl,
-                    alias=quote(alias),
+                    alias=quote(alias, safe=''),
                     realm=realm
                 ),
                 method='PUT',
@@ -2356,7 +2363,7 @@ class KeycloakAPI(object):
             return open_url(
                 URL_AUTHENTICATION_REQUIRED_ACTIONS_ALIAS.format(
                     url=self.baseurl,
-                    alias=quote(alias),
+                    alias=quote(alias, safe=''),
                     realm=realm
                 ),
                 method='DELETE',
@@ -2623,7 +2630,7 @@ class KeycloakAPI(object):
 
     def get_authz_authorization_scope_by_name(self, name, client_id, realm):
         url = URL_AUTHZ_AUTHORIZATION_SCOPES.format(url=self.baseurl, client_id=client_id, realm=realm)
-        search_url = "%s/search?name=%s" % (url, quote(name))
+        search_url = "%s/search?name=%s" % (url, quote(name, safe=''))
 
         try:
             return json.loads(to_native(open_url(search_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
@@ -2678,7 +2685,9 @@ class KeycloakAPI(object):
                 open_url(
                     user_url,
                     method='GET',
-                    headers=self.restheaders))
+                    http_agent=self.http_agent, headers=self.restheaders,
+                    timeout=self.connection_timeout,
+                    validate_certs=self.validate_certs))
             return userrep
         except Exception as e:
             self.module.fail_json(msg='Could not get user %s in realm %s: %s'
@@ -2700,8 +2709,10 @@ class KeycloakAPI(object):
                 realm=realm)
             open_url(users_url,
                      method='POST',
-                     headers=self.restheaders,
-                     data=json.dumps(userrep))
+                     http_agent=self.http_agent, headers=self.restheaders,
+                     data=json.dumps(userrep),
+                     timeout=self.connection_timeout,
+                     validate_certs=self.validate_certs)
             created_user = self.get_user_by_username(
                 username=userrep['username'],
                 realm=realm)
@@ -2744,8 +2755,10 @@ class KeycloakAPI(object):
             open_url(
                 user_url,
                 method='PUT',
-                headers=self.restheaders,
-                data=json.dumps(userrep))
+                http_agent=self.http_agent, headers=self.restheaders,
+                data=json.dumps(userrep),
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
             updated_user = self.get_user_by_id(
                 user_id=userrep['id'],
                 realm=realm)
@@ -2769,7 +2782,9 @@ class KeycloakAPI(object):
             return open_url(
                 user_url,
                 method='DELETE',
-                headers=self.restheaders)
+                http_agent=self.http_agent, headers=self.restheaders,
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
         except Exception as e:
             self.module.fail_json(msg='Could not delete user %s in realm %s: %s'
                                       % (user_id, realm, str(e)))
@@ -2791,7 +2806,9 @@ class KeycloakAPI(object):
                 open_url(
                     user_groups_url,
                     method='GET',
-                    headers=self.restheaders))
+                    http_agent=self.http_agent, headers=self.restheaders,
+                    timeout=self.connection_timeout,
+                    validate_certs=self.validate_certs))
             for user_group in user_groups:
                 groups.append(user_group["name"])
             return groups
@@ -2816,7 +2833,9 @@ class KeycloakAPI(object):
             return open_url(
                 user_group_url,
                 method='PUT',
-                headers=self.restheaders)
+                http_agent=self.http_agent, headers=self.restheaders,
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
         except Exception as e:
             self.module.fail_json(msg='Could not add user %s in group %s in realm %s: %s'
                                       % (user_id, group_id, realm, str(e)))
@@ -2838,7 +2857,9 @@ class KeycloakAPI(object):
             return open_url(
                 user_group_url,
                 method='DELETE',
-                headers=self.restheaders)
+                http_agent=self.http_agent, headers=self.restheaders,
+                timeout=self.connection_timeout,
+                validate_certs=self.validate_certs)
         except Exception as e:
             self.module.fail_json(msg='Could not remove user %s from group %s in realm %s: %s'
                                       % (user_id, group_id, realm, str(e)))
@@ -2858,7 +2879,7 @@ class KeycloakAPI(object):
             groups_to_add_and_remove = self.extract_groups_to_add_to_and_remove_from_user(groups)
             # If group membership need to be changed
             if not is_struct_included(groups_to_add_and_remove['add'], user_existing_groups):
-                # Get available goups in the realm
+                # Get available groups in the realm
                 realm_groups = self.get_groups(realm=realm)
                 for realm_group in realm_groups:
                     if "name" in realm_group and realm_group["name"] in groups_to_add_and_remove['add']:
@@ -2904,6 +2925,27 @@ class KeycloakAPI(object):
                     list_of_groups.append(group_dict)
         return list_of_groups
 
+    def create_authz_custom_policy(self, policy_type, payload, client_id, realm):
+        """Create a custom policy for a Keycloak client"""
+        url = URL_AUTHZ_CUSTOM_POLICY.format(url=self.baseurl, policy_type=policy_type, client_id=client_id, realm=realm)
+
+        try:
+            return open_url(url, method='POST', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
+                            data=json.dumps(payload), validate_certs=self.validate_certs)
+        except Exception as e:
+            self.module.fail_json(msg='Could not create permission %s for client %s in realm %s: %s' % (payload['name'], client_id, realm, str(e)))
+
+    def remove_authz_custom_policy(self, policy_id, client_id, realm):
+        """Remove a custom policy from a Keycloak client"""
+        url = URL_AUTHZ_CUSTOM_POLICIES.format(url=self.baseurl, client_id=client_id, realm=realm)
+        delete_url = "%s/%s" % (url, policy_id)
+
+        try:
+            return open_url(delete_url, method='DELETE', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
+                            validate_certs=self.validate_certs)
+        except Exception as e:
+            self.module.fail_json(msg='Could not delete custom policy %s for client %s in realm %s: %s' % (id, client_id, realm, str(e)))
+
     def get_authz_permission_by_name(self, name, client_id, realm):
         """Get authorization permission by name"""
         url = URL_AUTHZ_POLICIES.format(url=self.baseurl, client_id=client_id, realm=realm)

plugins/module_utils/ldap.py

@@ -139,5 +139,7 @@ class LdapGeneric(object):
 
     def _xorder_dn(self):
         # match X_ORDERed DNs
-        regex = r"\w+=\{\d+\}.+"
-        return re.match(regex, self.module.params['dn']) is not None
+        regex = r".+\{\d+\}.+"
+        explode_dn = ldap.dn.explode_dn(self.module.params['dn'])
+
+        return re.match(regex, explode_dn[0]) is not None

plugins/module_utils/memset.py

@@ -14,8 +14,9 @@ from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type
 
 from ansible.module_utils.six.moves.urllib.parse import urlencode
-from ansible.module_utils.urls import open_url, urllib_error
+from ansible.module_utils.urls import open_url
 from ansible.module_utils.basic import json
+import ansible.module_utils.six.moves.urllib.error as urllib_error
 
 
 class Response(object):
@@ -78,7 +79,7 @@ def memset_api_call(api_key, api_method, payload=None):
             msg = "Memset API returned an error ({0}, {1})." . format(response.json()['error_type'], response.json()['error'])
     except urllib_error.URLError as e:
         has_failed = True
-        msg = "An URLError occured ({0})." . format(type(e))
+        msg = "An URLError occurred ({0})." . format(type(e))
         response.stderr = "{0}" . format(e)
 
     if msg is None:

plugins/module_utils/net_tools/pritunl/api.py

@@ -79,7 +79,7 @@ def _post_pritunl_organization(
         api_secret=api_secret,
         base_url=base_url,
         method="POST",
-        path="/organization/%s",
+        path="/organization",
         headers={"Content-Type": "application/json"},
         data=json.dumps(organization_data),
         validate_certs=validate_certs,
@@ -220,7 +220,7 @@ def post_pritunl_organization(
         api_secret=api_secret,
         base_url=base_url,
         organization_data={"name": organization_name},
-        validate_certs=True,
+        validate_certs=validate_certs,
     )
 
     if response.getcode() != 200:
@@ -248,7 +248,7 @@ def post_pritunl_user(
             base_url=base_url,
             organization_id=organization_id,
             user_data=user_data,
-            validate_certs=True,
+            validate_certs=validate_certs,
         )
 
         if response.getcode() != 200:
@@ -267,7 +267,7 @@ def post_pritunl_user(
             organization_id=organization_id,
             user_data=user_data,
             user_id=user_id,
-            validate_certs=True,
+            validate_certs=validate_certs,
         )
 
         if response.getcode() != 200:
@@ -287,7 +287,7 @@ def delete_pritunl_organization(
         api_secret=api_secret,
         base_url=base_url,
         organization_id=organization_id,
-        validate_certs=True,
+        validate_certs=validate_certs,
     )
 
     if response.getcode() != 200:
@@ -307,7 +307,7 @@ def delete_pritunl_user(
         base_url=base_url,
         organization_id=organization_id,
         user_id=user_id,
-        validate_certs=True,
+        validate_certs=validate_certs,
     )
 
     if response.getcode() != 200:
@@ -331,7 +331,7 @@ def pritunl_auth_request(
 ):
     """
     Send an API call to a Pritunl server.
-    Taken from https://pritunl.com/api and adaped work with Ansible open_url
+    Taken from https://pritunl.com/api and adapted to work with Ansible open_url
     """
     auth_timestamp = str(int(time.time()))
     auth_nonce = uuid.uuid4().hex

plugins/module_utils/ocapi_utils.py

@@ -432,7 +432,7 @@ class OcapiUtils(object):
             else:
                 return response
         details = response["data"]["Status"].get("Details")
-        if type(details) is str:
+        if isinstance(details, str):
             details = [details]
         health_list = response["data"]["Status"]["Health"]
         return_value = {

plugins/module_utils/oracle/oci_utils.py

@@ -434,7 +434,7 @@ def check_and_update_attributes(
     target_instance, attr_name, input_value, existing_value, changed
 ):
     """
-    This function checks the difference between two resource attributes of literal types and sets the attrbute
+    This function checks the difference between two resource attributes of literal types and sets the attribute
     value in the target instance type holding the attribute.
     :param target_instance: The instance which contains the attribute whose values to be compared
     :param attr_name: Name of the attribute whose value required to be compared
@@ -561,7 +561,7 @@ def are_lists_equal(s, t):
     if s is None and t is None:
         return True
 
-    if (s is None and len(t) >= 0) or (t is None and len(s) >= 0) or (len(s) != len(t)):
+    if s is None or t is None or (len(s) != len(t)):
         return False
 
     if len(s) == 0:
@@ -570,7 +570,7 @@ def are_lists_equal(s, t):
     s = to_dict(s)
     t = to_dict(t)
 
-    if type(s[0]) == dict:
+    if isinstance(s[0], dict):
         # Handle list of dicts. Dictionary returned by the API may have additional keys. For example, a get call on
         # service gateway has an attribute `services` which is a list of `ServiceIdResponseDetails`. This has a key
         # `service_name` which is not provided in the list of `services` by a user while making an update call; only
@@ -604,9 +604,9 @@ def get_attr_to_update(get_fn, kwargs_get, module, update_attributes):
         user_provided_attr_value = module.params.get(attr, None)
 
         unequal_list_attr = (
-            type(resources_attr_value) == list or type(user_provided_attr_value) == list
+            isinstance(resources_attr_value, list) or isinstance(user_provided_attr_value, list)
         ) and not are_lists_equal(user_provided_attr_value, resources_attr_value)
-        unequal_attr = type(resources_attr_value) != list and to_dict(
+        unequal_attr = not isinstance(resources_attr_value, list) and to_dict(
             resources_attr_value
         ) != to_dict(user_provided_attr_value)
         if unequal_list_attr or unequal_attr:
@@ -785,7 +785,7 @@ def _get_attributes_to_consider(exclude_attributes, model, module):
         attributes_to_consider = list(model.attribute_map)
         if "freeform_tags" in attributes_to_consider:
             attributes_to_consider.remove("freeform_tags")
-        # Temporarily removing node_count as the exisiting resource does not reflect it
+        # Temporarily removing node_count as the existing resource does not reflect it
         if "node_count" in attributes_to_consider:
             attributes_to_consider.remove("node_count")
     _debug("attributes to consider: {0}".format(attributes_to_consider))
@@ -936,9 +936,9 @@ def tuplize(d):
     list_of_tuples = []
     key_list = sorted(list(d.keys()))
     for key in key_list:
-        if type(d[key]) == list:
+        if isinstance(d[key], list):
             # Convert a value which is itself a list of dict to a list of tuples.
-            if d[key] and type(d[key][0]) == dict:
+            if d[key] and isinstance(d[key][0], dict):
                 sub_tuples = []
                 for sub_dict in d[key]:
                     sub_tuples.append(tuplize(sub_dict))
@@ -948,7 +948,7 @@ def tuplize(d):
                 list_of_tuples.append((sub_tuples is None, key, sub_tuples))
             else:
                 list_of_tuples.append((d[key] is None, key, d[key]))
-        elif type(d[key]) == dict:
+        elif isinstance(d[key], dict):
             tupled_value = tuplize(d[key])
             list_of_tuples.append((tupled_value is None, key, tupled_value))
         else:
@@ -969,13 +969,13 @@ def sort_dictionary(d):
     """
     sorted_d = {}
     for key in d:
-        if type(d[key]) == list:
-            if d[key] and type(d[key][0]) == dict:
+        if isinstance(d[key], list):
+            if d[key] and isinstance(d[key][0], dict):
                 sorted_value = sort_list_of_dictionary(d[key])
                 sorted_d[key] = sorted_value
             else:
                 sorted_d[key] = sorted(d[key])
-        elif type(d[key]) == dict:
+        elif isinstance(d[key], dict):
             sorted_d[key] = sort_dictionary(d[key])
         else:
             sorted_d[key] = d[key]
@@ -1026,10 +1026,7 @@ def check_if_user_value_matches_resources_attr(
             return
 
         if (
-            resources_value_for_attr is None
-            and len(user_provided_value_for_attr) >= 0
-            or user_provided_value_for_attr is None
-            and len(resources_value_for_attr) >= 0
+            resources_value_for_attr is None or user_provided_value_for_attr is None
         ):
             res[0] = False
             return
@@ -1044,7 +1041,7 @@ def check_if_user_value_matches_resources_attr(
 
         if (
             user_provided_value_for_attr
-            and type(user_provided_value_for_attr[0]) == dict
+            and isinstance(user_provided_value_for_attr[0], dict)
         ):
             # Process a list of dict
             sorted_user_provided_value_for_attr = sort_list_of_dictionary(
@@ -1532,7 +1529,7 @@ def delete_and_wait(
                                 result[resource_type] = resource
                                 return result
                         # oci.wait_until() returns an instance of oci.util.Sentinel in case the resource is not found.
-                        if type(wait_response) is not Sentinel:
+                        if not isinstance(wait_response, Sentinel):
                             resource = to_dict(wait_response.data)
                         else:
                             resource["lifecycle_state"] = "DELETED"
@@ -1547,7 +1544,7 @@ def delete_and_wait(
     except ServiceError as ex:
         # DNS API throws a 400 InvalidParameter when a zone id is provided for zone_name_or_id and if the zone
         # resource is not available, instead of the expected 404. So working around this for now.
-        if type(client) == oci.dns.DnsClient:
+        if isinstance(client, oci.dns.DnsClient):
             if ex.status == 400 and ex.code == "InvalidParameter":
                 _debug(
                     "Resource {0} with {1} already deleted. So returning changed=False".format(
@@ -1774,7 +1771,7 @@ def update_class_type_attr_difference(
 ):
     """
     Checks the difference and updates an attribute which is represented by a class
-    instance. Not aplicable if the attribute type is a primitive value.
+    instance. Not applicable if the attribute type is a primitive value.
     For example, if a class name is A with an attribute x, then if A.x = X(), then only
     this method works.
     :param update_class_details The instance which should be updated if there is change in
@@ -1936,7 +1933,7 @@ def get_target_resource_from_list(
     module, list_resource_fn, target_resource_id=None, **kwargs
 ):
     """
-    Returns a resource filtered by identifer from a list of resources. This method should be
+    Returns a resource filtered by identifier from a list of resources. This method should be
     used as an alternative of 'get resource' method when 'get resource' is nor provided by
     resource api. This method returns a wrapper of response object but that should not be
     used as an input to 'wait_until' utility as this is only a partial wrapper of response object.

plugins/module_utils/pipx.py

@@ -42,7 +42,7 @@ def pipx_runner(module, command, **kwargs):
             system_site_packages=fmt.as_bool("--system-site-packages"),
             _list=fmt.as_fixed(['list', '--include-injected', '--json']),
             editable=fmt.as_bool("--editable"),
-            pip_args=fmt.as_opt_val('--pip-args'),
+            pip_args=fmt.as_opt_eq_val('--pip-args'),
         ),
         environ_update={'USE_EMOJI': '0'},
         check_rc=True,

plugins/module_utils/proxmox.py

@@ -80,8 +80,8 @@ class ProxmoxAnsible(object):
             module.fail_json(msg=missing_required_lib('proxmoxer'), exception=PROXMOXER_IMP_ERR)
 
         self.module = module
-        self.proxmox_api = self._connect()
         self.proxmoxer_version = proxmoxer_version
+        self.proxmox_api = self._connect()
         # Test token validity
         try:
             self.proxmox_api.version.get()
@@ -100,7 +100,7 @@ class ProxmoxAnsible(object):
         if api_password:
             auth_args['password'] = api_password
         else:
-            if self.version() < LooseVersion('1.1.0'):
+            if self.proxmoxer_version < LooseVersion('1.1.0'):
                 self.module.fail_json('Using "token_name" and "token_value" require proxmoxer>=1.1.0')
             auth_args['token_name'] = api_token_id
             auth_args['token_value'] = api_token_secret

plugins/module_utils/redfish_utils.py

@@ -10,6 +10,8 @@ import json
 import os
 import random
 import string
+import gzip
+from io import BytesIO
 from ansible.module_utils.urls import open_url
 from ansible.module_utils.common.text.converters import to_native
 from ansible.module_utils.common.text.converters import to_text
@@ -18,6 +20,8 @@ from ansible.module_utils.six import text_type
 from ansible.module_utils.six.moves import http_client
 from ansible.module_utils.six.moves.urllib.error import URLError, HTTPError
 from ansible.module_utils.six.moves.urllib.parse import urlparse
+from ansible.module_utils.ansible_release import __version__ as ansible_version
+from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
 
 GET_HEADERS = {'accept': 'application/json', 'OData-Version': '4.0'}
 POST_HEADERS = {'content-type': 'application/json', 'accept': 'application/json',
@@ -128,8 +132,10 @@ class RedfishUtils(object):
         return resp
 
     # The following functions are to send GET/POST/PATCH/DELETE requests
-    def get_request(self, uri):
+    def get_request(self, uri, override_headers=None, allow_no_resp=False):
         req_headers = dict(GET_HEADERS)
+        if override_headers:
+            req_headers.update(override_headers)
         username, password, basic_auth = self._auth_params(req_headers)
         try:
             # Service root is an unauthenticated resource; remove credentials
@@ -141,8 +147,19 @@ class RedfishUtils(object):
                             force_basic_auth=basic_auth, validate_certs=False,
                             follow_redirects='all',
                             use_proxy=True, timeout=self.timeout)
-            data = json.loads(to_native(resp.read()))
             headers = dict((k.lower(), v) for (k, v) in resp.info().items())
+            try:
+                if headers.get('content-encoding') == 'gzip' and LooseVersion(ansible_version) < LooseVersion('2.14'):
+                    # Older versions of Ansible do not automatically decompress the data
+                    # Starting in 2.14, open_url will decompress the response data by default
+                    data = json.loads(to_native(gzip.open(BytesIO(resp.read()), 'rt', encoding='utf-8').read()))
+                else:
+                    data = json.loads(to_native(resp.read()))
+            except Exception as e:
+                # No response data; this is okay in certain cases
+                data = None
+                if not allow_no_resp:
+                    raise
         except HTTPError as e:
             msg = self._get_extended_message(e)
             return {'ret': False,
@@ -318,7 +335,7 @@ class RedfishUtils(object):
         found in ansible.module_utils.urls, but it takes files and encodes them
         as Base64 strings, which is not expected by Redfish services.  It also
         adds escaping of certain bytes in the payload, such as inserting '\r'
-        any time it finds a standlone '\n', which corrupts the image payload
+        any time it finds a standalone '\n', which corrupts the image payload
         send to the service.  This implementation is simplified to Redfish's
         usage and doesn't necessarily represent an exhaustive method of
         building multipart requests.
@@ -717,7 +734,8 @@ class RedfishUtils(object):
         properties = ['CacheSummary', 'FirmwareVersion', 'Identifiers',
                       'Location', 'Manufacturer', 'Model', 'Name', 'Id',
                       'PartNumber', 'SerialNumber', 'SpeedGbps', 'Status']
-        key = "StorageControllers"
+        key = "Controllers"
+        deprecated_key = "StorageControllers"
 
         # Find Storage service
         response = self.get_request(self.root_uri + systems_uri)
@@ -745,7 +763,30 @@ class RedfishUtils(object):
                 data = response['data']
 
                 if key in data:
-                    controller_list = data[key]
+                    controllers_uri = data[key][u'@odata.id']
+
+                    response = self.get_request(self.root_uri + controllers_uri)
+                    if response['ret'] is False:
+                        return response
+                    result['ret'] = True
+                    data = response['data']
+
+                    if data[u'Members']:
+                        for controller_member in data[u'Members']:
+                            controller_member_uri = controller_member[u'@odata.id']
+                            response = self.get_request(self.root_uri + controller_member_uri)
+                            if response['ret'] is False:
+                                return response
+                            result['ret'] = True
+                            data = response['data']
+
+                            controller_result = {}
+                            for property in properties:
+                                if property in data:
+                                    controller_result[property] = data[property]
+                            controller_results.append(controller_result)
+                elif deprecated_key in data:
+                    controller_list = data[deprecated_key]
                     for controller in controller_list:
                         controller_result = {}
                         for property in properties:
@@ -767,7 +808,7 @@ class RedfishUtils(object):
         properties = ['BlockSizeBytes', 'CapableSpeedGbs', 'CapacityBytes',
                       'EncryptionAbility', 'EncryptionStatus',
                       'FailurePredicted', 'HotspareType', 'Id', 'Identifiers',
-                      'Manufacturer', 'MediaType', 'Model', 'Name',
+                      'Links', 'Manufacturer', 'MediaType', 'Model', 'Name',
                       'PartNumber', 'PhysicalLocation', 'Protocol', 'Revision',
                       'RotationSpeedRPM', 'SerialNumber', 'Status']
 
@@ -800,7 +841,25 @@ class RedfishUtils(object):
                         return response
                     data = response['data']
                     controller_name = 'Controller 1'
-                    if 'StorageControllers' in data:
+                    if 'Controllers' in data:
+                        controllers_uri = data['Controllers'][u'@odata.id']
+
+                        response = self.get_request(self.root_uri + controllers_uri)
+                        if response['ret'] is False:
+                            return response
+                        result['ret'] = True
+                        cdata = response['data']
+
+                        if cdata[u'Members']:
+                            controller_member_uri = cdata[u'Members'][0][u'@odata.id']
+
+                            response = self.get_request(self.root_uri + controller_member_uri)
+                            if response['ret'] is False:
+                                return response
+                            result['ret'] = True
+                            cdata = response['data']
+                            controller_name = cdata['Name']
+                    elif 'StorageControllers' in data:
                         sc = data['StorageControllers']
                         if sc:
                             if 'Name' in sc[0]:
@@ -819,7 +878,12 @@ class RedfishUtils(object):
                             for property in properties:
                                 if property in data:
                                     if data[property] is not None:
-                                        drive_result[property] = data[property]
+                                        if property == "Links":
+                                            if "Volumes" in data["Links"].keys():
+                                                volumes = [v["@odata.id"] for v in data["Links"]["Volumes"]]
+                                                drive_result["Volumes"] = volumes
+                                        else:
+                                            drive_result[property] = data[property]
                             drive_results.append(drive_result)
                     drives = {'Controller': controller_name,
                               'Drives': drive_results}
@@ -904,15 +968,7 @@ class RedfishUtils(object):
                         return response
                     data = response['data']
                     controller_name = 'Controller %s' % str(idx)
-                    if 'StorageControllers' in data:
-                        sc = data['StorageControllers']
-                        if sc:
-                            if 'Name' in sc[0]:
-                                controller_name = sc[0]['Name']
-                            else:
-                                sc_id = sc[0].get('Id', '1')
-                                controller_name = 'Controller %s' % sc_id
-                    elif 'Controllers' in data:
+                    if 'Controllers' in data:
                         response = self.get_request(self.root_uri + data['Controllers'][u'@odata.id'])
                         if response['ret'] is False:
                             return response
@@ -930,6 +986,14 @@ class RedfishUtils(object):
                                 else:
                                     controller_id = member_data.get('Id', '1')
                                     controller_name = 'Controller %s' % controller_id
+                    elif 'StorageControllers' in data:
+                        sc = data['StorageControllers']
+                        if sc:
+                            if 'Name' in sc[0]:
+                                controller_name = sc[0]['Name']
+                            else:
+                                sc_id = sc[0].get('Id', '1')
+                                controller_name = 'Controller %s' % sc_id
                     volume_results = []
                     volume_list = []
                     if 'Volumes' in data:
@@ -1032,7 +1096,12 @@ class RedfishUtils(object):
         # command should be PowerOn, PowerForceOff, etc.
         if not command.startswith('Power'):
             return {'ret': False, 'msg': 'Invalid Command (%s)' % command}
-        reset_type = command[5:]
+
+        # Commands (except PowerCycle) will be stripped of the 'Power' prefix
+        if command == 'PowerCycle':
+            reset_type = command
+        else:
+            reset_type = command[5:]
 
         # map Reboot to a ResetType that does a reboot
         if reset_type == 'Reboot':
@@ -1499,29 +1568,37 @@ class RedfishUtils(object):
 
     def _software_inventory(self, uri):
         result = {}
-        response = self.get_request(self.root_uri + uri)
-        if response['ret'] is False:
-            return response
-        result['ret'] = True
-        data = response['data']
-
         result['entries'] = []
-        for member in data[u'Members']:
-            uri = self.root_uri + member[u'@odata.id']
-            # Get details for each software or firmware member
-            response = self.get_request(uri)
+
+        while uri:
+            response = self.get_request(self.root_uri + uri)
             if response['ret'] is False:
                 return response
             result['ret'] = True
+
             data = response['data']
-            software = {}
-            # Get these standard properties if present
-            for key in ['Name', 'Id', 'Status', 'Version', 'Updateable',
-                        'SoftwareId', 'LowestSupportedVersion', 'Manufacturer',
-                        'ReleaseDate']:
-                if key in data:
-                    software[key] = data.get(key)
-            result['entries'].append(software)
+            if data.get('Members@odata.nextLink'):
+                uri = data.get('Members@odata.nextLink')
+            else:
+                uri = None
+
+            for member in data[u'Members']:
+                fw_uri = self.root_uri + member[u'@odata.id']
+                # Get details for each software or firmware member
+                response = self.get_request(fw_uri)
+                if response['ret'] is False:
+                    return response
+                result['ret'] = True
+                data = response['data']
+                software = {}
+                # Get these standard properties if present
+                for key in ['Name', 'Id', 'Status', 'Version', 'Updateable',
+                            'SoftwareId', 'LowestSupportedVersion', 'Manufacturer',
+                            'ReleaseDate']:
+                    if key in data:
+                        software[key] = data.get(key)
+                result['entries'].append(software)
+
         return result
 
     def get_firmware_inventory(self):
@@ -1589,7 +1666,10 @@ class RedfishUtils(object):
 
             # Scan the messages to see if next steps are needed
             for message in operation_results['messages']:
-                message_id = message['MessageId']
+                message_id = message.get('MessageId')
+                if message_id is None:
+                    # While this is invalid, treat the lack of a MessageId as "no message"
+                    continue
 
                 if message_id.startswith('Update.1.') and message_id.endswith('.OperationTransitionedToJob'):
                     # Operation rerouted to a job; update the status and handle
@@ -1685,6 +1765,7 @@ class RedfishUtils(object):
         image_file = update_opts.get('update_image_file')
         targets = update_opts.get('update_targets')
         apply_time = update_opts.get('update_apply_time')
+        oem_params = update_opts.get('update_oem_params')
 
         # Ensure the image file is provided
         if not image_file:
@@ -1715,6 +1796,8 @@ class RedfishUtils(object):
             payload["Targets"] = targets
         if apply_time:
             payload["@Redfish.OperationApplyTime"] = apply_time
+        if oem_params:
+            payload["Oem"] = oem_params
         multipart_payload = {
             'UpdateParameters': {'content': json.dumps(payload), 'mime_type': 'application/json'},
             'UpdateFile': {'filename': image_file, 'content': image_payload, 'mime_type': 'application/octet-stream'}
@@ -1738,7 +1821,7 @@ class RedfishUtils(object):
             return {'ret': False, 'msg': 'Must provide a handle tracking the update.'}
 
         # Get the task or job tracking the update
-        response = self.get_request(self.root_uri + update_handle)
+        response = self.get_request(self.root_uri + update_handle, allow_no_resp=True)
         if response['ret'] is False:
             return response
 
@@ -2400,7 +2483,7 @@ class RedfishUtils(object):
         result = {}
         properties = ['Name', 'Id', 'Description', 'FQDN', 'IPv4Addresses', 'IPv6Addresses',
                       'NameServers', 'MACAddress', 'PermanentMACAddress',
-                      'SpeedMbps', 'MTUSize', 'AutoNeg', 'Status']
+                      'SpeedMbps', 'MTUSize', 'AutoNeg', 'Status', 'LinkStatus']
         response = self.get_request(self.root_uri + resource_uri)
         if response['ret'] is False:
             return response
@@ -2832,8 +2915,7 @@ class RedfishUtils(object):
 
         # Get a list of all Chassis and build URIs, then get all PowerSupplies
         # from each Power entry in the Chassis
-        chassis_uri_list = self.chassis_uris
-        for chassis_uri in chassis_uri_list:
+        for chassis_uri in self.chassis_uris:
             response = self.get_request(self.root_uri + chassis_uri)
             if response['ret'] is False:
                 return response
@@ -3289,7 +3371,7 @@ class RedfishUtils(object):
         result = {}
         inventory = {}
         # Get these entries, but does not fail if not found
-        properties = ['FirmwareVersion', 'ManagerType', 'Manufacturer', 'Model',
+        properties = ['Id', 'FirmwareVersion', 'ManagerType', 'Manufacturer', 'Model',
                       'PartNumber', 'PowerState', 'SerialNumber', 'Status', 'UUID']
 
         response = self.get_request(self.root_uri + manager_uri)
@@ -3372,34 +3454,285 @@ class RedfishUtils(object):
 
         return self.patch_request(self.root_uri + secure_boot_url, body, check_pyld=True)
 
+    def set_secure_boot(self, secure_boot_enable):
+        # This function enable Secure Boot on an OOB controller
+
+        response = self.get_request(self.root_uri + self.systems_uri)
+        if response["ret"] is False:
+            return response
+
+        server_details = response["data"]
+        secure_boot_url = server_details["SecureBoot"]["@odata.id"]
+
+        response = self.get_request(self.root_uri + secure_boot_url)
+        if response["ret"] is False:
+            return response
+
+        body = {}
+        body["SecureBootEnable"] = secure_boot_enable
+
+        return self.patch_request(self.root_uri + secure_boot_url, body, check_pyld=True)
+
     def get_hpe_thermal_config(self):
         result = {}
         key = "Thermal"
         # Go through list
-        for chassis_uri in self.chassis_uri_list:
+        for chassis_uri in self.chassis_uris:
             response = self.get_request(self.root_uri + chassis_uri)
             if response['ret'] is False:
                 return response
             result['ret'] = True
             data = response['data']
-            oem = data.get['Oem']
-            hpe = oem.get['Hpe']
-            thermal_config = hpe.get('ThermalConfiguration')
-        result["current_thermal_config"] = thermal_config
-        return result
+            val = data.get('Oem', {}).get('Hpe', {}).get('ThermalConfiguration')
+            if val is not None:
+                return {"ret": True, "current_thermal_config": val}
+        return {"ret": False}
 
     def get_hpe_fan_percent_min(self):
         result = {}
         key = "Thermal"
         # Go through list
-        for chassis_uri in self.chassis_uri_list:
+        for chassis_uri in self.chassis_uris:
             response = self.get_request(self.root_uri + chassis_uri)
             if response['ret'] is False:
                 return response
-            result['ret'] = True
             data = response['data']
-            oem = data.get['Oem']
-            hpe = oem.get['Hpe']
-            fan_percent_min_config = hpe.get('FanPercentMinimum')
-        result["fan_percent_min"] = fan_percent_min_config
-        return result
+            val = data.get('Oem', {}).get('Hpe', {}).get('FanPercentMinimum')
+            if val is not None:
+                return {"ret": True, "fan_percent_min": val}
+        return {"ret": False}
+
+    def delete_volumes(self, storage_subsystem_id, volume_ids):
+        # Find the Storage resource from the requested ComputerSystem resource
+        response = self.get_request(self.root_uri + self.systems_uri)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+        storage_uri = data.get('Storage', {}).get('@odata.id')
+        if storage_uri is None:
+            return {'ret': False, 'msg': 'Storage resource not found'}
+
+        # Get Storage Collection
+        response = self.get_request(self.root_uri + storage_uri)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+
+        # Collect Storage Subsystems
+        self.storage_subsystems_uris = [i['@odata.id'] for i in response['data'].get('Members', [])]
+        if not self.storage_subsystems_uris:
+            return {
+                'ret': False,
+                'msg': "StorageCollection's Members array is either empty or missing"}
+
+        # Matching Storage Subsystem ID with user input
+        self.storage_subsystem_uri = ""
+        for storage_subsystem_uri in self.storage_subsystems_uris:
+            if storage_subsystem_uri.split("/")[-2] == storage_subsystem_id:
+                self.storage_subsystem_uri = storage_subsystem_uri
+
+        if not self.storage_subsystem_uri:
+            return {
+                'ret': False,
+                'msg': "Provided Storage Subsystem ID %s does not exist on the server" % storage_subsystem_id}
+
+        # Get Volume Collection
+        response = self.get_request(self.root_uri + self.storage_subsystem_uri)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+
+        response = self.get_request(self.root_uri + data['Volumes']['@odata.id'])
+        if response['ret'] is False:
+            return response
+        data = response['data']
+
+        # Collect Volumes
+        self.volume_uris = [i['@odata.id'] for i in response['data'].get('Members', [])]
+        if not self.volume_uris:
+            return {
+                'ret': True, 'changed': False,
+                'msg': "VolumeCollection's Members array is either empty or missing"}
+
+        # Delete each volume
+        for volume in self.volume_uris:
+            if volume.split("/")[-1] in volume_ids:
+                response = self.delete_request(self.root_uri + volume)
+                if response['ret'] is False:
+                    return response
+
+        return {'ret': True, 'changed': True,
+                'msg': "The following volumes were deleted: %s" % str(volume_ids)}
+
+    def create_volume(self, volume_details, storage_subsystem_id):
+        # Find the Storage resource from the requested ComputerSystem resource
+        response = self.get_request(self.root_uri + self.systems_uri)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+        storage_uri = data.get('Storage', {}).get('@odata.id')
+        if storage_uri is None:
+            return {'ret': False, 'msg': 'Storage resource not found'}
+
+        # Get Storage Collection
+        response = self.get_request(self.root_uri + storage_uri)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+
+        # Collect Storage Subsystems
+        self.storage_subsystems_uris = [i['@odata.id'] for i in response['data'].get('Members', [])]
+        if not self.storage_subsystems_uris:
+            return {
+                'ret': False,
+                'msg': "StorageCollection's Members array is either empty or missing"}
+
+        # Matching Storage Subsystem ID with user input
+        self.storage_subsystem_uri = ""
+        for storage_subsystem_uri in self.storage_subsystems_uris:
+            if storage_subsystem_uri.split("/")[-2] == storage_subsystem_id:
+                self.storage_subsystem_uri = storage_subsystem_uri
+
+        if not self.storage_subsystem_uri:
+            return {
+                'ret': False,
+                'msg': "Provided Storage Subsystem ID %s does not exist on the server" % storage_subsystem_id}
+
+        # Validate input parameters
+        required_parameters = ['RAIDType', 'Drives', 'CapacityBytes']
+        allowed_parameters = ['DisplayName', 'InitializeMethod', 'MediaSpanCount',
+                              'Name', 'ReadCachePolicy', 'StripSizeBytes', 'VolumeUsage', 'WriteCachePolicy']
+
+        for parameter in required_parameters:
+            if not volume_details.get(parameter):
+                return {
+                    'ret': False,
+                    'msg': "%s are required parameter to create a volume" % str(required_parameters)}
+
+        # Navigate to the volume uri of the correct storage subsystem
+        response = self.get_request(self.root_uri + self.storage_subsystem_uri)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+
+        # Deleting any volumes of RAIDType None present on the Storage Subsystem
+        response = self.get_request(self.root_uri + data['Volumes']['@odata.id'])
+        if response['ret'] is False:
+            return response
+        volume_data = response['data']
+
+        if "Members" in volume_data:
+            for member in volume_data["Members"]:
+                response = self.get_request(self.root_uri + member['@odata.id'])
+                if response['ret'] is False:
+                    return response
+                member_data = response['data']
+
+                if member_data["RAIDType"] == "None":
+                    response = self.delete_request(self.root_uri + member['@odata.id'])
+                    if response['ret'] is False:
+                        return response
+
+        # Construct payload and issue POST command to create volume
+        volume_details["Links"] = {}
+        volume_details["Links"]["Drives"] = []
+        for drive in volume_details["Drives"]:
+            volume_details["Links"]["Drives"].append({"@odata.id": drive})
+        del volume_details["Drives"]
+        payload = volume_details
+        response = self.post_request(self.root_uri + data['Volumes']['@odata.id'], payload)
+        if response['ret'] is False:
+            return response
+
+        return {'ret': True, 'changed': True,
+                'msg': "Volume Created"}
+
+    def get_bios_registries(self):
+        # Get /redfish/v1
+        response = self.get_request(self.root_uri + self.systems_uri)
+        if not response["ret"]:
+            return response
+
+        server_details = response["data"]
+
+        # Get Registries URI
+        if "Bios" not in server_details:
+            msg = "Getting BIOS URI failed, Key 'Bios' not found in /redfish/v1/Systems/1/ response: %s"
+            return {
+                "ret": False,
+                "msg": msg % str(server_details)
+            }
+
+        bios_uri = server_details["Bios"]["@odata.id"]
+        bios_resp = self.get_request(self.root_uri + bios_uri)
+        if not bios_resp["ret"]:
+            return bios_resp
+
+        bios_data = bios_resp["data"]
+        attribute_registry = bios_data["AttributeRegistry"]
+
+        reg_uri = self.root_uri + self.service_root + "Registries/" + attribute_registry
+        reg_resp = self.get_request(reg_uri)
+        if not reg_resp["ret"]:
+            return reg_resp
+
+        reg_data = reg_resp["data"]
+
+        # Get BIOS attribute registry URI
+        lst = []
+
+        # Get the location URI
+        response = self.check_location_uri(reg_data, reg_uri)
+        if not response["ret"]:
+            return response
+
+        rsp_data, rsp_uri = response["rsp_data"], response["rsp_uri"]
+
+        if "RegistryEntries" not in rsp_data:
+            return {
+                "msg": "'RegistryEntries' not present in %s response, %s" % (rsp_uri, str(rsp_data)),
+                "ret": False
+            }
+
+        return {
+            "bios_registry": rsp_data,
+            "bios_registry_uri": rsp_uri,
+            "ret": True
+        }
+
+    def check_location_uri(self, resp_data, resp_uri):
+        # Get the location URI response
+        # return {"msg": self.creds, "ret": False}
+        vendor = self._get_vendor()['Vendor']
+        rsp_uri = ""
+        for loc in resp_data['Location']:
+            if loc['Language'] == "en":
+                rsp_uri = loc['Uri']
+                if vendor == 'HPE':
+                    # WORKAROUND
+                    # HPE systems with iLO 4 will have BIOS Attribute Registries location URI as a dictionary with key 'extref'
+                    # Hence adding condition to fetch the Uri
+                    if isinstance(loc['Uri'], dict) and "extref" in loc['Uri'].keys():
+                        rsp_uri = loc['Uri']['extref']
+        if not rsp_uri:
+            msg = "Language 'en' not found in BIOS Attribute Registries location, URI: %s, response: %s"
+            return {
+                "ret": False,
+                "msg": msg % (resp_uri, str(resp_data))
+            }
+
+        res = self.get_request(self.root_uri + rsp_uri)
+        if res['ret'] is False:
+            # WORKAROUND
+            # HPE systems with iLO 4 or iLO5 compresses (gzip) for some URIs
+            # Hence adding encoding to the header
+            if vendor == 'HPE':
+                override_headers = {"Accept-Encoding": "gzip"}
+                res = self.get_request(self.root_uri + rsp_uri, override_headers=override_headers)
+        if res['ret']:
+            return {
+                "ret": True,
+                "rsp_data": res["data"],
+                "rsp_uri": rsp_uri
+            }
+        return res

plugins/module_utils/rundeck.py

@@ -72,7 +72,9 @@ def api_request(module, endpoint, data=None, method="GET"):
     if info["status"] == 403:
         module.fail_json(msg="Token authorization failed",
                          execution_info=json.loads(info["body"]))
-    if info["status"] == 409:
+    elif info["status"] == 404:
+        return None, info
+    elif info["status"] == 409:
         module.fail_json(msg="Job executions limit reached",
                          execution_info=json.loads(info["body"]))
     elif info["status"] >= 500:

plugins/module_utils/scaleway.py

@@ -303,7 +303,7 @@ class Scaleway(object):
         wait_timeout = self.module.params["wait_timeout"]
         wait_sleep_time = self.module.params["wait_sleep_time"]
 
-        # Prevent requesting the ressource status too soon
+        # Prevent requesting the resource status too soon
         time.sleep(wait_sleep_time)
 
         start = datetime.datetime.utcnow()

plugins/module_utils/vardict.py

@@ -49,7 +49,7 @@ class _Variable(object):
             output (bool, optional): flag indicating whether the variable should be in the output of the module. Defaults to None.
             diff (bool, optional): flag indicating whether to generate diff mode output for this variable. Defaults to None.
             change (bool, optional): flag indicating whether to track if changes happened to this variable. Defaults to None.
-            fact (bool, optional): flag indicating whether the varaiable should be exposed as a fact of the module. Defaults to None.
+            fact (bool, optional): flag indicating whether the variable should be exposed as a fact of the module. Defaults to None.
             initial_value (any, optional): initial value of the variable, to be used with `change`. Defaults to NOTHING.
             verbosity (int, optional): level of verbosity in which this variable is reported by the module as `output`, `fact` or `diff`. Defaults to None.
         """
@@ -127,7 +127,7 @@ class VarDict(object):
             output (bool, optional): flag indicating whether the variable should be in the output of the module. Defaults to None.
             diff (bool, optional): flag indicating whether to generate diff mode output for this variable. Defaults to None.
             change (bool, optional): flag indicating whether to track if changes happened to this variable. Defaults to None.
-            fact (bool, optional): flag indicating whether the varaiable should be exposed as a fact of the module. Defaults to None.
+            fact (bool, optional): flag indicating whether the variable should be exposed as a fact of the module. Defaults to None.
             initial_value (any, optional): initial value of the variable, to be used with `change`. Defaults to NOTHING.
             verbosity (int, optional): level of verbosity in which this variable is reported by the module as `output`, `fact` or `diff`. Defaults to None.
         """

plugins/module_utils/wdc_redfish_utils.py

@@ -182,7 +182,7 @@ class WdcRedfishUtils(RedfishUtils):
 
         :param str bundle_uri:  HTTP URI of the firmware bundle.
         :return: Firmware version number contained in the bundle, and whether or not the bundle is multi-tenant.
-        Either value will be None if unable to deterine.
+        Either value will be None if unable to determine.
         :rtype: str or None, bool or None
         """
         bundle_temp_filename = fetch_file(module=self.module,

plugins/modules/aix_filesystem.py

@@ -38,8 +38,8 @@ options:
     type: list
     elements: str
     default:
-      - agblksize='4096'
-      - isnapshot='no'
+      - agblksize=4096
+      - isnapshot=no
   auto_mount:
     description:
       - File system is automatically mounted at system restart.
@@ -365,7 +365,53 @@ def create_fs(
         # Creates a LVM file system.
         crfs_cmd = module.get_bin_path('crfs', True)
         if not module.check_mode:
-            cmd = [crfs_cmd, "-v", fs_type, "-m", filesystem, vg, device, mount_group, auto_mount, account_subsystem, "-p", permissions, size, "-a", attributes]
+            cmd = [crfs_cmd]
+
+            cmd.append("-v")
+            cmd.append(fs_type)
+
+            if vg:
+                (flag, value) = vg.split()
+                cmd.append(flag)
+                cmd.append(value)
+
+            if device:
+                (flag, value) = device.split()
+                cmd.append(flag)
+                cmd.append(value)
+
+            cmd.append("-m")
+            cmd.append(filesystem)
+
+            if mount_group:
+                (flag, value) = mount_group.split()
+                cmd.append(flag)
+                cmd.append(value)
+
+            if auto_mount:
+                (flag, value) = auto_mount.split()
+                cmd.append(flag)
+                cmd.append(value)
+
+            if account_subsystem:
+                (flag, value) = account_subsystem.split()
+                cmd.append(flag)
+                cmd.append(value)
+
+            cmd.append("-p")
+            cmd.append(permissions)
+
+            if size:
+                (flag, value) = size.split()
+                cmd.append(flag)
+                cmd.append(value)
+
+            if attributes:
+                splitted_attributes = attributes.split()
+                cmd.append("-a")
+                for value in splitted_attributes:
+                    cmd.append(value)
+
             rc, crfs_out, err = module.run_command(cmd)
 
             if rc == 10:
@@ -461,7 +507,7 @@ def main():
     module = AnsibleModule(
         argument_spec=dict(
             account_subsystem=dict(type='bool', default=False),
-            attributes=dict(type='list', elements='str', default=["agblksize='4096'", "isnapshot='no'"]),
+            attributes=dict(type='list', elements='str', default=["agblksize=4096", "isnapshot=no"]),
             auto_mount=dict(type='bool', default=True),
             device=dict(type='str'),
             filesystem=dict(type='str', required=True),

plugins/modules/aix_inittab.py

@@ -204,7 +204,7 @@ def main():
             ":" + module.params['action'] + ":" + module.params['command']
 
         # If current entry exists or fields are different(if the entry does not
-        # exists, then the entry wil be created
+        # exists, then the entry will be created
         if (not current_entry['exist']) or (
                 module.params['runlevel'] != current_entry['runlevel'] or
                 module.params['action'] != current_entry['action'] or

plugins/modules/apache2_module.py

@@ -154,7 +154,7 @@ def _get_ctl_binary(module):
         if ctl_binary is not None:
             return ctl_binary
 
-    module.fail_json(msg="Neither of apache2ctl nor apachctl found. At least one apache control binary is necessary.")
+    module.fail_json(msg="Neither of apache2ctl nor apachectl found. At least one apache control binary is necessary.")
 
 
 def _module_is_enabled(module):

plugins/modules/apk.py

@@ -35,7 +35,9 @@ options:
     default: false
   name:
     description:
-      - A package name, like V(foo), or multiple packages, like V(foo, bar).
+      - A package name, like V(foo), or multiple packages, like V(foo,bar).
+      - Do not include additional whitespace when specifying multiple packages as a string.
+        Prefer YAML lists over comma-separating multiple package names.
     type: list
     elements: str
   no_cache:
@@ -61,7 +63,7 @@ options:
     type: str
   update_cache:
     description:
-      - Update repository indexes. Can be run with other steps or on it's own.
+      - Update repository indexes. Can be run with other steps or on its own.
     type: bool
     default: false
   upgrade:

plugins/modules/cargo.py

@@ -25,6 +25,12 @@ attributes:
   diff_mode:
     support: none
 options:
+  executable:
+    description:
+      - Path to the C(cargo) installed in the system.
+      - If not specified, the module will look C(cargo) in E(PATH).
+    type: path
+    version_added: 7.5.0
   name:
     description:
       - The name of a Rust package to install.
@@ -44,6 +50,14 @@ options:
       try to install all of them in this version.
     type: str
     required: false
+  locked:
+    description:
+      - Install with locked dependencies.
+      - This is only used when installing packages.
+    required: false
+    type: bool
+    default: false
+    version_added: 7.5.0
   state:
     description:
       - The state of the Rust package.
@@ -52,7 +66,7 @@ options:
     default: present
     choices: [ "present", "absent", "latest" ]
 requirements:
-    - cargo installed in bin path (recommended /usr/local/bin)
+    - cargo installed
 """
 
 EXAMPLES = r"""
@@ -60,6 +74,11 @@ EXAMPLES = r"""
   community.general.cargo:
     name: ludusavi
 
+- name: Install "ludusavi" Rust package with locked dependencies
+  community.general.cargo:
+    name: ludusavi
+    locked: true
+
 - name: Install "ludusavi" Rust package in version 0.10.0
   community.general.cargo:
     name: ludusavi
@@ -90,12 +109,12 @@ from ansible.module_utils.basic import AnsibleModule
 class Cargo(object):
     def __init__(self, module, **kwargs):
         self.module = module
+        self.executable = [kwargs["executable"] or module.get_bin_path("cargo", True)]
         self.name = kwargs["name"]
         self.path = kwargs["path"]
         self.state = kwargs["state"]
         self.version = kwargs["version"]
-
-        self.executable = [module.get_bin_path("cargo", True)]
+        self.locked = kwargs["locked"]
 
     @property
     def path(self):
@@ -118,6 +137,10 @@ class Cargo(object):
 
     def get_installed(self):
         cmd = ["install", "--list"]
+        if self.path:
+            cmd.append("--root")
+            cmd.append(self.path)
+
         data, dummy = self._exec(cmd, True, False, False)
 
         package_regex = re.compile(r"^([\w\-]+) v(.+):$")
@@ -132,6 +155,8 @@ class Cargo(object):
     def install(self, packages=None):
         cmd = ["install"]
         cmd.extend(packages or self.name)
+        if self.locked:
+            cmd.append("--locked")
         if self.path:
             cmd.append("--root")
             cmd.append(self.path)
@@ -160,15 +185,16 @@ class Cargo(object):
 
 def main():
     arg_spec = dict(
+        executable=dict(default=None, type="path"),
         name=dict(required=True, type="list", elements="str"),
         path=dict(default=None, type="path"),
         state=dict(default="present", choices=["present", "absent", "latest"]),
         version=dict(default=None, type="str"),
+        locked=dict(default=False, type="bool"),
     )
     module = AnsibleModule(argument_spec=arg_spec, supports_check_mode=True)
 
     name = module.params["name"]
-    path = module.params["path"]
     state = module.params["state"]
     version = module.params["version"]
 
@@ -180,7 +206,7 @@ def main():
         LANG="C", LC_ALL="C", LC_MESSAGES="C", LC_CTYPE="C"
     )
 
-    cargo = Cargo(module, name=name, path=path, state=state, version=version)
+    cargo = Cargo(module, **module.params)
     changed, out, err = False, None, None
     installed_packages = cargo.get_installed()
     if state == "present":

plugins/modules/clc_server.py

@@ -1501,7 +1501,7 @@ class ClcServer:
         return aa_policy_id
 
     #
-    #  This is the function that gets patched to the Request.server object using a lamda closure
+    #  This is the function that gets patched to the Request.server object using a lambda closure
     #
 
     @staticmethod

plugins/modules/cloudflare_dns.py

@@ -138,6 +138,7 @@ options:
     description:
       - The type of DNS record to create. Required if O(state=present).
       - O(type=DS), O(type=SSHFP), and O(type=TLSA) were added in Ansible 2.7.
+      - Note that V(SPF) is no longer supported by CloudFlare. Support for it will be removed from community.general 9.0.0.
     type: str
     choices: [ A, AAAA, CNAME, DS, MX, NS, SPF, SRV, SSHFP, TLSA, TXT ]
   value:
@@ -613,7 +614,7 @@ class CloudflareAPI(object):
                 content = str(params['key_tag']) + '\t' + str(params['algorithm']) + '\t' + str(params['hash_type']) + '\t' + params['value']
         elif params['type'] == 'SSHFP':
             if not (params['value'] is None or params['value'] == ''):
-                content = str(params['algorithm']) + '\t' + str(params['hash_type']) + '\t' + params['value']
+                content = str(params['algorithm']) + ' ' + str(params['hash_type']) + ' ' + params['value'].upper()
         elif params['type'] == 'TLSA':
             if not (params['value'] is None or params['value'] == ''):
                 content = str(params['cert_usage']) + '\t' + str(params['selector']) + '\t' + str(params['hash_type']) + '\t' + params['value']
@@ -726,7 +727,7 @@ class CloudflareAPI(object):
                 if (attr is None) or (attr == ''):
                     self.module.fail_json(msg="You must provide algorithm, hash_type and a value to create this record type")
             sshfp_data = {
-                "fingerprint": params['value'],
+                "fingerprint": params['value'].upper(),
                 "type": params['hash_type'],
                 "algorithm": params['algorithm'],
             }
@@ -736,7 +737,7 @@ class CloudflareAPI(object):
                 'data': sshfp_data,
                 "ttl": params['ttl'],
             }
-            search_value = str(params['algorithm']) + '\t' + str(params['hash_type']) + '\t' + params['value']
+            search_value = str(params['algorithm']) + ' ' + str(params['hash_type']) + ' ' + params['value']
 
         if params['type'] == 'TLSA':
             for attr in [params['port'], params['proto'], params['cert_usage'], params['selector'], params['hash_type'], params['value']]:

plugins/modules/composer.py

@@ -170,10 +170,15 @@ def get_available_options(module, command='install'):
     return command_help_json['definition']['options']
 
 
-def composer_command(module, command, arguments="", options=None, global_command=False):
+def composer_command(module, command, arguments="", options=None):
     if options is None:
         options = []
 
+    global_command = module.params['global_command']
+
+    if not global_command:
+        options.extend(['--working-dir', "'%s'" % module.params['working_dir']])
+
     if module.params['executable'] is None:
         php_path = module.get_bin_path("php", True, ["/usr/local/bin"])
     else:
@@ -217,7 +222,6 @@ def main():
         module.fail_json(msg="Use the 'arguments' param for passing arguments with the 'command'")
 
     arguments = module.params['arguments']
-    global_command = module.params['global_command']
     available_options = get_available_options(module=module, command=command)
 
     options = []
@@ -234,9 +238,6 @@ def main():
             option = "--%s" % option
             options.append(option)
 
-    if not global_command:
-        options.extend(['--working-dir', "'%s'" % module.params['working_dir']])
-
     option_params = {
         'prefer_source': 'prefer-source',
         'prefer_dist': 'prefer-dist',
@@ -260,7 +261,7 @@ def main():
         else:
             module.exit_json(skipped=True, msg="command '%s' does not support check mode, skipping" % command)
 
-    rc, out, err = composer_command(module, command, arguments, options, global_command)
+    rc, out, err = composer_command(module, command, arguments, options)
 
     if rc != 0:
         output = parse_out(err)

plugins/modules/consul_role.py

@@ -0,0 +1,644 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+# Copyright (c) 2022, Håkon Lerring
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+DOCUMENTATION = '''
+module: consul_role
+short_description: Manipulate Consul roles
+version_added: 7.5.0
+description:
+ - Allows the addition, modification and deletion of roles in a consul
+   cluster via the agent. For more details on using and configuring ACLs,
+   see U(https://www.consul.io/docs/guides/acl.html).
+author:
+  - Håkon Lerring (@Hakon)
+extends_documentation_fragment:
+  - community.general.attributes
+attributes:
+  check_mode:
+    support: full
+  diff_mode:
+    support: none
+options:
+  name:
+    description:
+      - A name used to identify the role.
+    required: true
+    type: str
+  state:
+    description:
+      - whether the role should be present or absent.
+    required: false
+    choices: ['present', 'absent']
+    default: present
+    type: str
+  description:
+    description:
+      - Description of the role.
+      - If not specified, the assigned description will not be changed.
+    required: false
+    type: str
+  policies:
+    type: list
+    elements: dict
+    description:
+      - List of policies to attach to the role. Each policy is a dict.
+      - If the parameter is left blank, any policies currently assigned will not be changed.
+      - Any empty array (V([])) will clear any policies previously set.
+    required: false
+    suboptions:
+      name:
+        description:
+          - The name of the policy to attach to this role; see M(community.general.consul_policy) for more info.
+          - Either this or O(policies[].id) must be specified.
+        type: str
+      id:
+        description:
+          - The ID of the policy to attach to this role; see M(community.general.consul_policy) for more info.
+          - Either this or O(policies[].name) must be specified.
+        type: str
+  service_identities:
+    type: list
+    elements: dict
+    description:
+      - List of service identities to attach to the role.
+      - If not specified, any service identities currently assigned will not be changed.
+      - If the parameter is an empty array (V([])), any node identities assigned will be unassigned.
+    required: false
+    suboptions:
+      name:
+        description:
+          - The name of the node.
+          - Must not be longer than 256 characters, must start and end with a lowercase alphanumeric character.
+          - May only contain lowercase alphanumeric characters as well as - and _.
+        type: str
+        required: true
+      datacenters:
+        description:
+          - The datacenters the policies will be effective.
+          - This will result in effective policy only being valid in this datacenter.
+          - If an empty array (V([])) is specified, the policies will valid in all datacenters.
+          - including those which do not yet exist but may in the future.
+        type: list
+        elements: str
+        required: true
+  node_identities:
+    type: list
+    elements: dict
+    description:
+      - List of node identities to attach to the role.
+      - If not specified, any node identities currently assigned will not be changed.
+      - If the parameter is an empty array (V([])), any node identities assigned will be unassigned.
+    required: false
+    suboptions:
+      name:
+        description:
+          - The name of the node.
+          - Must not be longer than 256 characters, must start and end with a lowercase alphanumeric character.
+          - May only contain lowercase alphanumeric characters as well as - and _.
+        type: str
+        required: true
+      datacenter:
+        description:
+          - The nodes datacenter.
+          - This will result in effective policy only being valid in this datacenter.
+        type: str
+        required: true
+  host:
+    description:
+      - Host of the consul agent, defaults to V(localhost).
+    required: false
+    default: localhost
+    type: str
+  port:
+    type: int
+    description:
+      - The port on which the consul agent is running.
+    required: false
+    default: 8500
+  scheme:
+    description:
+      - The protocol scheme on which the consul agent is running.
+    required: false
+    default: http
+    type: str
+  token:
+    description:
+      - A management token is required to manipulate the roles.
+    type: str
+  validate_certs:
+    type: bool
+    description:
+      - Whether to verify the TLS certificate of the consul agent.
+    required: false
+    default: true
+requirements:
+  - requests
+'''
+
+EXAMPLES = """
+- name: Create a role with 2 policies
+  community.general.consul_role:
+    host: consul1.example.com
+    token: some_management_acl
+    name: foo-role
+    policies:
+      - id: 783beef3-783f-f41f-7422-7087dc272765
+      - name: "policy-1"
+
+- name: Create a role with service identity
+  community.general.consul_role:
+    host: consul1.example.com
+    token: some_management_acl
+    name: foo-role-2
+    service_identities:
+      - name: web
+        datacenters:
+          - dc1
+
+- name: Create a role with node identity
+  community.general.consul_role:
+    host: consul1.example.com
+    token: some_management_acl
+    name: foo-role-3
+    node_identities:
+      - name: node-1
+        datacenter: dc2
+
+- name: Remove a role
+  community.general.consul_role:
+    host: consul1.example.com
+    token: some_management_acl
+    name: foo-role-3
+    state: absent
+"""
+
+RETURN = """
+role:
+    description: The role object.
+    returned: success
+    type: dict
+    sample:
+        {
+            "CreateIndex": 39,
+            "Description": "",
+            "Hash": "Trt0QJtxVEfvTTIcdTUbIJRr6Dsi6E4EcwSFxx9tCYM=",
+            "ID": "9a300b8d-48db-b720-8544-a37c0f5dafb5",
+            "ModifyIndex": 39,
+            "Name": "foo-role",
+            "Policies": [
+                {"ID": "b1a00172-d7a1-0e66-a12e-7a4045c4b774", "Name": "foo-access"}
+            ]
+        }
+operation:
+    description: The operation performed on the role.
+    returned: changed
+    type: str
+    sample: update
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible.module_utils.basic import missing_required_lib
+from ansible_collections.community.general.plugins.module_utils.consul import (
+    get_consul_url, get_auth_headers, handle_consul_response_error)
+import traceback
+
+REQUESTS_IMP_ERR = None
+
+try:
+    from requests.exceptions import ConnectionError
+    import requests
+    HAS_REQUESTS = True
+except ImportError:
+    HAS_REQUESTS = False
+    REQUESTS_IMP_ERR = traceback.format_exc()
+
+TOKEN_PARAMETER_NAME = "token"
+HOST_PARAMETER_NAME = "host"
+SCHEME_PARAMETER_NAME = "scheme"
+VALIDATE_CERTS_PARAMETER_NAME = "validate_certs"
+NAME_PARAMETER_NAME = "name"
+DESCRIPTION_PARAMETER_NAME = "description"
+PORT_PARAMETER_NAME = "port"
+POLICIES_PARAMETER_NAME = "policies"
+SERVICE_IDENTITIES_PARAMETER_NAME = "service_identities"
+NODE_IDENTITIES_PARAMETER_NAME = "node_identities"
+STATE_PARAMETER_NAME = "state"
+
+PRESENT_STATE_VALUE = "present"
+ABSENT_STATE_VALUE = "absent"
+
+REMOVE_OPERATION = "remove"
+UPDATE_OPERATION = "update"
+CREATE_OPERATION = "create"
+
+POLICY_RULE_SPEC = dict(
+    name=dict(type='str'),
+    id=dict(type='str'),
+)
+
+NODE_ID_RULE_SPEC = dict(
+    name=dict(type='str', required=True),
+    datacenter=dict(type='str', required=True),
+)
+
+SERVICE_ID_RULE_SPEC = dict(
+    name=dict(type='str', required=True),
+    datacenters=dict(type='list', elements='str', required=True),
+)
+
+_ARGUMENT_SPEC = {
+    TOKEN_PARAMETER_NAME: dict(no_log=True),
+    PORT_PARAMETER_NAME: dict(default=8500, type='int'),
+    HOST_PARAMETER_NAME: dict(default='localhost'),
+    SCHEME_PARAMETER_NAME: dict(default='http'),
+    VALIDATE_CERTS_PARAMETER_NAME: dict(type='bool', default=True),
+    NAME_PARAMETER_NAME: dict(required=True),
+    DESCRIPTION_PARAMETER_NAME: dict(required=False, type='str', default=None),
+    POLICIES_PARAMETER_NAME: dict(type='list', elements='dict', options=POLICY_RULE_SPEC,
+                                  mutually_exclusive=[('name', 'id')], required_one_of=[('name', 'id')], default=None),
+    SERVICE_IDENTITIES_PARAMETER_NAME: dict(type='list', elements='dict', options=SERVICE_ID_RULE_SPEC, default=None),
+    NODE_IDENTITIES_PARAMETER_NAME: dict(type='list', elements='dict', options=NODE_ID_RULE_SPEC, default=None),
+    STATE_PARAMETER_NAME: dict(default=PRESENT_STATE_VALUE, choices=[PRESENT_STATE_VALUE, ABSENT_STATE_VALUE]),
+}
+
+
+def compare_consul_api_role_policy_objects(first, second):
+    # compare two lists of dictionaries, ignoring the ID element
+    for x in first:
+        x.pop('ID', None)
+
+    for x in second:
+        x.pop('ID', None)
+
+    return first == second
+
+
+def update_role(role, configuration):
+    url = '%s/acl/role/%s' % (get_consul_url(configuration),
+                              role['ID'])
+    headers = get_auth_headers(configuration)
+
+    update_role_data = {
+        'Name': configuration.name,
+        'Description': configuration.description,
+    }
+
+    # check if the user omitted the description,  policies, service identities, or node identities
+
+    description_specified = configuration.description is not None
+
+    policy_specified = True
+    if len(configuration.policies) == 1 and configuration.policies[0] is None:
+        policy_specified = False
+
+    service_id_specified = True
+    if len(configuration.service_identities) == 1 and configuration.service_identities[0] is None:
+        service_id_specified = False
+
+    node_id_specified = True
+    if len(configuration.node_identities) == 1 and configuration.node_identities[0] is None:
+        node_id_specified = False
+
+    if description_specified:
+        update_role_data["Description"] = configuration.description
+
+    if policy_specified:
+        update_role_data["Policies"] = [x.to_dict() for x in configuration.policies]
+
+    if configuration.version >= ConsulVersion("1.5.0") and service_id_specified:
+        update_role_data["ServiceIdentities"] = [
+            x.to_dict() for x in configuration.service_identities]
+
+    if configuration.version >= ConsulVersion("1.8.0") and node_id_specified:
+        update_role_data["NodeIdentities"] = [
+            x.to_dict() for x in configuration.node_identities]
+
+    if configuration.check_mode:
+        description_changed = False
+        if description_specified:
+            description_changed = role.get('Description') != update_role_data["Description"]
+        else:
+            update_role_data["Description"] = role.get("Description")
+
+        policies_changed = False
+        if policy_specified:
+            policies_changed = not (
+                compare_consul_api_role_policy_objects(role.get('Policies', []), update_role_data.get('Policies', [])))
+        else:
+            if role.get('Policies') is not None:
+                update_role_data["Policies"] = role.get('Policies')
+
+        service_ids_changed = False
+        if service_id_specified:
+            service_ids_changed = role.get('ServiceIdentities') != update_role_data.get('ServiceIdentities')
+        else:
+            if role.get('ServiceIdentities') is not None:
+                update_role_data["ServiceIdentities"] = role.get('ServiceIdentities')
+
+        node_ids_changed = False
+        if node_id_specified:
+            node_ids_changed = role.get('NodeIdentities') != update_role_data.get('NodeIdentities')
+        else:
+            if role.get('NodeIdentities'):
+                update_role_data["NodeIdentities"] = role.get('NodeIdentities')
+
+        changed = (
+            description_changed or
+            policies_changed or
+            service_ids_changed or
+            node_ids_changed
+        )
+        return Output(changed=changed, operation=UPDATE_OPERATION, role=update_role_data)
+    else:
+        # if description, policies, service or node id are not specified; we need to get the existing value and apply it
+        if not description_specified and role.get('Description') is not None:
+            update_role_data["Description"] = role.get('Description')
+
+        if not policy_specified and role.get('Policies') is not None:
+            update_role_data["Policies"] = role.get('Policies')
+
+        if not service_id_specified and role.get('ServiceIdentities') is not None:
+            update_role_data["ServiceIdentities"] = role.get('ServiceIdentities')
+
+        if not node_id_specified and role.get('NodeIdentities') is not None:
+            update_role_data["NodeIdentities"] = role.get('NodeIdentities')
+
+        response = requests.put(url, headers=headers, json=update_role_data, verify=configuration.validate_certs)
+        handle_consul_response_error(response)
+
+        resulting_role = response.json()
+        changed = (
+            role['Description'] != resulting_role['Description'] or
+            role.get('Policies', None) != resulting_role.get('Policies', None) or
+            role.get('ServiceIdentities', None) != resulting_role.get('ServiceIdentities', None) or
+            role.get('NodeIdentities', None) != resulting_role.get('NodeIdentities', None)
+        )
+
+        return Output(changed=changed, operation=UPDATE_OPERATION, role=resulting_role)
+
+
+def create_role(configuration):
+    url = '%s/acl/role' % get_consul_url(configuration)
+    headers = get_auth_headers(configuration)
+
+    # check if the user omitted policies, service identities, or node identities
+    policy_specified = True
+    if len(configuration.policies) == 1 and configuration.policies[0] is None:
+        policy_specified = False
+
+    service_id_specified = True
+    if len(configuration.service_identities) == 1 and configuration.service_identities[0] is None:
+        service_id_specified = False
+
+    node_id_specified = True
+    if len(configuration.node_identities) == 1 and configuration.node_identities[0] is None:
+        node_id_specified = False
+
+    # get rid of None item so we can set an empty list for policies, service identities and node identities
+    if not policy_specified:
+        configuration.policies.pop()
+
+    if not service_id_specified:
+        configuration.service_identities.pop()
+
+    if not node_id_specified:
+        configuration.node_identities.pop()
+
+    create_role_data = {
+        'Name': configuration.name,
+        'Description': configuration.description,
+        'Policies': [x.to_dict() for x in configuration.policies],
+    }
+    if configuration.version >= ConsulVersion("1.5.0"):
+        create_role_data["ServiceIdentities"] = [x.to_dict() for x in configuration.service_identities]
+
+    if configuration.version >= ConsulVersion("1.8.0"):
+        create_role_data["NodeIdentities"] = [x.to_dict() for x in configuration.node_identities]
+
+    if not configuration.check_mode:
+        response = requests.put(url, headers=headers, json=create_role_data, verify=configuration.validate_certs)
+        handle_consul_response_error(response)
+
+        resulting_role = response.json()
+
+        return Output(changed=True, operation=CREATE_OPERATION, role=resulting_role)
+    else:
+        return Output(changed=True, operation=CREATE_OPERATION)
+
+
+def remove_role(configuration):
+    roles = get_roles(configuration)
+
+    if configuration.name in roles:
+
+        role_id = roles[configuration.name]['ID']
+
+        if not configuration.check_mode:
+            url = '%s/acl/role/%s' % (get_consul_url(configuration), role_id)
+            headers = get_auth_headers(configuration)
+            response = requests.delete(url, headers=headers, verify=configuration.validate_certs)
+            handle_consul_response_error(response)
+
+        changed = True
+    else:
+        changed = False
+    return Output(changed=changed, operation=REMOVE_OPERATION)
+
+
+def get_roles(configuration):
+    url = '%s/acl/roles' % get_consul_url(configuration)
+    headers = get_auth_headers(configuration)
+    response = requests.get(url, headers=headers, verify=configuration.validate_certs)
+    handle_consul_response_error(response)
+    roles = response.json()
+    existing_roles_mapped_by_id = dict((role['Name'], role) for role in roles if role['Name'] is not None)
+    return existing_roles_mapped_by_id
+
+
+def get_consul_version(configuration):
+    url = '%s/agent/self' % get_consul_url(configuration)
+    headers = get_auth_headers(configuration)
+    response = requests.get(url, headers=headers, verify=configuration.validate_certs)
+    handle_consul_response_error(response)
+    config = response.json()["Config"]
+    return ConsulVersion(config["Version"])
+
+
+def set_role(configuration):
+    roles = get_roles(configuration)
+
+    if configuration.name in roles:
+        role = roles[configuration.name]
+        return update_role(role, configuration)
+    else:
+        return create_role(configuration)
+
+
+class ConsulVersion:
+    def __init__(self, version_string):
+        split = version_string.split('.')
+        self.major = split[0]
+        self.minor = split[1]
+        self.patch = split[2]
+
+    def __ge__(self, other):
+        return int(self.major + self.minor +
+                   self.patch) >= int(other.major + other.minor + other.patch)
+
+    def __le__(self, other):
+        return int(self.major + self.minor +
+                   self.patch) <= int(other.major + other.minor + other.patch)
+
+
+class ServiceIdentity:
+    def __init__(self, input):
+        if not isinstance(input, dict) or 'name' not in input:
+            raise ValueError(
+                "Each element of service_identities must be a dict with the keys name and optionally datacenters")
+        self.name = input["name"]
+        self.datacenters = input["datacenters"] if "datacenters" in input else None
+
+    def to_dict(self):
+        return {
+            "ServiceName": self.name,
+            "Datacenters": self.datacenters
+        }
+
+
+class NodeIdentity:
+    def __init__(self, input):
+        if not isinstance(input, dict) or 'name' not in input:
+            raise ValueError(
+                "Each element of node_identities must be a dict with the keys name and optionally datacenter")
+        self.name = input["name"]
+        self.datacenter = input["datacenter"] if "datacenter" in input else None
+
+    def to_dict(self):
+        return {
+            "NodeName": self.name,
+            "Datacenter": self.datacenter
+        }
+
+
+class RoleLink:
+    def __init__(self, dict):
+        self.id = dict.get("id", None)
+        self.name = dict.get("name", None)
+
+    def to_dict(self):
+        return {
+            "ID": self.id,
+            "Name": self.name
+        }
+
+
+class PolicyLink:
+    def __init__(self, dict):
+        self.id = dict.get("id", None)
+        self.name = dict.get("name", None)
+
+    def to_dict(self):
+        return {
+            "ID": self.id,
+            "Name": self.name
+        }
+
+
+class Configuration:
+    """
+    Configuration for this module.
+    """
+
+    def __init__(self, token=None, host=None, scheme=None, validate_certs=None, name=None, description=None, port=None,
+                 policies=None, service_identities=None, node_identities=None, state=None, check_mode=None):
+        self.token = token                                                              # type: str
+        self.host = host                                                                # type: str
+        self.port = port                                                                # type: int
+        self.scheme = scheme                                                            # type: str
+        self.validate_certs = validate_certs                                            # type: bool
+        self.name = name                                                                # type: str
+        self.description = description                                                  # type: str
+        if policies is not None:
+            self.policies = [PolicyLink(p) for p in policies]                           # type: list(PolicyLink)
+        else:
+            self.policies = [None]
+        if service_identities is not None:
+            self.service_identities = [ServiceIdentity(s) for s in service_identities]  # type: list(ServiceIdentity)
+        else:
+            self.service_identities = [None]
+        if node_identities is not None:
+            self.node_identities = [NodeIdentity(n) for n in node_identities]           # type: list(NodeIdentity)
+        else:
+            self.node_identities = [None]
+        self.state = state                                                              # type: str
+        self.check_mode = check_mode                                                    # type: bool
+
+
+class Output:
+    """
+    Output of an action of this module.
+    """
+
+    def __init__(self, changed=None, operation=None, role=None):
+        self.changed = changed      # type: bool
+        self.operation = operation  # type: str
+        self.role = role          # type: dict
+
+
+def main():
+    """
+    Main method.
+    """
+    module = AnsibleModule(_ARGUMENT_SPEC, supports_check_mode=True)
+
+    if not HAS_REQUESTS:
+        module.fail_json(msg=missing_required_lib("requests"),
+                         exception=REQUESTS_IMP_ERR)
+
+    try:
+        configuration = Configuration(
+            token=module.params.get(TOKEN_PARAMETER_NAME),
+            host=module.params.get(HOST_PARAMETER_NAME),
+            port=module.params.get(PORT_PARAMETER_NAME),
+            scheme=module.params.get(SCHEME_PARAMETER_NAME),
+            validate_certs=module.params.get(VALIDATE_CERTS_PARAMETER_NAME),
+            name=module.params.get(NAME_PARAMETER_NAME),
+            description=module.params.get(DESCRIPTION_PARAMETER_NAME),
+            policies=module.params.get(POLICIES_PARAMETER_NAME),
+            service_identities=module.params.get(SERVICE_IDENTITIES_PARAMETER_NAME),
+            node_identities=module.params.get(NODE_IDENTITIES_PARAMETER_NAME),
+            state=module.params.get(STATE_PARAMETER_NAME),
+            check_mode=module.check_mode
+
+        )
+    except ValueError as err:
+        module.fail_json(msg='Configuration error: %s' % str(err))
+        return
+
+    try:
+
+        version = get_consul_version(configuration)
+        configuration.version = version
+
+        if configuration.state == PRESENT_STATE_VALUE:
+            output = set_role(configuration)
+        else:
+            output = remove_role(configuration)
+    except ConnectionError as e:
+        module.fail_json(msg='Could not connect to consul agent at %s:%s, error was %s' % (
+            configuration.host, configuration.port, str(e)))
+        raise
+
+    return_values = dict(changed=output.changed, operation=output.operation, role=output.role)
+    module.exit_json(**return_values)
+
+
+if __name__ == "__main__":
+    main()

plugins/modules/cpanm.py

@@ -183,8 +183,9 @@ class CPANMinus(ModuleHelper):
             if v.name and v.from_path:
                 self.do_raise("Parameters 'name' and 'from_path' are mutually exclusive when 'mode=new'")
 
-        self.command = self.get_bin_path(v.executable if v.executable else self.command)
-        self.vars.set("binary", self.command)
+        self.command = v.executable if v.executable else self.command
+        self.runner = CmdRunner(self.module, self.command, self.command_args_formats, check_rc=True)
+        self.vars.binary = self.runner.binary
 
     def _is_package_installed(self, name, locallib, version):
         def process(rc, out, err):
@@ -220,8 +221,6 @@ class CPANMinus(ModuleHelper):
                 self.do_raise(msg=err, cmd=self.vars.cmd_args)
             return 'is up to date' not in err and 'is up to date' not in out
 
-        runner = CmdRunner(self.module, self.command, self.command_args_formats, check_rc=True)
-
         v = self.vars
         pkg_param = 'from_path' if v.from_path else 'name'
 
@@ -235,7 +234,7 @@ class CPANMinus(ModuleHelper):
                 return
             pkg_spec = self.sanitize_pkg_spec_version(v[pkg_param], v.version)
 
-        with runner(['notest', 'locallib', 'mirror', 'mirror_only', 'installdeps', 'pkg_spec'], output_process=process) as ctx:
+        with self.runner(['notest', 'locallib', 'mirror', 'mirror_only', 'installdeps', 'pkg_spec'], output_process=process) as ctx:
             self.changed = ctx.run(pkg_spec=pkg_spec)
 
 

plugins/modules/dconf.py

@@ -400,7 +400,7 @@ class DconfPreference(object):
         rc, out, err = dbus_wrapper.run_command(command)
 
         if rc != 0:
-            self.module.fail_json(msg='dconf failed while reseting the value with error: %s' % err,
+            self.module.fail_json(msg='dconf failed while resetting the value with error: %s' % err,
                                   out=out,
                                   err=err)
 

plugins/modules/dnsimple.py

@@ -178,7 +178,7 @@ class DNSimpleV2():
             client = Client(sandbox=self.sandbox, email=self.account_email, access_token=self.account_api_token, user_agent="ansible/community.general")
         else:
             msg = "Option account_email or account_api_token not provided. " \
-                  "Dnsimple authentiction with a .dnsimple config file is not " \
+                  "Dnsimple authentication with a .dnsimple config file is not " \
                   "supported with dnsimple-python>=2.0.0"
             raise DNSimpleException(msg)
         client.identity.whoami()
@@ -225,24 +225,24 @@ class DNSimpleV2():
         self.client.domains.delete_domain(self.account.id, domain)
 
     def get_records(self, zone, dnsimple_filter=None):
-        """return dns ressource records which match a specified filter"""
+        """return dns resource records which match a specified filter"""
         records_list = self._get_paginated_result(self.client.zones.list_records,
                                                   account_id=self.account.id,
                                                   zone=zone, filter=dnsimple_filter)
         return [d.__dict__ for d in records_list]
 
     def delete_record(self, domain, rid):
-        """delete a single dns ressource record"""
+        """delete a single dns resource record"""
         self.client.zones.delete_record(self.account.id, domain, rid)
 
     def update_record(self, domain, rid, ttl=None, priority=None):
-        """update a single dns ressource record"""
+        """update a single dns resource record"""
         zr = ZoneRecordUpdateInput(ttl=ttl, priority=priority)
         result = self.client.zones.update_record(self.account.id, str(domain), str(rid), zr).data.__dict__
         return result
 
     def create_record(self, domain, name, record_type, content, ttl=None, priority=None):
-        """create a single dns ressource record"""
+        """create a single dns resource record"""
         zr = ZoneRecordInput(name=name, type=record_type, content=content, ttl=ttl, priority=priority)
         return self.client.zones.create_record(self.account.id, str(domain), zr).data.__dict__
 

plugins/modules/dnsmadeeasy.py

@@ -509,15 +509,15 @@ class DME2(object):
         return json.dumps(data, separators=(',', ':'))
 
     def createRecord(self, data):
-        # @TODO update the cache w/ resultant record + id when impleneted
+        # @TODO update the cache w/ resultant record + id when implemented
         return self.query(self.record_url, 'POST', data)
 
     def updateRecord(self, record_id, data):
-        # @TODO update the cache w/ resultant record + id when impleneted
+        # @TODO update the cache w/ resultant record + id when implemented
         return self.query(self.record_url + '/' + str(record_id), 'PUT', data)
 
     def deleteRecord(self, record_id):
-        # @TODO remove record from the cache when impleneted
+        # @TODO remove record from the cache when implemented
         return self.query(self.record_url + '/' + str(record_id), 'DELETE')
 
     def getMonitor(self, record_id):

plugins/modules/ejabberd_user.py

@@ -78,6 +78,7 @@ EXAMPLES = '''
 import syslog
 
 from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.community.general.plugins.module_utils.cmd_runner import CmdRunner, cmd_runner_fmt
 
 
 class EjabberdUser(object):
@@ -85,7 +86,7 @@ class EjabberdUser(object):
     object manages user creation and deletion using ejabberdctl.  The following
     commands are currently supported:
         * ejabberdctl register
-        * ejabberdctl deregister
+        * ejabberdctl unregister
     """
 
     def __init__(self, module):
@@ -95,6 +96,17 @@ class EjabberdUser(object):
         self.host = module.params.get('host')
         self.user = module.params.get('username')
         self.pwd = module.params.get('password')
+        self.runner = CmdRunner(
+            module,
+            command="ejabberdctl",
+            arg_formats=dict(
+                cmd=cmd_runner_fmt.as_list(),
+                host=cmd_runner_fmt.as_list(),
+                user=cmd_runner_fmt.as_list(),
+                pwd=cmd_runner_fmt.as_list(),
+            ),
+            check_rc=False,
+        )
 
     @property
     def changed(self):
@@ -102,7 +114,7 @@ class EjabberdUser(object):
         changed.   It will return True if the user does not match the supplied
         credentials and False if it does not
         """
-        return self.run_command('check_password', [self.user, self.host, self.pwd])
+        return self.run_command('check_password', 'user host pwd', (lambda rc, out, err: bool(rc)))
 
     @property
     def exists(self):
@@ -110,7 +122,7 @@ class EjabberdUser(object):
         host specified.  If the user exists True is returned, otherwise False
         is returned
         """
-        return self.run_command('check_account', [self.user, self.host])
+        return self.run_command('check_account', 'user host', (lambda rc, out, err: not bool(rc)))
 
     def log(self, entry):
         """ This method will log information to the local syslog facility """
@@ -118,29 +130,36 @@ class EjabberdUser(object):
             syslog.openlog('ansible-%s' % self.module._name)
             syslog.syslog(syslog.LOG_NOTICE, entry)
 
-    def run_command(self, cmd, options):
+    def run_command(self, cmd, options, process=None):
         """ This method will run the any command specified and return the
         returns using the Ansible common module
         """
-        cmd = [self.module.get_bin_path('ejabberdctl'), cmd] + options
-        self.log('command: %s' % " ".join(cmd))
-        return self.module.run_command(cmd)
+        def _proc(*a):
+            return a
+
+        if process is None:
+            process = _proc
+
+        with self.runner("cmd " + options, output_process=process) as ctx:
+            res = ctx.run(cmd=cmd, host=self.host, user=self.user, pwd=self.pwd)
+            self.log('command: %s' % " ".join(ctx.run_info['cmd']))
+        return res
 
     def update(self):
         """ The update method will update the credentials for the user provided
         """
-        return self.run_command('change_password', [self.user, self.host, self.pwd])
+        return self.run_command('change_password', 'user host pwd')
 
     def create(self):
         """ The create method will create a new user on the host with the
         password provided
         """
-        return self.run_command('register', [self.user, self.host, self.pwd])
+        return self.run_command('register', 'user host pwd')
 
     def delete(self):
         """ The delete method will delete the user from the host
         """
-        return self.run_command('unregister', [self.user, self.host])
+        return self.run_command('unregister', 'user host')
 
 
 def main():
@@ -150,7 +169,7 @@ def main():
             username=dict(required=True, type='str'),
             password=dict(type='str', no_log=True),
             state=dict(default='present', choices=['present', 'absent']),
-            logging=dict(default=False, type='bool')  # deprecate in favour of c.g.syslogger?
+            logging=dict(default=False, type='bool', removed_in_version='10.0.0', removed_from_collection='community.general'),
         ),
         required_if=[
             ('state', 'present', ['password']),

plugins/modules/gio_mime.py

@@ -0,0 +1,108 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+# Copyright (c) 2022, Alexei Znamensky <russoz@gmail.com>
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+DOCUMENTATION = '''
+module: gio_mime
+author:
+  - "Alexei Znamensky (@russoz)"
+short_description: Set default handler for MIME type, for applications using Gnome GIO
+version_added: 7.5.0
+description:
+  - This module allows configuring the default handler for a specific MIME type, to be used by applications built with th Gnome GIO API.
+extends_documentation_fragment:
+  - community.general.attributes
+attributes:
+  check_mode:
+    support: full
+  diff_mode:
+    support: full
+options:
+  mime_type:
+    description:
+      - MIME type for which a default handler will be set.
+    type: str
+    required: true
+  handler:
+    description:
+      - Default handler will be set for the MIME type.
+    type: str
+    required: true
+notes:
+  - This module is a thin wrapper around the C(gio mime) command (and subcommand).
+  - See man gio(1) for more details.
+seealso:
+  - name: GIO Documentation
+    description: Reference documentation for the GIO API..
+    link: https://docs.gtk.org/gio/
+'''
+
+EXAMPLES = """
+- name: Set chrome as the default handler for https
+  community.general.gio_mime:
+    mime_type: x-scheme-handler/https
+    handler: google-chrome.desktop
+  register: result
+"""
+
+RETURN = '''
+  handler:
+    description:
+    - The handler set as default.
+    returned: success
+    type: str
+    sample: google-chrome.desktop
+  stdout:
+    description:
+    - The output of the C(gio) command.
+    returned: success
+    type: str
+    sample: Set google-chrome.desktop as the default for x-scheme-handler/https
+  stderr:
+    description:
+    - The error output of the C(gio) command.
+    returned: failure
+    type: str
+    sample: 'gio: Failed to load info for handler "never-existed.desktop"'
+'''
+
+from ansible_collections.community.general.plugins.module_utils.module_helper import ModuleHelper
+from ansible_collections.community.general.plugins.module_utils.gio_mime import gio_mime_runner, gio_mime_get
+
+
+class GioMime(ModuleHelper):
+    output_params = ['handler']
+    module = dict(
+        argument_spec=dict(
+            mime_type=dict(type='str', required=True),
+            handler=dict(type='str', required=True),
+        ),
+        supports_check_mode=True,
+    )
+
+    def __init_module__(self):
+        self.runner = gio_mime_runner(self.module, check_rc=True)
+        self.vars.set_meta("handler", initial_value=gio_mime_get(self.runner, self.vars.mime_type), diff=True, change=True)
+
+    def __run__(self):
+        check_mode_return = (0, 'Module executed in check mode', '')
+        if self.vars.has_changed("handler"):
+            with self.runner.context(args_order=["mime_type", "handler"], check_mode_skip=True, check_mode_return=check_mode_return) as ctx:
+                rc, out, err = ctx.run()
+                self.vars.stdout = out
+                self.vars.stderr = err
+                if self.verbosity >= 4:
+                    self.vars.run_info = ctx.run_info
+
+
+def main():
+    GioMime.execute()
+
+
+if __name__ == '__main__':
+    main()

plugins/modules/github_deploy_key.py

@@ -227,7 +227,7 @@ class GithubDeployKey(object):
                 yield self.module.from_json(resp.read())
 
                 links = {}
-                for x, y in findall(r'<([^>]+)>;\s*rel="(\w+)"', info["link"]):
+                for x, y in findall(r'<([^>]+)>;\s*rel="(\w+)"', info.get("link", '')):
                     links[y] = x
 
                 url = links.get('next')

plugins/modules/gitlab_group.py

@@ -94,6 +94,13 @@ options:
       - This option is only used on creation, not for updates.
     type: path
     version_added: 4.2.0
+  force_delete:
+    description:
+      - Force delete group even if projects in it.
+      - Used only when O(state=absent).
+    type: bool
+    default: false
+    version_added: 7.5.0
 '''
 
 EXAMPLES = '''
@@ -279,12 +286,18 @@ class GitLabGroup(object):
 
         return (changed, group)
 
-    def delete_group(self):
+    '''
+    @param force To delete even if projects inside
+    '''
+    def delete_group(self, force=False):
         group = self.group_object
 
-        if len(group.projects.list(all=False)) >= 1:
+        if not force and len(group.projects.list(all=False)) >= 1:
             self._module.fail_json(
-                msg="There are still projects in this group. These needs to be moved or deleted before this group can be removed.")
+                msg=("There are still projects in this group. "
+                     "These needs to be moved or deleted before this group can be removed. "
+                     "Use 'force_delete' to 'true' to force deletion of existing projects.")
+            )
         else:
             if self._module.check_mode:
                 return True
@@ -295,7 +308,7 @@ class GitLabGroup(object):
                 self._module.fail_json(msg="Failed to delete group: %s " % to_native(e))
 
     '''
-    @param name Name of the groupe
+    @param name Name of the group
     @param full_path Complete path of the Group including parent group path. <parent_path>/<group_path>
     '''
     def exists_group(self, project_identifier):
@@ -322,6 +335,7 @@ def main():
         subgroup_creation_level=dict(type='str', choices=['maintainer', 'owner']),
         require_two_factor_authentication=dict(type='bool'),
         avatar_path=dict(type='path'),
+        force_delete=dict(type='bool', default=False),
     ))
 
     module = AnsibleModule(
@@ -354,6 +368,7 @@ def main():
     subgroup_creation_level = module.params['subgroup_creation_level']
     require_two_factor_authentication = module.params['require_two_factor_authentication']
     avatar_path = module.params['avatar_path']
+    force_delete = module.params['force_delete']
 
     gitlab_instance = gitlab_authentication(module)
 
@@ -375,7 +390,7 @@ def main():
 
     if state == 'absent':
         if group_exists:
-            gitlab_group.delete_group()
+            gitlab_group.delete_group(force=force_delete)
             module.exit_json(changed=True, msg="Successfully deleted group %s" % group_name)
         else:
             module.exit_json(changed=False, msg="Group deleted or does not exists")

plugins/modules/gitlab_group_members.py

@@ -276,11 +276,11 @@ def main():
     ensure_gitlab_package(module)
 
     access_level_int = {
-        'guest': gitlab.GUEST_ACCESS,
-        'reporter': gitlab.REPORTER_ACCESS,
-        'developer': gitlab.DEVELOPER_ACCESS,
-        'maintainer': gitlab.MAINTAINER_ACCESS,
-        'owner': gitlab.OWNER_ACCESS,
+        'guest': gitlab.const.GUEST_ACCESS,
+        'reporter': gitlab.const.REPORTER_ACCESS,
+        'developer': gitlab.const.DEVELOPER_ACCESS,
+        'maintainer': gitlab.const.MAINTAINER_ACCESS,
+        'owner': gitlab.const.OWNER_ACCESS,
     }
 
     gitlab_group = module.params['gitlab_group']

plugins/modules/gitlab_group_variable.py

@@ -53,13 +53,14 @@ options:
     type: bool
   vars:
     description:
-      - When the list element is a simple key-value pair, set masked and protected to false.
-      - When the list element is a dict with the keys C(value), C(masked) and C(protected), the user can
-        have full control about whether a value should be masked, protected or both.
+      - When the list element is a simple key-value pair, masked, raw and protected will be set to false.
+      - When the list element is a dict with the keys C(value), C(masked), C(raw) and C(protected), the user can
+        have full control about whether a value should be masked, raw, protected or both.
       - Support for group variables requires GitLab >= 9.5.
       - Support for environment_scope requires GitLab Premium >= 13.11.
       - Support for protected values requires GitLab >= 9.3.
       - Support for masked values requires GitLab >= 11.10.
+      - Support for raw values requires GitLab >= 15.7.
       - A C(value) must be a string or a number.
       - Field C(variable_type) must be a string with either V(env_var), which is the default, or V(file).
       - When a value is masked, it must be in Base64 and have a length of at least 8 characters.
@@ -70,7 +71,7 @@ options:
     version_added: 4.5.0
     description:
       - A list of dictionaries that represents CI/CD variables.
-      - This modules works internal with this sructure, even if the older O(vars) parameter is used.
+      - This modules works internal with this structure, even if the older O(vars) parameter is used.
     default: []
     type: list
     elements: dict
@@ -87,17 +88,24 @@ options:
         type: str
       masked:
         description:
-          - Wether variable value is masked or not.
+          - Whether variable value is masked or not.
         type: bool
         default: false
       protected:
         description:
-          - Wether variable value is protected or not.
+          - Whether variable value is protected or not.
         type: bool
         default: false
+      raw:
+        description:
+          - Whether variable value is raw or not.
+          - Support for raw values requires GitLab >= 15.7.
+        type: bool
+        default: false
+        version_added: '7.4.0'
       variable_type:
         description:
-          - Wether a variable is an environment variable (V(env_var)) or a file (V(file)).
+          - Whether a variable is an environment variable (V(env_var)) or a file (V(file)).
         type: str
         choices: [ "env_var", "file" ]
         default: env_var
@@ -126,6 +134,38 @@ EXAMPLES = r'''
         variable_type: env_var
         environment_scope: production
 
+- name: Set or update some CI/CD variables with raw value
+  community.general.gitlab_group_variable:
+    api_url: https://gitlab.com
+    api_token: secret_access_token
+    group: scodeman/testgroup/
+    purge: false
+    vars:
+      ACCESS_KEY_ID: abc123
+      SECRET_ACCESS_KEY:
+        value: 3214cbad
+        masked: true
+        protected: true
+        raw: true
+        variable_type: env_var
+        environment_scope: '*'
+
+- name: Set or update some CI/CD variables with expandable value
+  community.general.gitlab_group_variable:
+    api_url: https://gitlab.com
+    api_token: secret_access_token
+    group: scodeman/testgroup/
+    purge: false
+    vars:
+      ACCESS_KEY_ID: abc123
+      SECRET_ACCESS_KEY:
+        value: '$MY_OTHER_VARIABLE'
+        masked: true
+        protected: true
+        raw: false
+        variable_type: env_var
+        environment_scope: '*'
+
 - name: Delete one variable
   community.general.gitlab_group_variable:
     api_url: https://gitlab.com
@@ -199,6 +239,7 @@ class GitlabGroupVariables(object):
             "value": var_obj.get('value'),
             "masked": var_obj.get('masked'),
             "protected": var_obj.get('protected'),
+            "raw": var_obj.get('raw'),
             "variable_type": var_obj.get('variable_type'),
         }
         if var_obj.get('environment_scope') is not None:
@@ -267,6 +308,8 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
         item['value'] = str(item.get('value'))
         if item.get('protected') is None:
             item['protected'] = False
+        if item.get('raw') is None:
+            item['raw'] = False
         if item.get('masked') is None:
             item['masked'] = False
         if item.get('environment_scope') is None:
@@ -338,11 +381,14 @@ def main():
         group=dict(type='str', required=True),
         purge=dict(type='bool', required=False, default=False),
         vars=dict(type='dict', required=False, default=dict(), no_log=True),
+        # please mind whenever changing the variables dict to also change module_utils/gitlab.py's
+        # KNOWN dict in filter_returned_variables or bad evil will happen
         variables=dict(type='list', elements='dict', required=False, default=list(), options=dict(
             name=dict(type='str', required=True),
             value=dict(type='str', no_log=True),
             masked=dict(type='bool', default=False),
             protected=dict(type='bool', default=False),
+            raw=dict(type='bool', default=False),
             environment_scope=dict(type='str', default='*'),
             variable_type=dict(type='str', default='env_var', choices=["env_var", "file"])
         )),

plugins/modules/gitlab_instance_variable.py

@@ -67,17 +67,17 @@ options:
         type: str
       masked:
         description:
-          - Wether variable value is masked or not.
+          - Whether variable value is masked or not.
         type: bool
         default: false
       protected:
         description:
-          - Wether variable value is protected or not.
+          - Whether variable value is protected or not.
         type: bool
         default: false
       variable_type:
         description:
-          - Wether a variable is an environment variable (V(env_var)) or a file (V(file)).
+          - Whether a variable is an environment variable (V(env_var)) or a file (V(file)).
         type: str
         choices: [ "env_var", "file" ]
         default: env_var

plugins/modules/gitlab_merge_request.py

@@ -70,7 +70,7 @@ options:
   description:
     description:
       - A description for the merge request.
-      - Gets overriden by a content of file specified at O(description_path), if found.
+      - Gets overridden by a content of file specified at O(description_path), if found.
     type: str
   description_path:
     description:

plugins/modules/gitlab_project_members.py

@@ -282,10 +282,10 @@ def main():
     ensure_gitlab_package(module)
 
     access_level_int = {
-        'guest': gitlab.GUEST_ACCESS,
-        'reporter': gitlab.REPORTER_ACCESS,
-        'developer': gitlab.DEVELOPER_ACCESS,
-        'maintainer': gitlab.MAINTAINER_ACCESS,
+        'guest': gitlab.const.GUEST_ACCESS,
+        'reporter': gitlab.const.REPORTER_ACCESS,
+        'developer': gitlab.const.DEVELOPER_ACCESS,
+        'maintainer': gitlab.const.MAINTAINER_ACCESS,
     }
 
     gitlab_project = module.params['project']

plugins/modules/gitlab_project_variable.py

@@ -51,11 +51,12 @@ options:
     type: bool
   vars:
     description:
-      - When the list element is a simple key-value pair, masked and protected will be set to false.
-      - When the list element is a dict with the keys C(value), C(masked) and C(protected), the user can
-        have full control about whether a value should be masked, protected or both.
+      - When the list element is a simple key-value pair, masked, raw and protected will be set to false.
+      - When the list element is a dict with the keys C(value), C(masked), C(raw) and C(protected), the user can
+        have full control about whether a value should be masked, raw, protected or both.
       - Support for protected values requires GitLab >= 9.3.
       - Support for masked values requires GitLab >= 11.10.
+      - Support for raw values requires GitLab >= 15.7.
       - Support for environment_scope requires GitLab Premium >= 13.11.
       - Support for variable_type requires GitLab >= 11.11.
       - A C(value) must be a string or a number.
@@ -86,19 +87,26 @@ options:
         type: str
       masked:
         description:
-          - Wether variable value is masked or not.
+          - Whether variable value is masked or not.
           - Support for masked values requires GitLab >= 11.10.
         type: bool
         default: false
       protected:
         description:
-          - Wether variable value is protected or not.
+          - Whether variable value is protected or not.
           - Support for protected values requires GitLab >= 9.3.
         type: bool
         default: false
+      raw:
+        description:
+          - Whether variable value is raw or not.
+          - Support for raw values requires GitLab >= 15.7.
+        type: bool
+        default: false
+        version_added: '7.4.0'
       variable_type:
         description:
-          - Wether a variable is an environment variable (V(env_var)) or a file (V(file)).
+          - Whether a variable is an environment variable (V(env_var)) or a file (V(file)).
           - Support for O(variables[].variable_type) requires GitLab >= 11.11.
         type: str
         choices: ["env_var", "file"]
@@ -143,6 +151,38 @@ EXAMPLES = '''
         variable_type: env_var
         environment_scope: '*'
 
+- name: Set or update some CI/CD variables with raw value
+  community.general.gitlab_project_variable:
+    api_url: https://gitlab.com
+    api_token: secret_access_token
+    project: markuman/dotfiles
+    purge: false
+    vars:
+      ACCESS_KEY_ID: abc123
+      SECRET_ACCESS_KEY:
+        value: 3214cbad
+        masked: true
+        protected: true
+        raw: true
+        variable_type: env_var
+        environment_scope: '*'
+
+- name: Set or update some CI/CD variables with expandable value
+  community.general.gitlab_project_variable:
+    api_url: https://gitlab.com
+    api_token: secret_access_token
+    project: markuman/dotfiles
+    purge: false
+    vars:
+      ACCESS_KEY_ID: abc123
+      SECRET_ACCESS_KEY:
+        value: '$MY_OTHER_VARIABLE'
+        masked: true
+        protected: true
+        raw: false
+        variable_type: env_var
+        environment_scope: '*'
+
 - name: Delete one variable
   community.general.gitlab_project_variable:
     api_url: https://gitlab.com
@@ -220,6 +260,7 @@ class GitlabProjectVariables(object):
             "value": var_obj.get('value'),
             "masked": var_obj.get('masked'),
             "protected": var_obj.get('protected'),
+            "raw": var_obj.get('raw'),
             "variable_type": var_obj.get('variable_type'),
         }
 
@@ -290,6 +331,8 @@ def native_python_main(this_gitlab, purge, requested_variables, state, module):
         item['value'] = str(item.get('value'))
         if item.get('protected') is None:
             item['protected'] = False
+        if item.get('raw') is None:
+            item['raw'] = False
         if item.get('masked') is None:
             item['masked'] = False
         if item.get('environment_scope') is None:
@@ -361,11 +404,14 @@ def main():
         project=dict(type='str', required=True),
         purge=dict(type='bool', required=False, default=False),
         vars=dict(type='dict', required=False, default=dict(), no_log=True),
+        # please mind whenever changing the variables dict to also change module_utils/gitlab.py's
+        # KNOWN dict in filter_returned_variables or bad evil will happen
         variables=dict(type='list', elements='dict', required=False, default=list(), options=dict(
             name=dict(type='str', required=True),
             value=dict(type='str', no_log=True),
             masked=dict(type='bool', default=False),
             protected=dict(type='bool', default=False),
+            raw=dict(type='bool', default=False),
             environment_scope=dict(type='str', default='*'),
             variable_type=dict(type='str', default='env_var', choices=["env_var", "file"]),
         )),