Release 8.6.11.

[PR #10248/cb26c50d backport][stable-8] [stable-9] docs: add notes that dnf_* modules do not work with dnf5 (#10238 ) (#10249 )
[stable-9] docs: add notes that dnf_* modules do not work with dnf5 (#10238) (#10248) docs: add notes that dnf_* modules do not work with dnf5 (#10238) * Add notes that dnf_* modules do not work with dnf5. * Apply suggestions from code review. --------- (cherry picked from commit 1956815884) (cherry picked from commit cb26c50d65) Co-authored-by: Felix Fontein <felix@fontein.de> Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2026-04-30 10:26:52 +00:00 · 2025-06-15 12:58:02 +02:00 · 2025-06-15 12:07:31 +02:00 · 2025-05-24 21:31:27 +02:00 · 2025-05-14 07:34:39 +02:00 · 2025-05-04 14:02:27 +02:00
276 changed files with 7432 additions and 2806 deletions
--- a/.azure-pipelines/azure-pipelines.yml
+++ b/.azure-pipelines/azure-pipelines.yml
@@ -29,22 +29,20 @@ schedules:
    always: true
    branches:
      include:
-        - stable-8
-        - stable-7
+        - stable-10
+        - stable-9
  - cron: 0 11 * * 0
    displayName: Weekly (old stable branches)
    always: true
    branches:
      include:
-        - stable-6
+        - stable-8

 variables:
  - name: checkoutPath
    value: ansible_collections/community/general
  - name: coverageBranches
    value: main
-  - name: pipelinesCoverage
-    value: coverage
  - name: entryPoint
    value: tests/utils/shippable/shippable.sh
  - name: fetchDepth
@@ -53,26 +51,39 @@ variables:
 resources:
  containers:
    - container: default
-      image: quay.io/ansible/azure-pipelines-test-container:4.0.1
+      image: quay.io/ansible/azure-pipelines-test-container:6.0.0

 pool: Standard

 stages:
 ### Sanity
-  - stage: Sanity_devel
-    displayName: Sanity devel
+  - stage: Sanity_2_18
+    displayName: Sanity 2.18
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          nameFormat: Test {0}
-          testFormat: devel/sanity/{0}
+          testFormat: 2.18/sanity/{0}
          targets:
            - test: 1
            - test: 2
            - test: 3
            - test: 4
            - test: extra
+  - stage: Sanity_2_17
+    displayName: Sanity 2.17
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Test {0}
+          testFormat: 2.17/sanity/{0}
+          targets:
+            - test: 1
+            - test: 2
+            - test: 3
+            - test: 4
  - stage: Sanity_2_16
    displayName: Sanity 2.16
    dependsOn: []
@@ -86,48 +97,33 @@ stages:
            - test: 2
            - test: 3
            - test: 4
-  - stage: Sanity_2_15
-    displayName: Sanity 2.15
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Test {0}
-          testFormat: 2.15/sanity/{0}
-          targets:
-            - test: 1
-            - test: 2
-            - test: 3
-            - test: 4
-  - stage: Sanity_2_14
-    displayName: Sanity 2.14
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Test {0}
-          testFormat: 2.14/sanity/{0}
-          targets:
-            - test: 1
-            - test: 2
-            - test: 3
-            - test: 4
 ### Units
-  - stage: Units_devel
-    displayName: Units devel
+  - stage: Units_2_18
+    displayName: Units 2.18
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          nameFormat: Python {0}
-          testFormat: devel/units/{0}/1
+          testFormat: 2.18/units/{0}/1
          targets:
-            - test: 3.7
            - test: 3.8
            - test: 3.9
            - test: '3.10'
            - test: '3.11'
            - test: '3.12'
+            - test: '3.13'
+  - stage: Units_2_17
+    displayName: Units 2.17
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          nameFormat: Python {0}
+          testFormat: 2.17/units/{0}/1
+          targets:
+            - test: 3.7
+            - test: "3.12"
  - stage: Units_2_16
    displayName: Units 2.16
    dependsOn: []
@@ -140,61 +136,56 @@ stages:
            - test: 2.7
            - test: 3.6
            - test: "3.11"
-  - stage: Units_2_15
-    displayName: Units 2.15
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.15/units/{0}/1
-          targets:
-            - test: 3.5
-            - test: "3.10"
-  - stage: Units_2_14
-    displayName: Units 2.14
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.14/units/{0}/1
-          targets:
-            - test: 3.9

 ## Remote
-  - stage: Remote_devel_extra_vms
-    displayName: Remote devel extra VMs
+  - stage: Remote_2_18_extra_vms
+    displayName: Remote 2.18 extra VMs
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
-          testFormat: devel/{0}
+          testFormat: 2.18/{0}
          targets:
-            - name: Alpine 3.19
-              test: alpine/3.19
-            # - name: Fedora 39
-            #   test: fedora/39
+            - name: Alpine 3.20
+              test: alpine/3.20
+            # - name: Fedora 40
+            #   test: fedora/40
            - name: Ubuntu 22.04
              test: ubuntu/22.04
+            - name: Ubuntu 24.04
+              test: ubuntu/24.04
          groups:
            - vm
-  - stage: Remote_devel
-    displayName: Remote devel
+  - stage: Remote_2_18
+    displayName: Remote 2.18
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
-          testFormat: devel/{0}
+          testFormat: 2.18/{0}
          targets:
            - name: macOS 14.3
              test: macos/14.3
-            - name: RHEL 9.3
-              test: rhel/9.3
+            - name: RHEL 9.4
+              test: rhel/9.4
+            - name: FreeBSD 14.1
+              test: freebsd/14.1
+          groups:
+            - 1
+            - 2
+            - 3
+  - stage: Remote_2_17
+    displayName: Remote 2.17
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.17/{0}
+          targets:
            - name: FreeBSD 13.3
              test: freebsd/13.3
-            - name: FreeBSD 14.0
-              test: freebsd/14.0
+            - name: RHEL 9.3
+              test: rhel/9.3
          groups:
            - 1
            - 2
@@ -213,70 +204,50 @@ stages:
              test: rhel/9.2
            - name: RHEL 8.8
              test: rhel/8.8
-            - name: FreeBSD 13.2
-              test: freebsd/13.2
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Remote_2_15
-    displayName: Remote 2.15
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.15/{0}
-          targets:
-            - name: RHEL 9.1
-              test: rhel/9.1
-            - name: RHEL 8.7
-              test: rhel/8.7
            - name: RHEL 7.9
              test: rhel/7.9
-            # - name: FreeBSD 13.1
-            #   test: freebsd/13.1
-            # - name: FreeBSD 12.4
-            #   test: freebsd/12.4
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Remote_2_14
-    displayName: Remote 2.14
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.14/{0}
-          targets:
-            #- name: macOS 12.0
-            #  test: macos/12.0
-            - name: RHEL 9.0
-              test: rhel/9.0
-            #- name: FreeBSD 12.4
-            #  test: freebsd/12.4
+            # - name: FreeBSD 13.2
+            #   test: freebsd/13.2
          groups:
            - 1
            - 2
            - 3

 ### Docker
-  - stage: Docker_devel
-    displayName: Docker devel
+  - stage: Docker_2_18
+    displayName: Docker 2.18
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
-          testFormat: devel/linux/{0}
+          testFormat: 2.18/linux/{0}
+          targets:
+            - name: Fedora 40
+              test: fedora40
+            - name: Alpine 3.20
+              test: alpine320
+            - name: Ubuntu 22.04
+              test: ubuntu2204
+            - name: Ubuntu 24.04
+              test: ubuntu2404
+          groups:
+            - 1
+            - 2
+            - 3
+  - stage: Docker_2_17
+    displayName: Docker 2.17
+    dependsOn: []
+    jobs:
+      - template: templates/matrix.yml
+        parameters:
+          testFormat: 2.17/linux/{0}
          targets:
            - name: Fedora 39
              test: fedora39
-            - name: Ubuntu 20.04
-              test: ubuntu2004
-            - name: Ubuntu 22.04
-              test: ubuntu2204
            - name: Alpine 3.19
              test: alpine319
+            - name: Ubuntu 20.04
+              test: ubuntu2004
          groups:
            - 1
            - 2
@@ -295,131 +266,91 @@ stages:
              test: opensuse15
            - name: Alpine 3
              test: alpine3
-          groups:
-            - 1
-            - 2
-            - 3
-  - stage: Docker_2_15
-    displayName: Docker 2.15
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.15/linux/{0}
-          targets:
-            - name: Fedora 37
-              test: fedora37
            - name: CentOS 7
              test: centos7
          groups:
            - 1
            - 2
            - 3
-  - stage: Docker_2_14
-    displayName: Docker 2.14
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          testFormat: 2.14/linux/{0}
-          targets:
-            - name: Alpine 3
-              test: alpine3
-          groups:
-            - 1
-            - 2
-            - 3

 ### Community Docker
-  - stage: Docker_community_devel
-    displayName: Docker (community images) devel
+  - stage: Docker_community_2_18
+    displayName: Docker (community images) 2.18
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
-          testFormat: devel/linux-community/{0}
+          testFormat: 2.18/linux-community/{0}
          targets:
            - name: Debian Bullseye
              test: debian-bullseye/3.9
            - name: Debian Bookworm
              test: debian-bookworm/3.11
            - name: ArchLinux
-              test: archlinux/3.11
+              test: archlinux/3.13
          groups:
            - 1
            - 2
            - 3

 ### Generic
-  - stage: Generic_devel
-    displayName: Generic devel
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: devel/generic/{0}/1
-          targets:
-            - test: '3.7'
-            - test: '3.12'
-  - stage: Generic_2_16
-    displayName: Generic 2.16
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.16/generic/{0}/1
-          targets:
-            - test: '2.7'
-            - test: '3.6'
-            - test: '3.11'
-  - stage: Generic_2_15
-    displayName: Generic 2.15
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.15/generic/{0}/1
-          targets:
-            - test: '3.9'
-  - stage: Generic_2_14
-    displayName: Generic 2.14
-    dependsOn: []
-    jobs:
-      - template: templates/matrix.yml
-        parameters:
-          nameFormat: Python {0}
-          testFormat: 2.14/generic/{0}/1
-          targets:
-            - test: '3.10'
+# Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
+#  - stage: Generic_2_18
+#    displayName: Generic 2.18
+#    dependsOn: []
+#    jobs:
+#      - template: templates/matrix.yml
+#        parameters:
+#          nameFormat: Python {0}
+#          testFormat: 2.18/generic/{0}/1
+#          targets:
+#            - test: '3.8'
+#            - test: '3.11'
+#            - test: '3.13'
+#  - stage: Generic_2_17
+#    displayName: Generic 2.17
+#    dependsOn: []
+#    jobs:
+#      - template: templates/matrix.yml
+#        parameters:
+#          nameFormat: Python {0}
+#          testFormat: 2.17/generic/{0}/1
+#          targets:
+#            - test: '3.7'
+#            - test: '3.12'
+#  - stage: Generic_2_16
+#    displayName: Generic 2.16
+#    dependsOn: []
+#    jobs:
+#      - template: templates/matrix.yml
+#        parameters:
+#          nameFormat: Python {0}
+#          testFormat: 2.16/generic/{0}/1
+#          targets:
+#            - test: '2.7'
+#            - test: '3.6'
+#            - test: '3.11'

  - stage: Summary
    condition: succeededOrFailed()
    dependsOn:
-      - Sanity_devel
+      - Sanity_2_18
+      - Sanity_2_17
      - Sanity_2_16
-      - Sanity_2_15
-      - Sanity_2_14
-      - Units_devel
+      - Units_2_18
+      - Units_2_17
      - Units_2_16
-      - Units_2_15
-      - Units_2_14
-      - Remote_devel_extra_vms
-      - Remote_devel
+      - Remote_2_18_extra_vms
+      - Remote_2_18
+      - Remote_2_17
      - Remote_2_16
-      - Remote_2_15
-      - Remote_2_14
-      - Docker_devel
+      - Docker_2_18
+      - Docker_2_17
      - Docker_2_16
-      - Docker_2_15
-      - Docker_2_14
-      - Docker_community_devel
+      - Docker_community_2_18
 # Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
-#      - Generic_devel
+#      - Generic_2_18
+#      - Generic_2_17
 #      - Generic_2_16
-#      - Generic_2_15
-#      - Generic_2_14
    jobs:
      - template: templates/coverage.yml
--- a/.azure-pipelines/templates/coverage.yml
+++ b/.azure-pipelines/templates/coverage.yml
@@ -28,16 +28,6 @@ jobs:
      - bash: .azure-pipelines/scripts/report-coverage.sh
        displayName: Generate Coverage Report
        condition: gt(variables.coverageFileCount, 0)
-      - task: PublishCodeCoverageResults@1
-        inputs:
-          codeCoverageTool: Cobertura
-          # Azure Pipelines only accepts a single coverage data file.
-          # That means only Python or PowerShell coverage can be uploaded, but not both.
-          # Set the "pipelinesCoverage" variable to determine which type is uploaded.
-          # Use "coverage" for Python and "coverage-powershell" for PowerShell.
-          summaryFileLocation: "$(outputPath)/reports/$(pipelinesCoverage).xml"
-        displayName: Publish to Azure Pipelines
-        condition: gt(variables.coverageFileCount, 0)
      - bash: .azure-pipelines/scripts/publish-codecov.py "$(outputPath)"
        displayName: Publish to codecov.io
        condition: gt(variables.coverageFileCount, 0)
--- a/.github/BOTMETA.yml
+++ b/.github/BOTMETA.yml
@@ -425,7 +425,7 @@ files:
  $modules/bearychat.py:
    maintainers: tonyseek
  $modules/bigpanda.py:
-    maintainers: hkariti
+    ignore: hkariti
  $modules/bitbucket_:
    maintainers: catcombo
  $modules/bower.py:
@@ -780,6 +780,8 @@ files:
    maintainers: laurpaum
  $modules/keycloak_component_info.py:
    maintainers: desand01
+  $modules/keycloak_client_rolescope.py:
+    maintainers: desand01
  $modules/keycloak_user_rolemapping.py:
    maintainers: bratwurzt
  $modules/keycloak_realm_rolemapping.py:
@@ -1360,16 +1362,19 @@ files:
    keywords: sophos utm
    maintainers: $team_e_spirit
  $modules/utm_ca_host_key_cert.py:
-    maintainers: stearz
+    ignore: stearz
+    maintainers: $team_e_spirit
  $modules/utm_ca_host_key_cert_info.py:
-    maintainers: stearz
+    ignore: stearz
+    maintainers: $team_e_spirit
  $modules/utm_network_interface_address.py:
    maintainers: steamx
  $modules/utm_network_interface_address_info.py:
    maintainers: steamx
  $modules/utm_proxy_auth_profile.py:
    keywords: sophos utm
-    maintainers: $team_e_spirit stearz
+    ignore: stearz
+    maintainers: $team_e_spirit
  $modules/utm_proxy_exception.py:
    keywords: sophos utm
    maintainers: $team_e_spirit RickS-C137
@@ -1445,6 +1450,8 @@ files:
    ignore: matze
    labels: zypper
    maintainers: $team_suse
+  $plugin_utils/unsafe.py:
+    maintainers: felixfontein
  $tests/a_module.py:
    maintainers: felixfontein
  $tests/fqdn_valid.py:
@@ -1501,7 +1508,6 @@ macros:
  becomes: plugins/become
  caches: plugins/cache
  callbacks: plugins/callback
-  cliconfs: plugins/cliconf
  connections: plugins/connection
  doc_fragments: plugins/doc_fragments
  filters: plugins/filter
@@ -1509,7 +1515,7 @@ macros:
  lookups: plugins/lookup
  module_utils: plugins/module_utils
  modules: plugins/modules
-  terminals: plugins/terminal
+  plugin_utils: plugins/plugin_utils
  tests: plugins/test
  team_ansible_core:
  team_aix: MorrisA bcoca d-little flynn1973 gforster kairoaraujo marvin-sinister mator molekuul ramooncamacho wtcross
@@ -1536,6 +1542,6 @@ macros:
  team_rhsm: cnsnyder ptoscano
  team_scaleway: remyleone abarbare
  team_solaris: bcoca fishman jasperla jpdasma mator scathatheworm troy2914 xen0l
-  team_suse: commel evrardjp lrupp toabctl AnderEnder alxgu andytom sealor
+  team_suse: commel evrardjp lrupp AnderEnder alxgu andytom sealor
  team_virt: joshainglis karmab Thulium-Drake Ajpantuso
  team_wdc: mikemoerk
--- a/.github/workflows/ansible-test.yml
+++ b/.github/workflows/ansible-test.yml
@@ -30,6 +30,8 @@ jobs:
      matrix:
        ansible:
          - '2.13'
+          - '2.14'
+          - '2.15'
    # Ansible-test on various stable branches does not yet work well with cgroups v2.
    # Since ubuntu-latest now uses Ubuntu 22.04, we need to fall back to the ubuntu-20.04
    # image for these stable branches. The list of branches where this is necessary will
@@ -41,6 +43,7 @@ jobs:
        uses: felixfontein/ansible-test-gh-action@main
        with:
          ansible-core-version: stable-${{ matrix.ansible }}
+          codecov-token: ${{ secrets.CODECOV_TOKEN }}
          coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
          pull-request-change-detection: 'true'
          testing-type: sanity
@@ -72,6 +75,12 @@ jobs:
            python: '2.7'
          - ansible: '2.13'
            python: '3.8'
+          - ansible: '2.14'
+            python: '3.9'
+          - ansible: '2.15'
+            python: '3.5'
+          - ansible: '2.15'
+            python: '3.10'

    steps:
      - name: >-
@@ -80,6 +89,7 @@ jobs:
        uses: felixfontein/ansible-test-gh-action@main
        with:
          ansible-core-version: stable-${{ matrix.ansible }}
+          codecov-token: ${{ secrets.CODECOV_TOKEN }}
          coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
          pre-test-cmd: >-
            mkdir -p ../../ansible
@@ -148,11 +158,45 @@ jobs:
            docker: alpine3
            python: ''
            target: azp/posix/3/
+          # 2.14
+          - ansible: '2.14'
+            docker: alpine3
+            python: ''
+            target: azp/posix/1/
+          - ansible: '2.14'
+            docker: alpine3
+            python: ''
+            target: azp/posix/2/
+          - ansible: '2.14'
+            docker: alpine3
+            python: ''
+            target: azp/posix/3/
+          # 2.15
+          - ansible: '2.15'
+            docker: fedora37
+            python: ''
+            target: azp/posix/1/
+          - ansible: '2.15'
+            docker: fedora37
+            python: ''
+            target: azp/posix/2/
+          - ansible: '2.15'
+            docker: fedora37
+            python: ''
+            target: azp/posix/3/
          # Right now all generic tests are disabled. Uncomment when at least one of them is re-enabled.
          # - ansible: '2.13'
          #   docker: default
          #   python: '3.9'
          #   target: azp/generic/1/
+          # - ansible: '2.14'
+          #   docker: default
+          #   python: '3.10'
+          #   target: azp/generic/1/
+          # - ansible: '2.15'
+          #   docker: default
+          #   python: '3.9'
+          #   target: azp/generic/1/

    steps:
      - name: >-
@@ -162,17 +206,19 @@ jobs:
        uses: felixfontein/ansible-test-gh-action@main
        with:
          ansible-core-version: stable-${{ matrix.ansible }}
+          codecov-token: ${{ secrets.CODECOV_TOKEN }}
          coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }}
          docker-image: ${{ matrix.docker }}
          integration-continue-on-error: 'false'
          integration-diff: 'false'
          integration-retry-on-error: 'true'
+          # TODO: remove "--branch stable-2" from community.crypto install once we're only using ansible-core 2.17 or newer!
          pre-test-cmd: >-
            mkdir -p ../../ansible
            ;
            git clone --depth=1 --single-branch https://github.com/ansible-collections/ansible.posix.git ../../ansible/posix
            ;
-            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.crypto.git ../../community/crypto
+            git clone --depth=1 --single-branch --branch stable-2 https://github.com/ansible-collections/community.crypto.git ../../community/crypto
            ;
            git clone --depth=1 --single-branch https://github.com/ansible-collections/community.internal_test_tools.git ../../community/internal_test_tools
          pull-request-change-detection: 'true'
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -25,6 +25,8 @@ jobs:
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4
+      with:
+        persist-credentials: false

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@@ -7,10 +7,14 @@ name: Verify REUSE

 on:
  push:
-    branches: [main]
-  pull_request_target:
+    branches:
+      - main
+      - stable-*
+  pull_request:
    types: [opened, synchronize, reopened]
-    branches: [main]
+    branches:
+      - main
+      - stable-*
  # Run CI once per day (at 07:30 UTC)
  schedule:
    - cron: '30 7 * * *'
@@ -24,7 +28,8 @@ jobs:
    steps:
      - uses: actions/checkout@v4
        with:
+          persist-credentials: false
          ref: ${{ github.event.pull_request.head.sha || '' }}

      - name: REUSE Compliance Check
-        uses: fsfe/reuse-action@v3
+        uses: fsfe/reuse-action@v5
--- a/.reuse/dep5
+++ b/.reuse/dep5
@@ -1,5 +0,0 @@
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-
-Files: changelogs/fragments/*
-Copyright: Ansible Project
-License: GPL-3.0-or-later
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,73 +2,379 @@

 **Topics**

- <a href="#v8-5-0">v8\.5\.0</a>
+- <a href="#v8-6-11">v8\.6\.11</a>
    - <a href="#release-summary">Release Summary</a>
-    - <a href="#minor-changes">Minor Changes</a>
-    - <a href="#security-fixes">Security Fixes</a>
-    - <a href="#bugfixes">Bugfixes</a>
-    - <a href="#new-modules">New Modules</a>
- <a href="#v8-4-0">v8\.4\.0</a>
+- <a href="#v8-6-10">v8\.6\.10</a>
    - <a href="#release-summary-1">Release Summary</a>
-    - <a href="#minor-changes-1">Minor Changes</a>
+    - <a href="#security-fixes">Security Fixes</a>
+- <a href="#v8-6-9">v8\.6\.9</a>
+    - <a href="#release-summary-2">Release Summary</a>
+    - <a href="#security-fixes-1">Security Fixes</a>
+- <a href="#v8-6-8">v8\.6\.8</a>
+    - <a href="#release-summary-3">Release Summary</a>
+    - <a href="#bugfixes">Bugfixes</a>
+- <a href="#v8-6-7">v8\.6\.7</a>
+    - <a href="#release-summary-4">Release Summary</a>
    - <a href="#bugfixes-1">Bugfixes</a>
+- <a href="#v8-6-6">v8\.6\.6</a>
+    - <a href="#release-summary-5">Release Summary</a>
+    - <a href="#minor-changes">Minor Changes</a>
+    - <a href="#bugfixes-2">Bugfixes</a>
+- <a href="#v8-6-5">v8\.6\.5</a>
+    - <a href="#release-summary-6">Release Summary</a>
+    - <a href="#bugfixes-3">Bugfixes</a>
+- <a href="#v8-6-4">v8\.6\.4</a>
+    - <a href="#release-summary-7">Release Summary</a>
+    - <a href="#minor-changes-1">Minor Changes</a>
+    - <a href="#bugfixes-4">Bugfixes</a>
+- <a href="#v8-6-3">v8\.6\.3</a>
+    - <a href="#release-summary-8">Release Summary</a>
+    - <a href="#minor-changes-2">Minor Changes</a>
+    - <a href="#bugfixes-5">Bugfixes</a>
+- <a href="#v8-6-2">v8\.6\.2</a>
+    - <a href="#release-summary-9">Release Summary</a>
+    - <a href="#bugfixes-6">Bugfixes</a>
+    - <a href="#known-issues">Known Issues</a>
+- <a href="#v8-6-1">v8\.6\.1</a>
+    - <a href="#release-summary-10">Release Summary</a>
+    - <a href="#security-fixes-2">Security Fixes</a>
+    - <a href="#bugfixes-7">Bugfixes</a>
+- <a href="#v8-6-0">v8\.6\.0</a>
+    - <a href="#release-summary-11">Release Summary</a>
+    - <a href="#minor-changes-3">Minor Changes</a>
+    - <a href="#deprecated-features">Deprecated Features</a>
+    - <a href="#bugfixes-8">Bugfixes</a>
+    - <a href="#new-modules">New Modules</a>
+- <a href="#v8-5-0">v8\.5\.0</a>
+    - <a href="#release-summary-12">Release Summary</a>
+    - <a href="#minor-changes-4">Minor Changes</a>
+    - <a href="#security-fixes-3">Security Fixes</a>
+    - <a href="#bugfixes-9">Bugfixes</a>
+    - <a href="#new-modules-1">New Modules</a>
+- <a href="#v8-4-0">v8\.4\.0</a>
+    - <a href="#release-summary-13">Release Summary</a>
+    - <a href="#minor-changes-5">Minor Changes</a>
+    - <a href="#bugfixes-10">Bugfixes</a>
    - <a href="#new-plugins">New Plugins</a>
        - <a href="#callback">Callback</a>
        - <a href="#filter">Filter</a>
-    - <a href="#new-modules-1">New Modules</a>
- <a href="#v8-3-0">v8\.3\.0</a>
-    - <a href="#release-summary-2">Release Summary</a>
-    - <a href="#minor-changes-2">Minor Changes</a>
-    - <a href="#deprecated-features">Deprecated Features</a>
-    - <a href="#bugfixes-2">Bugfixes</a>
    - <a href="#new-modules-2">New Modules</a>
+- <a href="#v8-3-0">v8\.3\.0</a>
+    - <a href="#release-summary-14">Release Summary</a>
+    - <a href="#minor-changes-6">Minor Changes</a>
+    - <a href="#deprecated-features-1">Deprecated Features</a>
+    - <a href="#bugfixes-11">Bugfixes</a>
+    - <a href="#new-modules-3">New Modules</a>
 - <a href="#v8-2-0">v8\.2\.0</a>
-    - <a href="#release-summary-3">Release Summary</a>
-    - <a href="#minor-changes-3">Minor Changes</a>
-    - <a href="#bugfixes-3">Bugfixes</a>
+    - <a href="#release-summary-15">Release Summary</a>
+    - <a href="#minor-changes-7">Minor Changes</a>
+    - <a href="#bugfixes-12">Bugfixes</a>
    - <a href="#new-plugins-1">New Plugins</a>
        - <a href="#connection">Connection</a>
        - <a href="#filter-1">Filter</a>
        - <a href="#lookup">Lookup</a>
-    - <a href="#new-modules-3">New Modules</a>
+    - <a href="#new-modules-4">New Modules</a>
 - <a href="#v8-1-0">v8\.1\.0</a>
-    - <a href="#release-summary-4">Release Summary</a>
-    - <a href="#minor-changes-4">Minor Changes</a>
-    - <a href="#bugfixes-4">Bugfixes</a>
+    - <a href="#release-summary-16">Release Summary</a>
+    - <a href="#minor-changes-8">Minor Changes</a>
+    - <a href="#bugfixes-13">Bugfixes</a>
    - <a href="#new-plugins-2">New Plugins</a>
        - <a href="#lookup-1">Lookup</a>
        - <a href="#test">Test</a>
-    - <a href="#new-modules-4">New Modules</a>
+    - <a href="#new-modules-5">New Modules</a>
 - <a href="#v8-0-2">v8\.0\.2</a>
-    - <a href="#release-summary-5">Release Summary</a>
-    - <a href="#bugfixes-5">Bugfixes</a>
+    - <a href="#release-summary-17">Release Summary</a>
+    - <a href="#bugfixes-14">Bugfixes</a>
 - <a href="#v8-0-1">v8\.0\.1</a>
-    - <a href="#release-summary-6">Release Summary</a>
-    - <a href="#bugfixes-6">Bugfixes</a>
+    - <a href="#release-summary-18">Release Summary</a>
+    - <a href="#bugfixes-15">Bugfixes</a>
 - <a href="#v8-0-0">v8\.0\.0</a>
-    - <a href="#release-summary-7">Release Summary</a>
-    - <a href="#minor-changes-5">Minor Changes</a>
+    - <a href="#release-summary-19">Release Summary</a>
+    - <a href="#minor-changes-9">Minor Changes</a>
    - <a href="#breaking-changes--porting-guide">Breaking Changes / Porting Guide</a>
-    - <a href="#deprecated-features-1">Deprecated Features</a>
+    - <a href="#deprecated-features-2">Deprecated Features</a>
    - <a href="#removed-features-previously-deprecated">Removed Features \(previously deprecated\)</a>
-    - <a href="#bugfixes-7">Bugfixes</a>
-    - <a href="#known-issues">Known Issues</a>
+    - <a href="#bugfixes-16">Bugfixes</a>
+    - <a href="#known-issues-1">Known Issues</a>
    - <a href="#new-plugins-3">New Plugins</a>
        - <a href="#lookup-2">Lookup</a>
-    - <a href="#new-modules-5">New Modules</a>
+    - <a href="#new-modules-6">New Modules</a>
 This changelog describes changes after version 7\.0\.0\.

-<a id="v8-5-0"></a>
-## v8\.5\.0
+<a id="v8-6-11"></a>
+## v8\.6\.11

 <a id="release-summary"></a>
 ### Release Summary

-Regular feature and bugfix release with security fixes\.
+Maintenance release\.
+
+This is the last 8\.x\.y release\. The 8\.x\.y release train is now effectively End of Life\.
+
+Thanks to everyone who contributed to the community\.general 8\.x\.y releases\!
+
+<a id="v8-6-10"></a>
+## v8\.6\.10
+
+<a id="release-summary-1"></a>
+### Release Summary
+
+Maintenance release with a security fix\.
+
+<a id="security-fixes"></a>
+### Security Fixes
+
+* keycloak\_client \- Sanitize <code>saml\.encryption\.private\.key</code> so it does not show in the logs \([https\://github\.com/ansible\-collections/community\.general/pull/9621](https\://github\.com/ansible\-collections/community\.general/pull/9621)\)\.
+
+<a id="v8-6-9"></a>
+## v8\.6\.9
+
+<a id="release-summary-2"></a>
+### Release Summary
+
+Maintenance release with a security fix\.
+
+<a id="security-fixes-1"></a>
+### Security Fixes
+
+* keycloak\_authentication \- API calls did not properly set the <code>priority</code> during update resulting in incorrectly sorted authentication flows\. This apparently only affects Keycloak 25 or newer \([https\://github\.com/ansible\-collections/community\.general/pull/9263](https\://github\.com/ansible\-collections/community\.general/pull/9263)\)\.
+
+<a id="v8-6-8"></a>
+## v8\.6\.8
+
+<a id="release-summary-3"></a>
+### Release Summary
+
+Maintenance release for inclusion in Ansible 9\.13\.0\.
+
+<a id="bugfixes"></a>
+### Bugfixes
+
+* github\_key \- in check mode\, a faulty call to <code>\`datetime\.strftime\(\.\.\.\)\`</code> was being made which generated an exception \([https\://github\.com/ansible\-collections/community\.general/issues/9185](https\://github\.com/ansible\-collections/community\.general/issues/9185)\)\.
+
+<a id="v8-6-7"></a>
+## v8\.6\.7
+
+<a id="release-summary-4"></a>
+### Release Summary
+
+Bugfix release\.
+
+<a id="bugfixes-1"></a>
+### Bugfixes
+
+* collection\_version lookup plugin \- use <code>importlib</code> directly instead of the deprecated and in ansible\-core 2\.19 removed <code>ansible\.module\_utils\.compat\.importlib</code> \([https\://github\.com/ansible\-collections/community\.general/pull/9084](https\://github\.com/ansible\-collections/community\.general/pull/9084)\)\.
+* modprobe \- fix check mode not being honored for <code>persistent</code> option \([https\://github\.com/ansible\-collections/community\.general/issues/9051](https\://github\.com/ansible\-collections/community\.general/issues/9051)\, [https\://github\.com/ansible\-collections/community\.general/pull/9052](https\://github\.com/ansible\-collections/community\.general/pull/9052)\)\.
+
+<a id="v8-6-6"></a>
+## v8\.6\.6
+
+<a id="release-summary-5"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+Note that this is the last regular bugfix release of community\.general 8\.x\.y\.
+From now on\, there will only be maintenance releases with major bugfixes and
+security fixes\.

 <a id="minor-changes"></a>
 ### Minor Changes

+* redfish\_confg \- remove <code>CapacityBytes</code> from required paramaters of the <code>CreateVolume</code> command \([https\://github\.com/ansible\-collections/community\.general/pull/8956](https\://github\.com/ansible\-collections/community\.general/pull/8956)\)\.
+
+<a id="bugfixes-2"></a>
+### Bugfixes
+
+* cloudflare\_dns \- fix changing Cloudflare SRV records \([https\://github\.com/ansible\-collections/community\.general/issues/8679](https\://github\.com/ansible\-collections/community\.general/issues/8679)\, [https\://github\.com/ansible\-collections/community\.general/pull/8948](https\://github\.com/ansible\-collections/community\.general/pull/8948)\)\.
+* dig lookup plugin \- fix using only the last nameserver specified \([https\://github\.com/ansible\-collections/community\.general/pull/8970](https\://github\.com/ansible\-collections/community\.general/pull/8970)\)\.
+* homectl \- the module now tries to use <code>legacycrypt</code> on Python 3\.13\+ \([https\://github\.com/ansible\-collections/community\.general/issues/4691](https\://github\.com/ansible\-collections/community\.general/issues/4691)\, [https\://github\.com/ansible\-collections/community\.general/pull/8987](https\://github\.com/ansible\-collections/community\.general/pull/8987)\)\.
+* ini\_file \- pass absolute paths to <code>module\.atomic\_move\(\)</code> \([https\://github\.com/ansible/ansible/issues/83950](https\://github\.com/ansible/ansible/issues/83950)\, [https\://github\.com/ansible\-collections/community\.general/pull/8925](https\://github\.com/ansible\-collections/community\.general/pull/8925)\)\.
+* ipa\_hostgroup \- fix <code>enabled \`\` and \`\`disabled</code> states \([https\://github\.com/ansible\-collections/community\.general/issues/8408](https\://github\.com/ansible\-collections/community\.general/issues/8408)\, [https\://github\.com/ansible\-collections/community\.general/pull/8900](https\://github\.com/ansible\-collections/community\.general/pull/8900)\)\.
+* java\_keystore \- pass absolute paths to <code>module\.atomic\_move\(\)</code> \([https\://github\.com/ansible/ansible/issues/83950](https\://github\.com/ansible/ansible/issues/83950)\, [https\://github\.com/ansible\-collections/community\.general/pull/8925](https\://github\.com/ansible\-collections/community\.general/pull/8925)\)\.
+* jenkins\_plugin \- pass absolute paths to <code>module\.atomic\_move\(\)</code> \([https\://github\.com/ansible/ansible/issues/83950](https\://github\.com/ansible/ansible/issues/83950)\, [https\://github\.com/ansible\-collections/community\.general/pull/8925](https\://github\.com/ansible\-collections/community\.general/pull/8925)\)\.
+* kdeconfig \- pass absolute paths to <code>module\.atomic\_move\(\)</code> \([https\://github\.com/ansible/ansible/issues/83950](https\://github\.com/ansible/ansible/issues/83950)\, [https\://github\.com/ansible\-collections/community\.general/pull/8925](https\://github\.com/ansible\-collections/community\.general/pull/8925)\)\.
+* keycloak\_realm \- fix change detection in check mode by sorting the lists in the realms beforehand \([https\://github\.com/ansible\-collections/community\.general/pull/8877](https\://github\.com/ansible\-collections/community\.general/pull/8877)\)\.
+* keycloak\_user\_federation \- minimize change detection by setting <code>krbPrincipalAttribute</code> to <code>\'\'</code> in Keycloak responses if missing \([https\://github\.com/ansible\-collections/community\.general/pull/8785](https\://github\.com/ansible\-collections/community\.general/pull/8785)\)\.
+* keycloak\_user\_federation \- remove <code>lastSync</code> parameter from Keycloak responses to minimize diff/changes \([https\://github\.com/ansible\-collections/community\.general/pull/8812](https\://github\.com/ansible\-collections/community\.general/pull/8812)\)\.
+* one\_service \- fix service creation after it was deleted with <code>unique</code> parameter \([https\://github\.com/ansible\-collections/community\.general/issues/3137](https\://github\.com/ansible\-collections/community\.general/issues/3137)\, [https\://github\.com/ansible\-collections/community\.general/pull/8887](https\://github\.com/ansible\-collections/community\.general/pull/8887)\)\.
+* pam\_limits \- pass absolute paths to <code>module\.atomic\_move\(\)</code> \([https\://github\.com/ansible/ansible/issues/83950](https\://github\.com/ansible/ansible/issues/83950)\, [https\://github\.com/ansible\-collections/community\.general/pull/8925](https\://github\.com/ansible\-collections/community\.general/pull/8925)\)\.
+* udm\_user \- the module now tries to use <code>legacycrypt</code> on Python 3\.13\+ \([https\://github\.com/ansible\-collections/community\.general/issues/4690](https\://github\.com/ansible\-collections/community\.general/issues/4690)\, [https\://github\.com/ansible\-collections/community\.general/pull/8987](https\://github\.com/ansible\-collections/community\.general/pull/8987)\)\.
+
+<a id="v8-6-5"></a>
+## v8\.6\.5
+
+<a id="release-summary-6"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="bugfixes-3"></a>
+### Bugfixes
+
+* gitlab\_group\_access\_token \- fix crash in check mode caused by attempted access to a newly created access token \([https\://github\.com/ansible\-collections/community\.general/pull/8796](https\://github\.com/ansible\-collections/community\.general/pull/8796)\)\.
+* gitlab\_project\_access\_token \- fix crash in check mode caused by attempted access to a newly created access token \([https\://github\.com/ansible\-collections/community\.general/pull/8796](https\://github\.com/ansible\-collections/community\.general/pull/8796)\)\.
+* keycloak\_realm\_key \- fix invalid usage of <code>parent\_id</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7850](https\://github\.com/ansible\-collections/community\.general/issues/7850)\, [https\://github\.com/ansible\-collections/community\.general/pull/8823](https\://github\.com/ansible\-collections/community\.general/pull/8823)\)\.
+* keycloak\_user\_federation \- fix key error when removing mappers during an update and new mappers are specified in the module args \([https\://github\.com/ansible\-collections/community\.general/pull/8762](https\://github\.com/ansible\-collections/community\.general/pull/8762)\)\.
+* keycloak\_user\_federation \- fix the <code>UnboundLocalError</code> that occurs when an ID is provided for a user federation mapper \([https\://github\.com/ansible\-collections/community\.general/pull/8831](https\://github\.com/ansible\-collections/community\.general/pull/8831)\)\.
+* keycloak\_user\_federation \- sort desired and after mapper list by name \(analog to before mapper list\) to minimize diff and make change detection more accurate \([https\://github\.com/ansible\-collections/community\.general/pull/8761](https\://github\.com/ansible\-collections/community\.general/pull/8761)\)\.
+* proxmox inventory plugin \- fixed a possible error on concatenating responses from proxmox\. In case an API call unexpectedly returned an empty result\, the inventory failed with a fatal error\. Added check for empty response \([https\://github\.com/ansible\-collections/community\.general/issues/8798](https\://github\.com/ansible\-collections/community\.general/issues/8798)\, [https\://github\.com/ansible\-collections/community\.general/pull/8794](https\://github\.com/ansible\-collections/community\.general/pull/8794)\)\.
+
+<a id="v8-6-4"></a>
+## v8\.6\.4
+
+<a id="release-summary-7"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="minor-changes-1"></a>
+### Minor Changes
+
+* passwordstore lookup plugin \- add the current user to the lockfile file name to address issues on multi\-user systems \([https\://github\.com/ansible\-collections/community\.general/pull/8689](https\://github\.com/ansible\-collections/community\.general/pull/8689)\)\.
+
+<a id="bugfixes-4"></a>
+### Bugfixes
+
+* gitlab\_runner \- fix <code>paused</code> parameter being ignored \([https\://github\.com/ansible\-collections/community\.general/pull/8648](https\://github\.com/ansible\-collections/community\.general/pull/8648)\)\.
+* homebrew\_cask \- fix <code>upgrade\_all</code> returns <code>changed</code> when nothing upgraded \([https\://github\.com/ansible\-collections/community\.general/issues/8707](https\://github\.com/ansible\-collections/community\.general/issues/8707)\, [https\://github\.com/ansible\-collections/community\.general/pull/8708](https\://github\.com/ansible\-collections/community\.general/pull/8708)\)\.
+* keycloak\_user\_federation \- get cleartext IDP <code>clientSecret</code> from full realm info to detect changes to it \([https\://github\.com/ansible\-collections/community\.general/issues/8294](https\://github\.com/ansible\-collections/community\.general/issues/8294)\, [https\://github\.com/ansible\-collections/community\.general/pull/8735](https\://github\.com/ansible\-collections/community\.general/pull/8735)\)\.
+* keycloak\_user\_federation \- remove existing user federation mappers if they are not present in the federation configuration and will not be updated \([https\://github\.com/ansible\-collections/community\.general/issues/7169](https\://github\.com/ansible\-collections/community\.general/issues/7169)\, [https\://github\.com/ansible\-collections/community\.general/pull/8695](https\://github\.com/ansible\-collections/community\.general/pull/8695)\)\.
+
+<a id="v8-6-3"></a>
+## v8\.6\.3
+
+<a id="release-summary-8"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="minor-changes-2"></a>
+### Minor Changes
+
+* wdc\_redfish\_command \- minor change to handle upgrade file for Redfish WD platforms \([https\://github\.com/ansible\-collections/community\.general/pull/8444](https\://github\.com/ansible\-collections/community\.general/pull/8444)\)\.
+
+<a id="bugfixes-5"></a>
+### Bugfixes
+
+* bitwarden lookup plugin \- fix <code>KeyError</code> in <code>search\_field</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8549](https\://github\.com/ansible\-collections/community\.general/issues/8549)\, [https\://github\.com/ansible\-collections/community\.general/pull/8557](https\://github\.com/ansible\-collections/community\.general/pull/8557)\)\.
+* keycloak\_clientscope \- remove IDs from clientscope and its protocol mappers on comparison for changed check \([https\://github\.com/ansible\-collections/community\.general/pull/8545](https\://github\.com/ansible\-collections/community\.general/pull/8545)\)\.
+* nsupdate \- fix \'index out of range\' error when changing NS records by falling back to authority section of the response \([https\://github\.com/ansible\-collections/community\.general/issues/8612](https\://github\.com/ansible\-collections/community\.general/issues/8612)\, [https\://github\.com/ansible\-collections/community\.general/pull/8614](https\://github\.com/ansible\-collections/community\.general/pull/8614)\)\.
+* redfish\_utils module utils \- do not fail when language is not exactly \"en\" \([https\://github\.com/ansible\-collections/community\.general/pull/8613](https\://github\.com/ansible\-collections/community\.general/pull/8613)\)\.
+
+<a id="v8-6-2"></a>
+## v8\.6\.2
+
+<a id="release-summary-9"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="bugfixes-6"></a>
+### Bugfixes
+
+* git\_config \- fix behavior of <code>state\=absent</code> if <code>value</code> is present \([https\://github\.com/ansible\-collections/community\.general/issues/8436](https\://github\.com/ansible\-collections/community\.general/issues/8436)\, [https\://github\.com/ansible\-collections/community\.general/pull/8452](https\://github\.com/ansible\-collections/community\.general/pull/8452)\)\.
+* homebrew \- do not fail when brew prints warnings \([https\://github\.com/ansible\-collections/community\.general/pull/8406](https\://github\.com/ansible\-collections/community\.general/pull/8406)\, [https\://github\.com/ansible\-collections/community\.general/issues/7044](https\://github\.com/ansible\-collections/community\.general/issues/7044)\)\.
+* keycloak\_client \- fix TypeError when sanitizing the <code>saml\.signing\.private\.key</code> attribute in the module\'s diff or state output\. The <code>sanitize\_cr</code> function expected a dict where in some cases a list might occur \([https\://github\.com/ansible\-collections/community\.general/pull/8403](https\://github\.com/ansible\-collections/community\.general/pull/8403)\)\.
+* keycloak\_realm \- add normalizations for <code>attributes</code> and <code>protocol\_mappers</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8496](https\://github\.com/ansible\-collections/community\.general/pull/8496)\)\.
+* launched \- correctly report changed status in check mode \([https\://github\.com/ansible\-collections/community\.general/pull/8406](https\://github\.com/ansible\-collections/community\.general/pull/8406)\)\.
+* opennebula inventory plugin \- fix invalid reference to IP when inventory runs against NICs with no IPv4 address \([https\://github\.com/ansible\-collections/community\.general/pull/8489](https\://github\.com/ansible\-collections/community\.general/pull/8489)\)\.
+* opentelemetry callback \- do not save the JSON response when using the <code>ansible\.builtin\.uri</code> module \([https\://github\.com/ansible\-collections/community\.general/pull/8430](https\://github\.com/ansible\-collections/community\.general/pull/8430)\)\.
+* opentelemetry callback \- do not save the content response when using the <code>ansible\.builtin\.slurp</code> module \([https\://github\.com/ansible\-collections/community\.general/pull/8430](https\://github\.com/ansible\-collections/community\.general/pull/8430)\)\.
+* paman \- do not fail if an empty list of packages has been provided and there is nothing to do \([https\://github\.com/ansible\-collections/community\.general/pull/8514](https\://github\.com/ansible\-collections/community\.general/pull/8514)\)\.
+
+<a id="known-issues"></a>
+### Known Issues
+
+* homectl \- the module does not work under Python 3\.13 or newer\, since it relies on the removed <code>crypt</code> standard library module \([https\://github\.com/ansible\-collections/community\.general/issues/4691](https\://github\.com/ansible\-collections/community\.general/issues/4691)\, [https\://github\.com/ansible\-collections/community\.general/pull/8497](https\://github\.com/ansible\-collections/community\.general/pull/8497)\)\.
+* udm\_user \- the module does not work under Python 3\.13 or newer\, since it relies on the removed <code>crypt</code> standard library module \([https\://github\.com/ansible\-collections/community\.general/issues/4690](https\://github\.com/ansible\-collections/community\.general/issues/4690)\, [https\://github\.com/ansible\-collections/community\.general/pull/8497](https\://github\.com/ansible\-collections/community\.general/pull/8497)\)\.
+
+<a id="v8-6-1"></a>
+## v8\.6\.1
+
+<a id="release-summary-10"></a>
+### Release Summary
+
+Regular bugfix release\.
+
+<a id="security-fixes-2"></a>
+### Security Fixes
+
+* keycloak\_identity\_provider \- the client secret was not correctly sanitized by the module\. The return values <code>proposed</code>\, <code>existing</code>\, and <code>end\_state</code>\, as well as the diff\, did contain the client secret unmasked \([https\://github\.com/ansible\-collections/community\.general/pull/8355](https\://github\.com/ansible\-collections/community\.general/pull/8355)\)\.
+
+<a id="bugfixes-7"></a>
+### Bugfixes
+
+* keycloak\_user\_federation \- fix diff of empty <code>krbPrincipalAttribute</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8320](https\://github\.com/ansible\-collections/community\.general/pull/8320)\)\.
+* merge\_variables lookup plugin \- fixing cross host merge\: providing access to foreign hosts variables to the perspective of the host that is performing the merge \([https\://github\.com/ansible\-collections/community\.general/pull/8303](https\://github\.com/ansible\-collections/community\.general/pull/8303)\)\.
+* opentelemetry callback plugin \- close spans always \([https\://github\.com/ansible\-collections/community\.general/pull/8367](https\://github\.com/ansible\-collections/community\.general/pull/8367)\)\.
+* opentelemetry callback plugin \- honour the <code>disable\_logs</code> option to avoid storing task results since they are not used regardless \([https\://github\.com/ansible\-collections/community\.general/pull/8373](https\://github\.com/ansible\-collections/community\.general/pull/8373)\)\.
+
+<a id="v8-6-0"></a>
+## v8\.6\.0
+
+<a id="release-summary-11"></a>
+### Release Summary
+
+Regular bugfix and features release\.
+
+<a id="minor-changes-3"></a>
+### Minor Changes
+
+* Use offset\-aware <code>datetime\.datetime</code> objects \(with timezone UTC\) instead of offset\-naive UTC timestamps\, which are deprecated in Python 3\.12 \([https\://github\.com/ansible\-collections/community\.general/pull/8222](https\://github\.com/ansible\-collections/community\.general/pull/8222)\)\.
+* apt\_rpm \- add new states <code>latest</code> and <code>present\_not\_latest</code>\. The value <code>latest</code> is equivalent to the current behavior of <code>present</code>\, which will upgrade a package if a newer version exists\. <code>present\_not\_latest</code> does what most users would expect <code>present</code> to do\: it does not upgrade if the package is already installed\. The current behavior of <code>present</code> will be deprecated in a later version\, and eventually changed to that of <code>present\_not\_latest</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8217](https\://github\.com/ansible\-collections/community\.general/issues/8217)\, [https\://github\.com/ansible\-collections/community\.general/pull/8247](https\://github\.com/ansible\-collections/community\.general/pull/8247)\)\.
+* bitwarden lookup plugin \- add support to filter by organization ID \([https\://github\.com/ansible\-collections/community\.general/pull/8188](https\://github\.com/ansible\-collections/community\.general/pull/8188)\)\.
+* filesystem \- add bcachefs support \([https\://github\.com/ansible\-collections/community\.general/pull/8126](https\://github\.com/ansible\-collections/community\.general/pull/8126)\)\.
+* ini\_file \- add an optional parameter <code>section\_has\_values</code>\. If the target ini file contains more than one <code>section</code>\, use <code>section\_has\_values</code> to specify which one should be updated \([https\://github\.com/ansible\-collections/community\.general/pull/7505](https\://github\.com/ansible\-collections/community\.general/pull/7505)\)\.
+* java\_cert \- add <code>cert\_content</code> argument \([https\://github\.com/ansible\-collections/community\.general/pull/8153](https\://github\.com/ansible\-collections/community\.general/pull/8153)\)\.
+* keycloak\_client\, keycloak\_clientscope\, keycloak\_clienttemplate \- added <code>docker\-v2</code> protocol support\, enhancing alignment with Keycloak\'s protocol options \([https\://github\.com/ansible\-collections/community\.general/issues/8215](https\://github\.com/ansible\-collections/community\.general/issues/8215)\, [https\://github\.com/ansible\-collections/community\.general/pull/8216](https\://github\.com/ansible\-collections/community\.general/pull/8216)\)\.
+* nmcli \- adds OpenvSwitch support with new <code>type</code> values <code>ovs\-port</code>\, <code>ovs\-interface</code>\, and <code>ovs\-bridge</code>\, and new <code>slave\_type</code> value <code>ovs\-port</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8154](https\://github\.com/ansible\-collections/community\.general/pull/8154)\)\.
+* osx\_defaults \- add option <code>check\_types</code> to enable changing the type of existing defaults on the fly \([https\://github\.com/ansible\-collections/community\.general/pull/8173](https\://github\.com/ansible\-collections/community\.general/pull/8173)\)\.
+* passwordstore lookup \- add <code>missing\_subkey</code> parameter defining the behavior of the lookup when a passwordstore subkey is missing \([https\://github\.com/ansible\-collections/community\.general/pull/8166](https\://github\.com/ansible\-collections/community\.general/pull/8166)\)\.
+* portage \- adds the possibility to explicitely tell portage to write packages to world file \([https\://github\.com/ansible\-collections/community\.general/issues/6226](https\://github\.com/ansible\-collections/community\.general/issues/6226)\, [https\://github\.com/ansible\-collections/community\.general/pull/8236](https\://github\.com/ansible\-collections/community\.general/pull/8236)\)\.
+* redfish\_command \- add command <code>ResetToDefaults</code> to reset manager to default state \([https\://github\.com/ansible\-collections/community\.general/issues/8163](https\://github\.com/ansible\-collections/community\.general/issues/8163)\)\.
+* redfish\_info \- add boolean return value <code>MultipartHttpPush</code> to <code>GetFirmwareUpdateCapabilities</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8194](https\://github\.com/ansible\-collections/community\.general/issues/8194)\, [https\://github\.com/ansible\-collections/community\.general/pull/8195](https\://github\.com/ansible\-collections/community\.general/pull/8195)\)\.
+* ssh\_config \- allow <code>accept\-new</code> as valid value for <code>strict\_host\_key\_checking</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8257](https\://github\.com/ansible\-collections/community\.general/pull/8257)\)\.
+
+<a id="deprecated-features"></a>
+### Deprecated Features
+
+* hipchat callback plugin \- the hipchat service has been discontinued and the self\-hosted variant has been End of Life since 2020\. The callback plugin is therefore deprecated and will be removed from community\.general 10\.0\.0 if nobody provides compelling reasons to still keep it \([https\://github\.com/ansible\-collections/community\.general/issues/8184](https\://github\.com/ansible\-collections/community\.general/issues/8184)\, [https\://github\.com/ansible\-collections/community\.general/pull/8189](https\://github\.com/ansible\-collections/community\.general/pull/8189)\)\.
+
+<a id="bugfixes-8"></a>
+### Bugfixes
+
+* aix\_filesystem \- fix <code>\_validate\_vg</code> not passing VG name to <code>lsvg\_cmd</code> \([https\://github\.com/ansible\-collections/community\.general/issues/8151](https\://github\.com/ansible\-collections/community\.general/issues/8151)\)\.
+* apt\_rpm \- when checking whether packages were installed after running <code>apt\-get \-y install \<packages\></code>\, only the last package name was checked \([https\://github\.com/ansible\-collections/community\.general/pull/8263](https\://github\.com/ansible\-collections/community\.general/pull/8263)\)\.
+* bitwarden\_secrets\_manager lookup plugin \- implements retry with exponential backoff to avoid lookup errors when Bitwardn\'s API rate limiting is encountered \([https\://github\.com/ansible\-collections/community\.general/issues/8230](https\://github\.com/ansible\-collections/community\.general/issues/8230)\, [https\://github\.com/ansible\-collections/community\.general/pull/8238](https\://github\.com/ansible\-collections/community\.general/pull/8238)\)\.
+* from\_ini filter plugin \- disabling interpolation of <code>ConfigParser</code> to allow converting values with a <code>\%</code> sign \([https\://github\.com/ansible\-collections/community\.general/issues/8183](https\://github\.com/ansible\-collections/community\.general/issues/8183)\, [https\://github\.com/ansible\-collections/community\.general/pull/8185](https\://github\.com/ansible\-collections/community\.general/pull/8185)\)\.
+* gitlab\_issue\, gitlab\_label\, gitlab\_milestone \- avoid crash during version comparison when the python\-gitlab Python module is not installed \([https\://github\.com/ansible\-collections/community\.general/pull/8158](https\://github\.com/ansible\-collections/community\.general/pull/8158)\)\.
+* haproxy \- fix an issue where HAProxy could get stuck in DRAIN mode when the backend was unreachable \([https\://github\.com/ansible\-collections/community\.general/issues/8092](https\://github\.com/ansible\-collections/community\.general/issues/8092)\)\.
+* inventory plugins \- add unsafe wrapper to avoid marking strings that do not contain <code>\{</code> or <code>\}</code> as unsafe\, to work around a bug in AWX \(\([https\://github\.com/ansible\-collections/community\.general/issues/8212](https\://github\.com/ansible\-collections/community\.general/issues/8212)\, [https\://github\.com/ansible\-collections/community\.general/pull/8225](https\://github\.com/ansible\-collections/community\.general/pull/8225)\)\.
+* ipa \- fix get version regex in IPA module\_utils \([https\://github\.com/ansible\-collections/community\.general/pull/8175](https\://github\.com/ansible\-collections/community\.general/pull/8175)\)\.
+* keycloak\_client \- add sorted <code>defaultClientScopes</code> and <code>optionalClientScopes</code> to normalizations \([https\://github\.com/ansible\-collections/community\.general/pull/8223](https\://github\.com/ansible\-collections/community\.general/pull/8223)\)\.
+* keycloak\_realm \- add normalizations for <code>enabledEventTypes</code> and <code>supportedLocales</code> \([https\://github\.com/ansible\-collections/community\.general/pull/8224](https\://github\.com/ansible\-collections/community\.general/pull/8224)\)\.
+* puppet \- add option <code>environment\_lang</code> to set the environment language encoding\. Defaults to lang <code>C</code>\. It is recommended to set it to <code>C\.UTF\-8</code> or <code>en\_US\.UTF\-8</code> depending on what is available on your system\. \([https\://github\.com/ansible\-collections/community\.general/issues/8000](https\://github\.com/ansible\-collections/community\.general/issues/8000)\)
+* riak \- support <code>riak admin</code> sub\-command in newer Riak KV versions beside the legacy <code>riak\-admin</code> main command \([https\://github\.com/ansible\-collections/community\.general/pull/8211](https\://github\.com/ansible\-collections/community\.general/pull/8211)\)\.
+* to\_ini filter plugin \- disabling interpolation of <code>ConfigParser</code> to allow converting values with a <code>\%</code> sign \([https\://github\.com/ansible\-collections/community\.general/issues/8183](https\://github\.com/ansible\-collections/community\.general/issues/8183)\, [https\://github\.com/ansible\-collections/community\.general/pull/8185](https\://github\.com/ansible\-collections/community\.general/pull/8185)\)\.
+* xml \- make module work with lxml 5\.1\.1\, which removed some internals that the module was relying on \([https\://github\.com/ansible\-collections/community\.general/pull/8169](https\://github\.com/ansible\-collections/community\.general/pull/8169)\)\.
+
+<a id="new-modules"></a>
+### New Modules
+
+* community\.general\.keycloak\_client\_rolescope \- Allows administration of Keycloak client roles scope to restrict the usage of certain roles to a other specific client applications\.
+
+<a id="v8-5-0"></a>
+## v8\.5\.0
+
+<a id="release-summary-12"></a>
+### Release Summary
+
+Regular feature and bugfix release with security fixes\.
+
+<a id="minor-changes-4"></a>
+### Minor Changes
+
 * bitwarden lookup plugin \- allows to fetch all records of a given collection ID\, by allowing to pass an empty value for <code>search\_value</code> when <code>collection\_id</code> is provided \([https\://github\.com/ansible\-collections/community\.general/pull/8013](https\://github\.com/ansible\-collections/community\.general/pull/8013)\)\.
 * icinga2 inventory plugin \- adds new parameter <code>group\_by\_hostgroups</code> in order to make grouping by Icinga2 hostgroups optional \([https\://github\.com/ansible\-collections/community\.general/pull/7998](https\://github\.com/ansible\-collections/community\.general/pull/7998)\)\.
 * ini\_file \- support optional spaces between section names and their surrounding brackets \([https\://github\.com/ansible\-collections/community\.general/pull/8075](https\://github\.com/ansible\-collections/community\.general/pull/8075)\)\.
@@ -79,12 +385,12 @@ Regular feature and bugfix release with security fixes\.
 * proxmox \- adds <code>startup</code> parameters to configure startup order\, startup delay and shutdown delay \([https\://github\.com/ansible\-collections/community\.general/pull/8038](https\://github\.com/ansible\-collections/community\.general/pull/8038)\)\.
 * revbitspss lookup plugin \- removed a redundant unicode prefix\. The prefix was not necessary for Python 3 and has been cleaned up to streamline the code \([https\://github\.com/ansible\-collections/community\.general/pull/8087](https\://github\.com/ansible\-collections/community\.general/pull/8087)\)\.

-<a id="security-fixes"></a>
+<a id="security-fixes-3"></a>
 ### Security Fixes

 * cobbler\, gitlab\_runners\, icinga2\, linode\, lxd\, nmap\, online\, opennebula\, proxmox\, scaleway\, stackpath\_compute\, virtualbox\, and xen\_orchestra inventory plugin \- make sure all data received from the remote servers is marked as unsafe\, so remote code execution by obtaining texts that can be evaluated as templates is not possible \([https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/](https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/)\, [https\://github\.com/ansible\-collections/community\.general/pull/8098](https\://github\.com/ansible\-collections/community\.general/pull/8098)\)\.

-<a id="bugfixes"></a>
+<a id="bugfixes-9"></a>
 ### Bugfixes

 * aix\_filesystem \- fix issue with empty list items in crfs logic and option order \([https\://github\.com/ansible\-collections/community\.general/pull/8052](https\://github\.com/ansible\-collections/community\.general/pull/8052)\)\.
@@ -98,20 +404,20 @@ Regular feature and bugfix release with security fixes\.
 * pam\_limits \- when the file does not exist\, do not create it in check mode \([https\://github\.com/ansible\-collections/community\.general/issues/8050](https\://github\.com/ansible\-collections/community\.general/issues/8050)\, [https\://github\.com/ansible\-collections/community\.general/pull/8057](https\://github\.com/ansible\-collections/community\.general/pull/8057)\)\.
 * proxmox\_kvm \- fixed status check getting from node\-specific API endpoint \([https\://github\.com/ansible\-collections/community\.general/issues/7817](https\://github\.com/ansible\-collections/community\.general/issues/7817)\)\.

-<a id="new-modules"></a>
+<a id="new-modules-1"></a>
 ### New Modules

-* usb\_facts \- Allows listing information about USB devices
+* community\.general\.usb\_facts \- Allows listing information about USB devices

 <a id="v8-4-0"></a>
 ## v8\.4\.0

-<a id="release-summary-1"></a>
+<a id="release-summary-13"></a>
 ### Release Summary

 Regular bugfix and feature release\.

-<a id="minor-changes-1"></a>
+<a id="minor-changes-5"></a>
 ### Minor Changes

 * bitwarden lookup plugin \- add <code>bw\_session</code> option\, to pass session key instead of reading from env \([https\://github\.com/ansible\-collections/community\.general/pull/7994](https\://github\.com/ansible\-collections/community\.general/pull/7994)\)\.
@@ -124,7 +430,7 @@ Regular bugfix and feature release\.
 * sudoers \- add support for the <code>NOEXEC</code> tag in sudoers rules \([https\://github\.com/ansible\-collections/community\.general/pull/7983](https\://github\.com/ansible\-collections/community\.general/pull/7983)\)\.
 * terraform \- fix <code>diff\_mode</code> in state <code>absent</code> and when terraform <code>resource\_changes</code> does not exist \([https\://github\.com/ansible\-collections/community\.general/pull/7963](https\://github\.com/ansible\-collections/community\.general/pull/7963)\)\.

-<a id="bugfixes-1"></a>
+<a id="bugfixes-10"></a>
 ### Bugfixes

 * cargo \- fix idempotency issues when using a custom installation path for packages \(using the <code>\-\-path</code> parameter\)\. The initial installation runs fine\, but subsequent runs use the <code>get\_installed\(\)</code> function which did not check the given installation location\, before running <code>cargo install</code>\. This resulted in a false <code>changed</code> state\. Also the removal of packeges using <code>state\: absent</code> failed\, as the installation check did not use the given parameter \([https\://github\.com/ansible\-collections/community\.general/pull/7970](https\://github\.com/ansible\-collections/community\.general/pull/7970)\)\.
@@ -143,31 +449,31 @@ Regular bugfix and feature release\.
 <a id="callback"></a>
 #### Callback

-* default\_without\_diff \- The default ansible callback without diff output
+* community\.general\.default\_without\_diff \- The default ansible callback without diff output

 <a id="filter"></a>
 #### Filter

-* lists\_difference \- Difference of lists with a predictive order
-* lists\_intersect \- Intersection of lists with a predictive order
-* lists\_symmetric\_difference \- Symmetric Difference of lists with a predictive order
-* lists\_union \- Union of lists with a predictive order
+* community\.general\.lists\_difference \- Difference of lists with a predictive order
+* community\.general\.lists\_intersect \- Intersection of lists with a predictive order
+* community\.general\.lists\_symmetric\_difference \- Symmetric Difference of lists with a predictive order
+* community\.general\.lists\_union \- Union of lists with a predictive order

-<a id="new-modules-1"></a>
+<a id="new-modules-2"></a>
 ### New Modules

-* gitlab\_group\_access\_token \- Manages GitLab group access tokens
-* gitlab\_project\_access\_token \- Manages GitLab project access tokens
+* community\.general\.gitlab\_group\_access\_token \- Manages GitLab group access tokens
+* community\.general\.gitlab\_project\_access\_token \- Manages GitLab project access tokens

 <a id="v8-3-0"></a>
 ## v8\.3\.0

-<a id="release-summary-2"></a>
+<a id="release-summary-14"></a>
 ### Release Summary

 Regular bugfix and feature release\.

-<a id="minor-changes-2"></a>
+<a id="minor-changes-6"></a>
 ### Minor Changes

 * consul\_auth\_method\, consul\_binding\_rule\, consul\_policy\, consul\_role\, consul\_session\, consul\_token \- added action group <code>community\.general\.consul</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7897](https\://github\.com/ansible\-collections/community\.general/pull/7897)\)\.
@@ -180,12 +486,12 @@ Regular bugfix and feature release\.
 * redfish\_info \- add command <code>GetServiceIdentification</code> to get service identification \([https\://github\.com/ansible\-collections/community\.general/issues/7882](https\://github\.com/ansible\-collections/community\.general/issues/7882)\)\.
 * terraform \- add support for <code>diff\_mode</code> for terraform resource\_changes \([https\://github\.com/ansible\-collections/community\.general/pull/7896](https\://github\.com/ansible\-collections/community\.general/pull/7896)\)\.

-<a id="deprecated-features"></a>
+<a id="deprecated-features-1"></a>
 ### Deprecated Features

 * consul\_acl \- the module has been deprecated and will be removed in community\.general 10\.0\.0\. <code>consul\_token</code> and <code>consul\_policy</code> can be used instead \([https\://github\.com/ansible\-collections/community\.general/pull/7901](https\://github\.com/ansible\-collections/community\.general/pull/7901)\)\.

-<a id="bugfixes-2"></a>
+<a id="bugfixes-11"></a>
 ### Bugfixes

 * homebrew \- detect already installed formulae and casks using JSON output from <code>brew info</code> \([https\://github\.com/ansible\-collections/community\.general/issues/864](https\://github\.com/ansible\-collections/community\.general/issues/864)\)\.
@@ -196,25 +502,25 @@ Regular bugfix and feature release\.
 * nmcli \- fix <code>connection\.slave\-type</code> wired to <code>bond</code> and not with parameter <code>slave\_type</code> in case of connection type <code>wifi</code> \([https\://github\.com/ansible\-collections/community\.general/issues/7389](https\://github\.com/ansible\-collections/community\.general/issues/7389)\)\.
 * proxmox \- fix updating a container config if the setting does not already exist \([https\://github\.com/ansible\-collections/community\.general/pull/7872](https\://github\.com/ansible\-collections/community\.general/pull/7872)\)\.

-<a id="new-modules-2"></a>
+<a id="new-modules-3"></a>
 ### New Modules

-* consul\_acl\_bootstrap \- Bootstrap ACLs in Consul
-* consul\_auth\_method \- Manipulate Consul auth methods
-* consul\_binding\_rule \- Manipulate Consul binding rules
-* consul\_token \- Manipulate Consul tokens
-* gitlab\_label \- Creates/updates/deletes GitLab Labels belonging to project or group\.
-* gitlab\_milestone \- Creates/updates/deletes GitLab Milestones belonging to project or group
+* community\.general\.consul\_acl\_bootstrap \- Bootstrap ACLs in Consul
+* community\.general\.consul\_auth\_method \- Manipulate Consul auth methods
+* community\.general\.consul\_binding\_rule \- Manipulate Consul binding rules
+* community\.general\.consul\_token \- Manipulate Consul tokens
+* community\.general\.gitlab\_label \- Creates/updates/deletes GitLab Labels belonging to project or group\.
+* community\.general\.gitlab\_milestone \- Creates/updates/deletes GitLab Milestones belonging to project or group

 <a id="v8-2-0"></a>
 ## v8\.2\.0

-<a id="release-summary-3"></a>
+<a id="release-summary-15"></a>
 ### Release Summary

 Regular bugfix and feature release\.

-<a id="minor-changes-3"></a>
+<a id="minor-changes-7"></a>
 ### Minor Changes

 * ipa\_dnsrecord \- adds ability to manage NS record types \([https\://github\.com/ansible\-collections/community\.general/pull/7737](https\://github\.com/ansible\-collections/community\.general/pull/7737)\)\.
@@ -230,7 +536,7 @@ Regular bugfix and feature release\.
 * ssh\_config \- new feature to set <code>IdentitiesOnly</code> option to <code>yes</code> or <code>no</code> \([https\://github\.com/ansible\-collections/community\.general/pull/7704](https\://github\.com/ansible\-collections/community\.general/pull/7704)\)\.
 * xcc\_redfish\_command \- added support for raw POSTs \(<code>command\=PostResource</code> in <code>category\=Raw</code>\) without a specific action info \([https\://github\.com/ansible\-collections/community\.general/pull/7746](https\://github\.com/ansible\-collections/community\.general/pull/7746)\)\.

-<a id="bugfixes-3"></a>
+<a id="bugfixes-12"></a>
 ### Bugfixes

 * keycloak\_identity\_provider \- <code>mappers</code> processing was not idempotent if the mappers configuration list had not been sorted by name \(in ascending order\)\. Fix resolves the issue by sorting mappers in the desired state using the same key which is used for obtaining existing state \([https\://github\.com/ansible\-collections/community\.general/pull/7418](https\://github\.com/ansible\-collections/community\.general/pull/7418)\)\.
@@ -245,37 +551,37 @@ Regular bugfix and feature release\.
 <a id="connection"></a>
 #### Connection

-* incus \- Run tasks in Incus instances via the Incus CLI\.
+* community\.general\.incus \- Run tasks in Incus instances via the Incus CLI\.

 <a id="filter-1"></a>
 #### Filter

-* from\_ini \- Converts INI text input into a dictionary
-* to\_ini \- Converts a dictionary to the INI file format
+* community\.general\.from\_ini \- Converts INI text input into a dictionary
+* community\.general\.to\_ini \- Converts a dictionary to the INI file format

 <a id="lookup"></a>
 #### Lookup

-* github\_app\_access\_token \- Obtain short\-lived Github App Access tokens
+* community\.general\.github\_app\_access\_token \- Obtain short\-lived Github App Access tokens

-<a id="new-modules-3"></a>
+<a id="new-modules-4"></a>
 ### New Modules

-* dnf\_config\_manager \- Enable or disable dnf repositories using config\-manager
-* keycloak\_component\_info \- Retrive component info in Keycloak
-* keycloak\_realm\_rolemapping \- Allows administration of Keycloak realm role mappings into groups with the Keycloak API
-* proxmox\_node\_info \- Retrieve information about one or more Proxmox VE nodes
-* proxmox\_storage\_contents\_info \- List content from a Proxmox VE storage
+* community\.general\.dnf\_config\_manager \- Enable or disable dnf repositories using config\-manager
+* community\.general\.keycloak\_component\_info \- Retrive component info in Keycloak
+* community\.general\.keycloak\_realm\_rolemapping \- Allows administration of Keycloak realm role mappings into groups with the Keycloak API
+* community\.general\.proxmox\_node\_info \- Retrieve information about one or more Proxmox VE nodes
+* community\.general\.proxmox\_storage\_contents\_info \- List content from a Proxmox VE storage

 <a id="v8-1-0"></a>
 ## v8\.1\.0

-<a id="release-summary-4"></a>
+<a id="release-summary-16"></a>
 ### Release Summary

 Regular bugfix and feature release\.

-<a id="minor-changes-4"></a>
+<a id="minor-changes-8"></a>
 ### Minor Changes

 * bitwarden lookup plugin \- when looking for items using an item ID\, the item is now accessed directly with <code>bw get item</code> instead of searching through all items\. This doubles the lookup speed \([https\://github\.com/ansible\-collections/community\.general/pull/7468](https\://github\.com/ansible\-collections/community\.general/pull/7468)\)\.
@@ -312,7 +618,7 @@ Regular bugfix and feature release\.
 * redfish\_info \- adding the <code>BootProgress</code> property when getting <code>Systems</code> info \([https\://github\.com/ansible\-collections/community\.general/pull/7626](https\://github\.com/ansible\-collections/community\.general/pull/7626)\)\.
 * ssh\_config \- adds <code>controlmaster</code>\, <code>controlpath</code> and <code>controlpersist</code> parameters \([https\://github\.com/ansible\-collections/community\.general/pull/7456](https\://github\.com/ansible\-collections/community\.general/pull/7456)\)\.

-<a id="bugfixes-4"></a>
+<a id="bugfixes-13"></a>
 ### Bugfixes

 * apt\-rpm \- the module did not upgrade packages if a newer version exists\. Now the package will be reinstalled if the candidate is newer than the installed version \([https\://github\.com/ansible\-collections/community\.general/issues/7414](https\://github\.com/ansible\-collections/community\.general/issues/7414)\)\.
@@ -336,29 +642,29 @@ Regular bugfix and feature release\.
 <a id="lookup-1"></a>
 #### Lookup

-* onepassword\_doc \- Fetch documents stored in 1Password
+* community\.general\.onepassword\_doc \- Fetch documents stored in 1Password

 <a id="test"></a>
 #### Test

-* fqdn\_valid \- Validates fully\-qualified domain names against RFC 1123
+* community\.general\.fqdn\_valid \- Validates fully\-qualified domain names against RFC 1123

-<a id="new-modules-4"></a>
+<a id="new-modules-5"></a>
 ### New Modules

-* git\_config\_info \- Read git configuration
-* gitlab\_issue \- Create\, update\, or delete GitLab issues
-* nomad\_token \- Manage Nomad ACL tokens
+* community\.general\.git\_config\_info \- Read git configuration
+* community\.general\.gitlab\_issue \- Create\, update\, or delete GitLab issues
+* community\.general\.nomad\_token \- Manage Nomad ACL tokens

 <a id="v8-0-2"></a>
 ## v8\.0\.2

-<a id="release-summary-5"></a>
+<a id="release-summary-17"></a>
 ### Release Summary

 Bugfix release for inclusion in Ansible 9\.0\.0rc1\.

-<a id="bugfixes-5"></a>
+<a id="bugfixes-14"></a>
 ### Bugfixes

 * ocapi\_utils\, oci\_utils\, redfish\_utils module utils \- replace <code>type\(\)</code> calls with <code>isinstance\(\)</code> calls \([https\://github\.com/ansible\-collections/community\.general/pull/7501](https\://github\.com/ansible\-collections/community\.general/pull/7501)\)\.
@@ -367,12 +673,12 @@ Bugfix release for inclusion in Ansible 9\.0\.0rc1\.
 <a id="v8-0-1"></a>
 ## v8\.0\.1

-<a id="release-summary-6"></a>
+<a id="release-summary-18"></a>
 ### Release Summary

 Bugfix release for inclusion in Ansible 9\.0\.0b1\.

-<a id="bugfixes-6"></a>
+<a id="bugfixes-15"></a>
 ### Bugfixes

 * gitlab\_group\_members \- fix gitlab constants call in <code>gitlab\_group\_members</code> module \([https\://github\.com/ansible\-collections/community\.general/issues/7467](https\://github\.com/ansible\-collections/community\.general/issues/7467)\)\.
@@ -385,12 +691,12 @@ Bugfix release for inclusion in Ansible 9\.0\.0b1\.
 <a id="v8-0-0"></a>
 ## v8\.0\.0

-<a id="release-summary-7"></a>
+<a id="release-summary-19"></a>
 ### Release Summary

 This is release 8\.0\.0 of <code>community\.general</code>\, released on 2023\-11\-01\.

-<a id="minor-changes-5"></a>
+<a id="minor-changes-9"></a>
 ### Minor Changes

 * The collection will start using semantic markup \([https\://github\.com/ansible\-collections/community\.general/pull/6539](https\://github\.com/ansible\-collections/community\.general/pull/6539)\)\.
@@ -529,7 +835,7 @@ This is release 8\.0\.0 of <code>community\.general</code>\, released on 2023\-1
 * vardict module utils \- <code>VarDict</code> will no longer accept variables named <code>\_var</code>\, <code>get\_meta</code>\, and <code>as\_dict</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6647](https\://github\.com/ansible\-collections/community\.general/pull/6647)\)\.
 * version module util \- remove fallback for ansible\-core 2\.11\. All modules and plugins that do version collections no longer work with ansible\-core 2\.11 \([https\://github\.com/ansible\-collections/community\.general/pull/7269](https\://github\.com/ansible\-collections/community\.general/pull/7269)\)\.

-<a id="deprecated-features-1"></a>
+<a id="deprecated-features-2"></a>
 ### Deprecated Features

 * CmdRunner module utils \- deprecate <code>cmd\_runner\_fmt\.as\_default\_type\(\)</code> formatter \([https\://github\.com/ansible\-collections/community\.general/pull/6601](https\://github\.com/ansible\-collections/community\.general/pull/6601)\)\.
@@ -589,7 +895,7 @@ This is release 8\.0\.0 of <code>community\.general</code>\, released on 2023\-1
 * proxmox module utils \- removed unused imports \([https\://github\.com/ansible\-collections/community\.general/pull/6873](https\://github\.com/ansible\-collections/community\.general/pull/6873)\)\.
 * xfconf \- the deprecated <code>disable\_facts</code> option was removed \([https\://github\.com/ansible\-collections/community\.general/pull/7358](https\://github\.com/ansible\-collections/community\.general/pull/7358)\)\.

-<a id="bugfixes-7"></a>
+<a id="bugfixes-16"></a>
 ### Bugfixes

 * CmdRunner module utils \- does not attempt to resolve path if executable is a relative or absolute path \([https\://github\.com/ansible\-collections/community\.general/pull/7200](https\://github\.com/ansible\-collections/community\.general/pull/7200)\)\.
@@ -671,7 +977,7 @@ This is release 8\.0\.0 of <code>community\.general</code>\, released on 2023\-1
 * tss lookup plugin \- fix multiple issues when using <code>fetch\_attachments\=true</code> \([https\://github\.com/ansible\-collections/community\.general/pull/6720](https\://github\.com/ansible\-collections/community\.general/pull/6720)\)\.
 * zypper \- added handling of zypper exitcode 102\. Changed state is set correctly now and rc 102 is still preserved to be evaluated by the playbook \([https\://github\.com/ansible\-collections/community\.general/pull/6534](https\://github\.com/ansible\-collections/community\.general/pull/6534)\)\.

-<a id="known-issues"></a>
+<a id="known-issues-1"></a>
 ### Known Issues

 * Ansible markup will show up in raw form on ansible\-doc text output for ansible\-core before 2\.15\. If you have trouble deciphering the documentation markup\, please upgrade to ansible\-core 2\.15 \(or newer\)\, or read the HTML documentation on [https\://docs\.ansible\.com/ansible/devel/collections/community/general/](https\://docs\.ansible\.com/ansible/devel/collections/community/general/) \([https\://github\.com/ansible\-collections/community\.general/pull/6539](https\://github\.com/ansible\-collections/community\.general/pull/6539)\)\.
@@ -682,27 +988,27 @@ This is release 8\.0\.0 of <code>community\.general</code>\, released on 2023\-1
 <a id="lookup-2"></a>
 #### Lookup

-* bitwarden\_secrets\_manager \- Retrieve secrets from Bitwarden Secrets Manager
+* community\.general\.bitwarden\_secrets\_manager \- Retrieve secrets from Bitwarden Secrets Manager

-<a id="new-modules-5"></a>
+<a id="new-modules-6"></a>
 ### New Modules

-* consul\_policy \- Manipulate Consul policies
-* consul\_role \- Manipulate Consul roles
-* facter\_facts \- Runs the discovery program C\(facter\) on the remote system and return Ansible facts
-* gio\_mime \- Set default handler for MIME type\, for applications using Gnome GIO
-* gitlab\_instance\_variable \- Creates\, updates\, or deletes GitLab instance variables
-* gitlab\_merge\_request \- Create\, update\, or delete GitLab merge requests
-* jenkins\_build\_info \- Get information about Jenkins builds
-* keycloak\_authentication\_required\_actions \- Allows administration of Keycloak authentication required actions
-* keycloak\_authz\_custom\_policy \- Allows administration of Keycloak client custom Javascript policies via Keycloak API
-* keycloak\_authz\_permission \- Allows administration of Keycloak client authorization permissions via Keycloak API
-* keycloak\_authz\_permission\_info \- Query Keycloak client authorization permissions information
-* keycloak\_realm\_key \- Allows administration of Keycloak realm keys via Keycloak API
-* keycloak\_user \- Create and configure a user in Keycloak
-* lvg\_rename \- Renames LVM volume groups
-* pnpm \- Manage node\.js packages with pnpm
-* proxmox\_pool \- Pool management for Proxmox VE cluster
-* proxmox\_pool\_member \- Add or delete members from Proxmox VE cluster pools
-* proxmox\_vm\_info \- Retrieve information about one or more Proxmox VE virtual machines
-* simpleinit\_msb \- Manage services on Source Mage GNU/Linux
+* community\.general\.consul\_policy \- Manipulate Consul policies
+* community\.general\.consul\_role \- Manipulate Consul roles
+* community\.general\.facter\_facts \- Runs the discovery program C\(facter\) on the remote system and return Ansible facts
+* community\.general\.gio\_mime \- Set default handler for MIME type\, for applications using Gnome GIO
+* community\.general\.gitlab\_instance\_variable \- Creates\, updates\, or deletes GitLab instance variables
+* community\.general\.gitlab\_merge\_request \- Create\, update\, or delete GitLab merge requests
+* community\.general\.jenkins\_build\_info \- Get information about Jenkins builds
+* community\.general\.keycloak\_authentication\_required\_actions \- Allows administration of Keycloak authentication required actions
+* community\.general\.keycloak\_authz\_custom\_policy \- Allows administration of Keycloak client custom Javascript policies via Keycloak API
+* community\.general\.keycloak\_authz\_permission \- Allows administration of Keycloak client authorization permissions via Keycloak API
+* community\.general\.keycloak\_authz\_permission\_info \- Query Keycloak client authorization permissions information
+* community\.general\.keycloak\_realm\_key \- Allows administration of Keycloak realm keys via Keycloak API
+* community\.general\.keycloak\_user \- Create and configure a user in Keycloak
+* community\.general\.lvg\_rename \- Renames LVM volume groups
+* community\.general\.pnpm \- Manage node\.js packages with pnpm
+* community\.general\.proxmox\_pool \- Pool management for Proxmox VE cluster
+* community\.general\.proxmox\_pool\_member \- Add or delete members from Proxmox VE cluster pools
+* community\.general\.proxmox\_vm\_info \- Retrieve information about one or more Proxmox VE virtual machines
+* community\.general\.simpleinit\_msb \- Manage services on Source Mage GNU/Linux
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -6,6 +6,269 @@ Community General Release Notes

 This changelog describes changes after version 7.0.0.

+v8.6.11
+=======
+
+Release Summary
+---------------
+
+Maintenance release.
+
+This is the last 8.x.y release. The 8.x.y release train is now effectively End of Life.
+
+Thanks to everyone who contributed to the community.general 8.x.y releases!
+
+v8.6.10
+=======
+
+Release Summary
+---------------
+
+Maintenance release with a security fix.
+
+Security Fixes
+--------------
+
+- keycloak_client - Sanitize ``saml.encryption.private.key`` so it does not show in the logs (https://github.com/ansible-collections/community.general/pull/9621).
+
+v8.6.9
+======
+
+Release Summary
+---------------
+
+Maintenance release with a security fix.
+
+Security Fixes
+--------------
+
+- keycloak_authentication - API calls did not properly set the ``priority`` during update resulting in incorrectly sorted authentication flows. This apparently only affects Keycloak 25 or newer (https://github.com/ansible-collections/community.general/pull/9263).
+
+v8.6.8
+======
+
+Release Summary
+---------------
+
+Maintenance release for inclusion in Ansible 9.13.0.
+
+Bugfixes
+--------
+
+- github_key - in check mode, a faulty call to ```datetime.strftime(...)``` was being made which generated an exception (https://github.com/ansible-collections/community.general/issues/9185).
+
+v8.6.7
+======
+
+Release Summary
+---------------
+
+Bugfix release.
+
+Bugfixes
+--------
+
+- collection_version lookup plugin - use ``importlib`` directly instead of the deprecated and in ansible-core 2.19 removed ``ansible.module_utils.compat.importlib`` (https://github.com/ansible-collections/community.general/pull/9084).
+- modprobe - fix check mode not being honored for ``persistent`` option (https://github.com/ansible-collections/community.general/issues/9051, https://github.com/ansible-collections/community.general/pull/9052).
+
+v8.6.6
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Note that this is the last regular bugfix release of community.general 8.x.y.
+From now on, there will only be maintenance releases with major bugfixes and
+security fixes.
+
+Minor Changes
+-------------
+
+- redfish_confg - remove ``CapacityBytes`` from required paramaters of the ``CreateVolume`` command (https://github.com/ansible-collections/community.general/pull/8956).
+
+Bugfixes
+--------
+
+- cloudflare_dns - fix changing Cloudflare SRV records (https://github.com/ansible-collections/community.general/issues/8679, https://github.com/ansible-collections/community.general/pull/8948).
+- dig lookup plugin - fix using only the last nameserver specified (https://github.com/ansible-collections/community.general/pull/8970).
+- homectl - the module now tries to use ``legacycrypt`` on Python 3.13+ (https://github.com/ansible-collections/community.general/issues/4691, https://github.com/ansible-collections/community.general/pull/8987).
+- ini_file - pass absolute paths to ``module.atomic_move()`` (https://github.com/ansible/ansible/issues/83950, https://github.com/ansible-collections/community.general/pull/8925).
+- ipa_hostgroup - fix ``enabled `` and ``disabled`` states (https://github.com/ansible-collections/community.general/issues/8408, https://github.com/ansible-collections/community.general/pull/8900).
+- java_keystore - pass absolute paths to ``module.atomic_move()`` (https://github.com/ansible/ansible/issues/83950, https://github.com/ansible-collections/community.general/pull/8925).
+- jenkins_plugin - pass absolute paths to ``module.atomic_move()`` (https://github.com/ansible/ansible/issues/83950, https://github.com/ansible-collections/community.general/pull/8925).
+- kdeconfig - pass absolute paths to ``module.atomic_move()`` (https://github.com/ansible/ansible/issues/83950, https://github.com/ansible-collections/community.general/pull/8925).
+- keycloak_realm - fix change detection in check mode by sorting the lists in the realms beforehand (https://github.com/ansible-collections/community.general/pull/8877).
+- keycloak_user_federation - minimize change detection by setting ``krbPrincipalAttribute`` to ``''`` in Keycloak responses if missing (https://github.com/ansible-collections/community.general/pull/8785).
+- keycloak_user_federation - remove ``lastSync`` parameter from Keycloak responses to minimize diff/changes (https://github.com/ansible-collections/community.general/pull/8812).
+- one_service - fix service creation after it was deleted with ``unique`` parameter (https://github.com/ansible-collections/community.general/issues/3137, https://github.com/ansible-collections/community.general/pull/8887).
+- pam_limits - pass absolute paths to ``module.atomic_move()`` (https://github.com/ansible/ansible/issues/83950, https://github.com/ansible-collections/community.general/pull/8925).
+- udm_user - the module now tries to use ``legacycrypt`` on Python 3.13+ (https://github.com/ansible-collections/community.general/issues/4690, https://github.com/ansible-collections/community.general/pull/8987).
+
+v8.6.5
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- gitlab_group_access_token - fix crash in check mode caused by attempted access to a newly created access token (https://github.com/ansible-collections/community.general/pull/8796).
+- gitlab_project_access_token - fix crash in check mode caused by attempted access to a newly created access token (https://github.com/ansible-collections/community.general/pull/8796).
+- keycloak_realm_key - fix invalid usage of ``parent_id`` (https://github.com/ansible-collections/community.general/issues/7850, https://github.com/ansible-collections/community.general/pull/8823).
+- keycloak_user_federation - fix key error when removing mappers during an update and new mappers are specified in the module args (https://github.com/ansible-collections/community.general/pull/8762).
+- keycloak_user_federation - fix the ``UnboundLocalError`` that occurs when an ID is provided for a user federation mapper (https://github.com/ansible-collections/community.general/pull/8831).
+- keycloak_user_federation - sort desired and after mapper list by name (analog to before mapper list) to minimize diff and make change detection more accurate (https://github.com/ansible-collections/community.general/pull/8761).
+- proxmox inventory plugin - fixed a possible error on concatenating responses from proxmox. In case an API call unexpectedly returned an empty result, the inventory failed with a fatal error. Added check for empty response (https://github.com/ansible-collections/community.general/issues/8798, https://github.com/ansible-collections/community.general/pull/8794).
+
+v8.6.4
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Minor Changes
+-------------
+
+- passwordstore lookup plugin - add the current user to the lockfile file name to address issues on multi-user systems (https://github.com/ansible-collections/community.general/pull/8689).
+
+Bugfixes
+--------
+
+- gitlab_runner - fix ``paused`` parameter being ignored (https://github.com/ansible-collections/community.general/pull/8648).
+- homebrew_cask - fix ``upgrade_all`` returns ``changed`` when nothing upgraded (https://github.com/ansible-collections/community.general/issues/8707, https://github.com/ansible-collections/community.general/pull/8708).
+- keycloak_user_federation - get cleartext IDP ``clientSecret`` from full realm info to detect changes to it (https://github.com/ansible-collections/community.general/issues/8294, https://github.com/ansible-collections/community.general/pull/8735).
+- keycloak_user_federation - remove existing user federation mappers if they are not present in the federation configuration and will not be updated (https://github.com/ansible-collections/community.general/issues/7169, https://github.com/ansible-collections/community.general/pull/8695).
+
+v8.6.3
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Minor Changes
+-------------
+
+- wdc_redfish_command - minor change to handle upgrade file for Redfish WD platforms (https://github.com/ansible-collections/community.general/pull/8444).
+
+Bugfixes
+--------
+
+- bitwarden lookup plugin - fix ``KeyError`` in ``search_field`` (https://github.com/ansible-collections/community.general/issues/8549, https://github.com/ansible-collections/community.general/pull/8557).
+- keycloak_clientscope - remove IDs from clientscope and its protocol mappers on comparison for changed check (https://github.com/ansible-collections/community.general/pull/8545).
+- nsupdate - fix 'index out of range' error when changing NS records by falling back to authority section of the response (https://github.com/ansible-collections/community.general/issues/8612, https://github.com/ansible-collections/community.general/pull/8614).
+- redfish_utils module utils - do not fail when language is not exactly "en" (https://github.com/ansible-collections/community.general/pull/8613).
+
+v8.6.2
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Bugfixes
+--------
+
+- git_config - fix behavior of ``state=absent`` if ``value`` is present (https://github.com/ansible-collections/community.general/issues/8436, https://github.com/ansible-collections/community.general/pull/8452).
+- homebrew - do not fail when brew prints warnings (https://github.com/ansible-collections/community.general/pull/8406, https://github.com/ansible-collections/community.general/issues/7044).
+- keycloak_client - fix TypeError when sanitizing the ``saml.signing.private.key`` attribute in the module's diff or state output. The ``sanitize_cr`` function expected a dict where in some cases a list might occur (https://github.com/ansible-collections/community.general/pull/8403).
+- keycloak_realm - add normalizations for ``attributes`` and ``protocol_mappers`` (https://github.com/ansible-collections/community.general/pull/8496).
+- launched - correctly report changed status in check mode (https://github.com/ansible-collections/community.general/pull/8406).
+- opennebula inventory plugin - fix invalid reference to IP when inventory runs against NICs with no IPv4 address (https://github.com/ansible-collections/community.general/pull/8489).
+- opentelemetry callback - do not save the JSON response when using the ``ansible.builtin.uri`` module (https://github.com/ansible-collections/community.general/pull/8430).
+- opentelemetry callback - do not save the content response when using the ``ansible.builtin.slurp`` module (https://github.com/ansible-collections/community.general/pull/8430).
+- paman - do not fail if an empty list of packages has been provided and there is nothing to do (https://github.com/ansible-collections/community.general/pull/8514).
+
+Known Issues
+------------
+
+- homectl - the module does not work under Python 3.13 or newer, since it relies on the removed ``crypt`` standard library module (https://github.com/ansible-collections/community.general/issues/4691, https://github.com/ansible-collections/community.general/pull/8497).
+- udm_user - the module does not work under Python 3.13 or newer, since it relies on the removed ``crypt`` standard library module (https://github.com/ansible-collections/community.general/issues/4690, https://github.com/ansible-collections/community.general/pull/8497).
+
+v8.6.1
+======
+
+Release Summary
+---------------
+
+Regular bugfix release.
+
+Security Fixes
+--------------
+
+- keycloak_identity_provider - the client secret was not correctly sanitized by the module. The return values ``proposed``, ``existing``, and ``end_state``, as well as the diff, did contain the client secret unmasked (https://github.com/ansible-collections/community.general/pull/8355).
+
+Bugfixes
+--------
+
+- keycloak_user_federation - fix diff of empty ``krbPrincipalAttribute`` (https://github.com/ansible-collections/community.general/pull/8320).
+- merge_variables lookup plugin - fixing cross host merge: providing access to foreign hosts variables to the perspective of the host that is performing the merge (https://github.com/ansible-collections/community.general/pull/8303).
+- opentelemetry callback plugin - close spans always (https://github.com/ansible-collections/community.general/pull/8367).
+- opentelemetry callback plugin - honour the ``disable_logs`` option to avoid storing task results since they are not used regardless (https://github.com/ansible-collections/community.general/pull/8373).
+
+v8.6.0
+======
+
+Release Summary
+---------------
+
+Regular bugfix and features release.
+
+Minor Changes
+-------------
+
+- Use offset-aware ``datetime.datetime`` objects (with timezone UTC) instead of offset-naive UTC timestamps, which are deprecated in Python 3.12 (https://github.com/ansible-collections/community.general/pull/8222).
+- apt_rpm - add new states ``latest`` and ``present_not_latest``. The value ``latest`` is equivalent to the current behavior of ``present``, which will upgrade a package if a newer version exists. ``present_not_latest`` does what most users would expect ``present`` to do: it does not upgrade if the package is already installed. The current behavior of ``present`` will be deprecated in a later version, and eventually changed to that of ``present_not_latest`` (https://github.com/ansible-collections/community.general/issues/8217, https://github.com/ansible-collections/community.general/pull/8247).
+- bitwarden lookup plugin - add support to filter by organization ID (https://github.com/ansible-collections/community.general/pull/8188).
+- filesystem - add bcachefs support (https://github.com/ansible-collections/community.general/pull/8126).
+- ini_file - add an optional parameter ``section_has_values``. If the target ini file contains more than one ``section``, use ``section_has_values`` to specify which one should be updated (https://github.com/ansible-collections/community.general/pull/7505).
+- java_cert - add ``cert_content`` argument (https://github.com/ansible-collections/community.general/pull/8153).
+- keycloak_client, keycloak_clientscope, keycloak_clienttemplate - added ``docker-v2`` protocol support, enhancing alignment with Keycloak's protocol options (https://github.com/ansible-collections/community.general/issues/8215, https://github.com/ansible-collections/community.general/pull/8216).
+- nmcli - adds OpenvSwitch support with new ``type`` values ``ovs-port``, ``ovs-interface``, and ``ovs-bridge``, and new ``slave_type`` value ``ovs-port`` (https://github.com/ansible-collections/community.general/pull/8154).
+- osx_defaults - add option ``check_types`` to enable changing the type of existing defaults on the fly (https://github.com/ansible-collections/community.general/pull/8173).
+- passwordstore lookup - add ``missing_subkey`` parameter defining the behavior of the lookup when a passwordstore subkey is missing (https://github.com/ansible-collections/community.general/pull/8166).
+- portage - adds the possibility to explicitely tell portage to write packages to world file (https://github.com/ansible-collections/community.general/issues/6226, https://github.com/ansible-collections/community.general/pull/8236).
+- redfish_command - add command ``ResetToDefaults`` to reset manager to default state (https://github.com/ansible-collections/community.general/issues/8163).
+- redfish_info - add boolean return value ``MultipartHttpPush`` to ``GetFirmwareUpdateCapabilities`` (https://github.com/ansible-collections/community.general/issues/8194, https://github.com/ansible-collections/community.general/pull/8195).
+- ssh_config - allow ``accept-new`` as valid value for ``strict_host_key_checking`` (https://github.com/ansible-collections/community.general/pull/8257).
+
+Deprecated Features
+-------------------
+
+- hipchat callback plugin - the hipchat service has been discontinued and the self-hosted variant has been End of Life since 2020. The callback plugin is therefore deprecated and will be removed from community.general 10.0.0 if nobody provides compelling reasons to still keep it (https://github.com/ansible-collections/community.general/issues/8184, https://github.com/ansible-collections/community.general/pull/8189).
+
+Bugfixes
+--------
+
+- aix_filesystem - fix ``_validate_vg`` not passing VG name to ``lsvg_cmd`` (https://github.com/ansible-collections/community.general/issues/8151).
+- apt_rpm - when checking whether packages were installed after running ``apt-get -y install <packages>``, only the last package name was checked (https://github.com/ansible-collections/community.general/pull/8263).
+- bitwarden_secrets_manager lookup plugin - implements retry with exponential backoff to avoid lookup errors when Bitwardn's API rate limiting is encountered (https://github.com/ansible-collections/community.general/issues/8230, https://github.com/ansible-collections/community.general/pull/8238).
+- from_ini filter plugin - disabling interpolation of ``ConfigParser`` to allow converting values with a ``%`` sign (https://github.com/ansible-collections/community.general/issues/8183, https://github.com/ansible-collections/community.general/pull/8185).
+- gitlab_issue, gitlab_label, gitlab_milestone - avoid crash during version comparison when the python-gitlab Python module is not installed (https://github.com/ansible-collections/community.general/pull/8158).
+- haproxy - fix an issue where HAProxy could get stuck in DRAIN mode when the backend was unreachable (https://github.com/ansible-collections/community.general/issues/8092).
+- inventory plugins - add unsafe wrapper to avoid marking strings that do not contain ``{`` or ``}`` as unsafe, to work around a bug in AWX ((https://github.com/ansible-collections/community.general/issues/8212, https://github.com/ansible-collections/community.general/pull/8225).
+- ipa - fix get version regex in IPA module_utils (https://github.com/ansible-collections/community.general/pull/8175).
+- keycloak_client - add sorted ``defaultClientScopes`` and ``optionalClientScopes`` to normalizations (https://github.com/ansible-collections/community.general/pull/8223).
+- keycloak_realm - add normalizations for ``enabledEventTypes`` and ``supportedLocales`` (https://github.com/ansible-collections/community.general/pull/8224).
+- puppet - add option ``environment_lang`` to set the environment language encoding. Defaults to lang ``C``. It is recommended to set it to ``C.UTF-8`` or ``en_US.UTF-8`` depending on what is available on your system. (https://github.com/ansible-collections/community.general/issues/8000)
+- riak - support ``riak admin`` sub-command in newer Riak KV versions beside the legacy ``riak-admin`` main command (https://github.com/ansible-collections/community.general/pull/8211).
+- to_ini filter plugin - disabling interpolation of ``ConfigParser`` to allow converting values with a ``%`` sign (https://github.com/ansible-collections/community.general/issues/8183, https://github.com/ansible-collections/community.general/pull/8185).
+- xml - make module work with lxml 5.1.1, which removed some internals that the module was relying on (https://github.com/ansible-collections/community.general/pull/8169).
+
+New Modules
+-----------
+
+- community.general.keycloak_client_rolescope - Allows administration of Keycloak client roles scope to restrict the usage of certain roles to a other specific client applications.
+
 v8.5.0
 ======

@@ -49,7 +312,7 @@ Bugfixes
 New Modules
 -----------

- usb_facts - Allows listing information about USB devices
+- community.general.usb_facts - Allows listing information about USB devices

 v8.4.0
 ======
@@ -91,21 +354,21 @@ New Plugins
 Callback
 ~~~~~~~~

- default_without_diff - The default ansible callback without diff output
+- community.general.default_without_diff - The default ansible callback without diff output

 Filter
 ~~~~~~

- lists_difference - Difference of lists with a predictive order
- lists_intersect - Intersection of lists with a predictive order
- lists_symmetric_difference - Symmetric Difference of lists with a predictive order
- lists_union - Union of lists with a predictive order
+- community.general.lists_difference - Difference of lists with a predictive order
+- community.general.lists_intersect - Intersection of lists with a predictive order
+- community.general.lists_symmetric_difference - Symmetric Difference of lists with a predictive order
+- community.general.lists_union - Union of lists with a predictive order

 New Modules
 -----------

- gitlab_group_access_token - Manages GitLab group access tokens
- gitlab_project_access_token - Manages GitLab project access tokens
+- community.general.gitlab_group_access_token - Manages GitLab group access tokens
+- community.general.gitlab_project_access_token - Manages GitLab project access tokens

 v8.3.0
 ======
@@ -147,12 +410,12 @@ Bugfixes
 New Modules
 -----------

- consul_acl_bootstrap - Bootstrap ACLs in Consul
- consul_auth_method - Manipulate Consul auth methods
- consul_binding_rule - Manipulate Consul binding rules
- consul_token - Manipulate Consul tokens
- gitlab_label - Creates/updates/deletes GitLab Labels belonging to project or group.
- gitlab_milestone - Creates/updates/deletes GitLab Milestones belonging to project or group
+- community.general.consul_acl_bootstrap - Bootstrap ACLs in Consul
+- community.general.consul_auth_method - Manipulate Consul auth methods
+- community.general.consul_binding_rule - Manipulate Consul binding rules
+- community.general.consul_token - Manipulate Consul tokens
+- community.general.gitlab_label - Creates/updates/deletes GitLab Labels belonging to project or group.
+- community.general.gitlab_milestone - Creates/updates/deletes GitLab Milestones belonging to project or group

 v8.2.0
 ======
@@ -193,27 +456,27 @@ New Plugins
 Connection
 ~~~~~~~~~~

- incus - Run tasks in Incus instances via the Incus CLI.
+- community.general.incus - Run tasks in Incus instances via the Incus CLI.

 Filter
 ~~~~~~

- from_ini - Converts INI text input into a dictionary
- to_ini - Converts a dictionary to the INI file format
+- community.general.from_ini - Converts INI text input into a dictionary
+- community.general.to_ini - Converts a dictionary to the INI file format

 Lookup
 ~~~~~~

- github_app_access_token - Obtain short-lived Github App Access tokens
+- community.general.github_app_access_token - Obtain short-lived Github App Access tokens

 New Modules
 -----------

- dnf_config_manager - Enable or disable dnf repositories using config-manager
- keycloak_component_info - Retrive component info in Keycloak
- keycloak_realm_rolemapping - Allows administration of Keycloak realm role mappings into groups with the Keycloak API
- proxmox_node_info - Retrieve information about one or more Proxmox VE nodes
- proxmox_storage_contents_info - List content from a Proxmox VE storage
+- community.general.dnf_config_manager - Enable or disable dnf repositories using config-manager
+- community.general.keycloak_component_info - Retrive component info in Keycloak
+- community.general.keycloak_realm_rolemapping - Allows administration of Keycloak realm role mappings into groups with the Keycloak API
+- community.general.proxmox_node_info - Retrieve information about one or more Proxmox VE nodes
+- community.general.proxmox_storage_contents_info - List content from a Proxmox VE storage

 v8.1.0
 ======
@@ -284,19 +547,19 @@ New Plugins
 Lookup
 ~~~~~~

- onepassword_doc - Fetch documents stored in 1Password
+- community.general.onepassword_doc - Fetch documents stored in 1Password

 Test
 ~~~~

- fqdn_valid - Validates fully-qualified domain names against RFC 1123
+- community.general.fqdn_valid - Validates fully-qualified domain names against RFC 1123

 New Modules
 -----------

- git_config_info - Read git configuration
- gitlab_issue - Create, update, or delete GitLab issues
- nomad_token - Manage Nomad ACL tokens
+- community.general.git_config_info - Read git configuration
+- community.general.gitlab_issue - Create, update, or delete GitLab issues
+- community.general.nomad_token - Manage Nomad ACL tokens

 v8.0.2
 ======
@@ -630,27 +893,27 @@ New Plugins
 Lookup
 ~~~~~~

- bitwarden_secrets_manager - Retrieve secrets from Bitwarden Secrets Manager
+- community.general.bitwarden_secrets_manager - Retrieve secrets from Bitwarden Secrets Manager

 New Modules
 -----------

- consul_policy - Manipulate Consul policies
- consul_role - Manipulate Consul roles
- facter_facts - Runs the discovery program C(facter) on the remote system and return Ansible facts
- gio_mime - Set default handler for MIME type, for applications using Gnome GIO
- gitlab_instance_variable - Creates, updates, or deletes GitLab instance variables
- gitlab_merge_request - Create, update, or delete GitLab merge requests
- jenkins_build_info - Get information about Jenkins builds
- keycloak_authentication_required_actions - Allows administration of Keycloak authentication required actions
- keycloak_authz_custom_policy - Allows administration of Keycloak client custom Javascript policies via Keycloak API
- keycloak_authz_permission - Allows administration of Keycloak client authorization permissions via Keycloak API
- keycloak_authz_permission_info - Query Keycloak client authorization permissions information
- keycloak_realm_key - Allows administration of Keycloak realm keys via Keycloak API
- keycloak_user - Create and configure a user in Keycloak
- lvg_rename - Renames LVM volume groups
- pnpm - Manage node.js packages with pnpm
- proxmox_pool - Pool management for Proxmox VE cluster
- proxmox_pool_member - Add or delete members from Proxmox VE cluster pools
- proxmox_vm_info - Retrieve information about one or more Proxmox VE virtual machines
- simpleinit_msb - Manage services on Source Mage GNU/Linux
+- community.general.consul_policy - Manipulate Consul policies
+- community.general.consul_role - Manipulate Consul roles
+- community.general.facter_facts - Runs the discovery program C(facter) on the remote system and return Ansible facts
+- community.general.gio_mime - Set default handler for MIME type, for applications using Gnome GIO
+- community.general.gitlab_instance_variable - Creates, updates, or deletes GitLab instance variables
+- community.general.gitlab_merge_request - Create, update, or delete GitLab merge requests
+- community.general.jenkins_build_info - Get information about Jenkins builds
+- community.general.keycloak_authentication_required_actions - Allows administration of Keycloak authentication required actions
+- community.general.keycloak_authz_custom_policy - Allows administration of Keycloak client custom Javascript policies via Keycloak API
+- community.general.keycloak_authz_permission - Allows administration of Keycloak client authorization permissions via Keycloak API
+- community.general.keycloak_authz_permission_info - Query Keycloak client authorization permissions information
+- community.general.keycloak_realm_key - Allows administration of Keycloak realm keys via Keycloak API
+- community.general.keycloak_user - Create and configure a user in Keycloak
+- community.general.lvg_rename - Renames LVM volume groups
+- community.general.pnpm - Manage node.js packages with pnpm
+- community.general.proxmox_pool - Pool management for Proxmox VE cluster
+- community.general.proxmox_pool_member - Add or delete members from Proxmox VE cluster pools
+- community.general.proxmox_vm_info - Retrieve information about one or more Proxmox VE virtual machines
+- community.general.simpleinit_msb - Manage services on Source Mage GNU/Linux
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -31,7 +31,9 @@ Also, consider taking up a valuable, reviewed, but abandoned pull request which
 * Try committing your changes with an informative but short commit message.
 * Do not squash your commits and force-push to your branch if not needed. Reviews of your pull request are much easier with individual commits to comprehend the pull request history. All commits of your pull request branch will be squashed into one commit by GitHub upon merge.
 * Do not add merge commits to your PR. The bot will complain and you will have to rebase ([instructions for rebasing](https://docs.ansible.com/ansible/latest/dev_guide/developing_rebasing.html)) to remove them before your PR can be merged. To avoid that git automatically does merges during pulls, you can configure it to do rebases instead by running `git config pull.rebase true` inside the repository checkout.
-* Make sure your PR includes a [changelog fragment](https://docs.ansible.com/ansible/devel/community/development_process.html#creating-changelog-fragments). (You must not include a fragment for new modules or new plugins. Also you shouldn't include one for docs-only changes. If you're not sure, simply don't include one, we'll tell you whether one is needed or not :) )
+* Make sure your PR includes a [changelog fragment](https://docs.ansible.com/ansible/devel/community/collection_development_process.html#creating-a-changelog-fragment).
+  * You must not include a fragment for new modules or new plugins. Also you shouldn't include one for docs-only changes. (If you're not sure, simply don't include one, we'll tell you whether one is needed or not :) )
+  * Please always include a link to the pull request itself, and if the PR is about an issue, also a link to the issue. Also make sure the fragment ends with a period, and begins with a lower-case letter after `-`. (Again, if you don't do this, we'll add suggestions to fix it, so don't worry too much :) )
 * Avoid reformatting unrelated parts of the codebase in your PR. These types of changes will likely be requested for reversion, create additional work for reviewers, and may cause approval to be delayed.

 You can also read [our Quick-start development guide](https://github.com/ansible/community-docs/blob/main/create_pr_quick_start_guide.rst).
@@ -54,6 +56,8 @@ cd ~/dev/ansible_collections/community/general

 Then you can run `ansible-test` (which is a part of [ansible-core](https://pypi.org/project/ansible-core/)) inside the checkout. The following example commands expect that you have installed Docker or Podman. Note that Podman has only been supported by more recent ansible-core releases. If you are using Docker, the following will work with Ansible 2.9+.

+### Sanity tests
+
 The following commands show how to run sanity tests:

 ```.bash
@@ -64,6 +68,8 @@ ansible-test sanity --docker -v
 ansible-test sanity --docker -v plugins/modules/system/pids.py tests/integration/targets/pids/
 ```

+### Unit tests
+
 The following commands show how to run unit tests:

 ```.bash
@@ -77,13 +83,32 @@ ansible-test units --docker -v --python 3.8
 ansible-test units --docker -v --python 3.8 tests/unit/plugins/modules/net_tools/test_nmcli.py
 ```

+### Integration tests
+
 The following commands show how to run integration tests:

-```.bash
-# Run integration tests for the interfaces_files module in a Docker container using the
-# fedora35 operating system image (the supported images depend on your ansible-core version):
-ansible-test integration --docker fedora35 -v interfaces_file
+#### In Docker

+Integration tests on Docker have the following parameters:
+- `image_name` (required): The name of the Docker image. To get the list of supported Docker images, run
+  `ansible-test integration --help` and look for _target docker images_.
+- `test_name` (optional): The name of the integration test.  
+  For modules, this equals the short name of the module; for example, `pacman` in case of `community.general.pacman`.  
+  For plugins, the plugin type is added before the plugin's short name, for example `callback_yaml` for the `community.general.yaml` callback.
+```.bash
+# Test all plugins/modules on fedora40
+ansible-test integration -v --docker fedora40
+
+# Template
+ansible-test integration -v --docker image_name test_name
+
+# Example community.general.ini_file module on fedora40 Docker image:
+ansible-test integration -v --docker fedora40 ini_file
+```
+
+#### Without isolation
+
+```.bash
 # Run integration tests for the flattened lookup **without any isolation**:
 ansible-test integration -v lookup_flattened
 ```
--- a/README.md
+++ b/README.md
@@ -6,9 +6,11 @@ SPDX-License-Identifier: GPL-3.0-or-later

 # Community General Collection

+[![Documentation](https://img.shields.io/badge/docs-brightgreen.svg)](https://docs.ansible.com/ansible/devel/collections/community/general/)
 [![Build Status](https://dev.azure.com/ansible/community.general/_apis/build/status/CI?branchName=stable-8)](https://dev.azure.com/ansible/community.general/_build?definitionId=31)
-[![EOL CI](https://github.com/ansible-collections/community.general/workflows/EOL%20CI/badge.svg?event=push)](https://github.com/ansible-collections/community.general/actions)
+[![EOL CI](https://github.com/ansible-collections/community.general/actions/workflows/ansible-test.yml/badge.svg?branch=stable-8)](https://github.com/ansible-collections/community.general/actions)
 [![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/community.general)](https://codecov.io/gh/ansible-collections/community.general)
+[![REUSE status](https://api.reuse.software/badge/github.com/ansible-collections/community.general)](https://api.reuse.software/info/github.com/ansible-collections/community.general)

 This repository contains the `community.general` Ansible Collection. The collection is a part of the Ansible package and includes many modules and plugins supported by Ansible community which are not part of more specialized community collections.

@@ -22,9 +24,21 @@ We follow [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/comm

 If you encounter abusive behavior violating the [Ansible Code of Conduct](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html), please refer to the [policy violations](https://docs.ansible.com/ansible/latest/community/code_of_conduct.html#policy-violations) section of the Code of Conduct for information on how to raise a complaint.

+## Communication
+
+* Join the Ansible forum:
+  * [Get Help](https://forum.ansible.com/c/help/6): get help or help others. This is for questions about modules or plugins in the collection. Please add appropriate tags if you start new discussions.
+  * [Tag `community-general`](https://forum.ansible.com/tag/community-general): discuss the *collection itself*, instead of specific modules or plugins.
+  * [Social Spaces](https://forum.ansible.com/c/chat/4): gather and interact with fellow enthusiasts.
+  * [News & Announcements](https://forum.ansible.com/c/news/5): track project-wide announcements including social events.
+
+* The Ansible [Bullhorn newsletter](https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn): used to announce releases and important changes.
+
+For more information about communication, see the [Ansible communication guide](https://docs.ansible.com/ansible/devel/community/communication.html).
+
 ## Tested with Ansible

-Tested with the current ansible-core 2.13, ansible-core 2.14, ansible-core 2.15, ansible-core 2.16 releases and the current development version of ansible-core. Ansible-core versions before 2.13.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.
+Tested with the current ansible-core 2.13, ansible-core 2.14, ansible-core 2.15, ansible-core 2.16, ansible-core 2.17, and ansible-core 2.18 releases of ansible-core. Ansible-core versions before 2.13.0 are not supported. This includes all ansible-base 2.10 and Ansible 2.9 releases.

 ## External requirements

@@ -97,18 +111,6 @@ It is necessary for maintainers of this collection to be subscribed to:

 They also should be subscribed to Ansible's [The Bullhorn newsletter](https://docs.ansible.com/ansible/devel/community/communication.html#the-bullhorn).

-## Communication
-
-We announce important development changes and releases through Ansible's [The Bullhorn newsletter](https://eepurl.com/gZmiEP). If you are a collection developer, be sure you are subscribed.
-
-Join us in the `#ansible` (general use questions and support), `#ansible-community` (community and collection development questions), and other [IRC channels](https://docs.ansible.com/ansible/devel/community/communication.html#irc-channels) on [Libera.chat](https://libera.chat).
-
-We take part in the global quarterly [Ansible Contributor Summit](https://github.com/ansible/community/wiki/Contributor-Summit) virtually or in-person. Track [The Bullhorn newsletter](https://eepurl.com/gZmiEP) and join us.
-
-For more information about communities, meetings and agendas see [Community Wiki](https://github.com/ansible/community/wiki/Community).
-
-For more information about communication, refer to Ansible's the [Communication guide](https://docs.ansible.com/ansible/devel/community/communication.html).
-
 ## Publishing New Version

 See the [Releasing guidelines](https://github.com/ansible/community-docs/blob/main/releasing_collections.rst) to learn how to release this collection.
@@ -138,4 +140,4 @@ See [LICENSES/GPL-3.0-or-later.txt](https://github.com/ansible-collections/commu

 Parts of the collection are licensed under the [BSD 2-Clause license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/BSD-2-Clause.txt), the [MIT license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/MIT.txt), and the [PSF 2.0 license](https://github.com/ansible-collections/community.general/blob/main/LICENSES/PSF-2.0.txt).

-All files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `.reuse/dep5`. This conforms to the [REUSE specification](https://reuse.software/spec/).
+All files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `REUSE.toml`. This conforms to the [REUSE specification](https://reuse.software/spec/).
--- a/REUSE.toml
+++ b/REUSE.toml
@@ -0,0 +1,11 @@
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+version = 1
+
+[[annotations]]
+path = "changelogs/fragments/**"
+precedence = "aggregate"
+SPDX-FileCopyrightText = "Ansible Project"
+SPDX-License-Identifier = "GPL-3.0-or-later"
--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
--- a/changelogs/config.yaml
+++ b/changelogs/config.yaml
@@ -18,20 +18,25 @@ output_formats:
 prelude_section_name: release_summary
 prelude_section_title: Release Summary
 sections:
- - major_changes
-  - Major Changes
- - minor_changes
-  - Minor Changes
- - breaking_changes
-  - Breaking Changes / Porting Guide
- - deprecated_features
-  - Deprecated Features
- - removed_features
-  - Removed Features (previously deprecated)
- - security_fixes
-  - Security Fixes
- - bugfixes
-  - Bugfixes
- - known_issues
-  - Known Issues
+  - - major_changes
+    - Major Changes
+  - - minor_changes
+    - Minor Changes
+  - - breaking_changes
+    - Breaking Changes / Porting Guide
+  - - deprecated_features
+    - Deprecated Features
+  - - removed_features
+    - Removed Features (previously deprecated)
+  - - security_fixes
+    - Security Fixes
+  - - bugfixes
+    - Bugfixes
+  - - known_issues
+    - Known Issues
 title: Community General
+trivial_section_name: trivial
+use_fqcn: true
+add_plugin_period: true
+changelog_nice_yaml: true
+changelog_sort: version
--- a/docs/docsite/config.yml
+++ b/docs/docsite/config.yml
@@ -0,0 +1,7 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+changelog:
+  write_changelog: true
--- a/docs/docsite/helper/lists_mergeby/default-common.yml
+++ b/docs/docsite/helper/lists_mergeby/default-common.yml
@@ -2,17 +2,11 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
 list1:
-  - name: foo
-    extra: true
-  - name: bar
-    extra: false
-  - name: meh
-    extra: true
+  - {name: foo, extra: true}
+  - {name: bar, extra: false}
+  - {name: meh, extra: true}

 list2:
-  - name: foo
-    path: /foo
-  - name: baz
-    path: /baz
+  - {name: foo, path: /foo}
+  - {name: baz, path: /baz}
--- a/docs/docsite/helper/lists_mergeby/default-recursive-true.yml
+++ b/docs/docsite/helper/lists_mergeby/default-recursive-true.yml
@@ -2,14 +2,12 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
 list1:
  - name: myname01
    param01:
      x: default_value
      y: default_value
-      list:
-        - default_value
+      list: [default_value]
  - name: myname02
    param01: [1, 1, 2, 3]

@@ -18,7 +16,6 @@ list2:
    param01:
      y: patch_value
      z: patch_value
-      list:
-        - patch_value
+      list: [patch_value]
  - name: myname02
-    param01: [3, 4, 4, {key: value}]
+    param01: [3, 4, 4]
--- a/docs/docsite/helper/lists_mergeby/example-001.yml
+++ b/docs/docsite/helper/lists_mergeby/example-001.yml
@@ -8,7 +8,7 @@
    dir: example-001_vars
 - debug:
    var: list3
-  when: debug|d(false)|bool
+  when: debug | d(false) | bool
 - template:
    src: list3.out.j2
    dest: example-001.out
--- a/docs/docsite/helper/lists_mergeby/example-001_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-001_vars/list3.yml
@@ -2,6 +2,5 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
-list3: "{{ list1|
+list3: "{{ list1 |
           community.general.lists_mergeby(list2, 'name') }}"
--- a/docs/docsite/helper/lists_mergeby/example-002.yml
+++ b/docs/docsite/helper/lists_mergeby/example-002.yml
@@ -8,7 +8,7 @@
    dir: example-002_vars
 - debug:
    var: list3
-  when: debug|d(false)|bool
+  when: debug | d(false) | bool
 - template:
    src: list3.out.j2
    dest: example-002.out
--- a/docs/docsite/helper/lists_mergeby/example-002_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-002_vars/list3.yml
@@ -2,6 +2,5 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
-list3: "{{ [list1, list2]|
+list3: "{{ [list1, list2] |
           community.general.lists_mergeby('name') }}"
--- a/docs/docsite/helper/lists_mergeby/example-003.yml
+++ b/docs/docsite/helper/lists_mergeby/example-003.yml
@@ -8,7 +8,7 @@
    dir: example-003_vars
 - debug:
    var: list3
-  when: debug|d(false)|bool
+  when: debug | d(false) | bool
 - template:
    src: list3.out.j2
    dest: example-003.out
--- a/docs/docsite/helper/lists_mergeby/example-003_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-003_vars/list3.yml
@@ -2,7 +2,6 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
-list3: "{{ [list1, list2]|
+list3: "{{ [list1, list2] |
           community.general.lists_mergeby('name',
                                           recursive=true) }}"
--- a/docs/docsite/helper/lists_mergeby/example-004.yml
+++ b/docs/docsite/helper/lists_mergeby/example-004.yml
@@ -8,7 +8,7 @@
    dir: example-004_vars
 - debug:
    var: list3
-  when: debug|d(false)|bool
+  when: debug | d(false) | bool
 - template:
    src: list3.out.j2
    dest: example-004.out
--- a/docs/docsite/helper/lists_mergeby/example-004_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-004_vars/list3.yml
@@ -2,8 +2,7 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
-list3: "{{ [list1, list2]|
+list3: "{{ [list1, list2] |
           community.general.lists_mergeby('name',
                                           recursive=true,
                                           list_merge='keep') }}"
--- a/docs/docsite/helper/lists_mergeby/example-005.yml
+++ b/docs/docsite/helper/lists_mergeby/example-005.yml
@@ -8,7 +8,7 @@
    dir: example-005_vars
 - debug:
    var: list3
-  when: debug|d(false)|bool
+  when: debug | d(false) | bool
 - template:
    src: list3.out.j2
    dest: example-005.out
--- a/docs/docsite/helper/lists_mergeby/example-005_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-005_vars/list3.yml
@@ -2,8 +2,7 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
-list3: "{{ [list1, list2]|
+list3: "{{ [list1, list2] |
           community.general.lists_mergeby('name',
                                           recursive=true,
                                           list_merge='append') }}"
--- a/docs/docsite/helper/lists_mergeby/example-006.yml
+++ b/docs/docsite/helper/lists_mergeby/example-006.yml
@@ -8,7 +8,7 @@
    dir: example-006_vars
 - debug:
    var: list3
-  when: debug|d(false)|bool
+  when: debug | d(false) | bool
 - template:
    src: list3.out.j2
    dest: example-006.out
--- a/docs/docsite/helper/lists_mergeby/example-006_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-006_vars/list3.yml
@@ -2,8 +2,7 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
-list3: "{{ [list1, list2]|
+list3: "{{ [list1, list2] |
           community.general.lists_mergeby('name',
                                           recursive=true,
                                           list_merge='prepend') }}"
--- a/docs/docsite/helper/lists_mergeby/example-007.yml
+++ b/docs/docsite/helper/lists_mergeby/example-007.yml
@@ -8,7 +8,7 @@
    dir: example-007_vars
 - debug:
    var: list3
-  when: debug|d(false)|bool
+  when: debug|d(false) | bool
 - template:
    src: list3.out.j2
    dest: example-007.out
--- a/docs/docsite/helper/lists_mergeby/example-007_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-007_vars/list3.yml
@@ -2,8 +2,7 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
-list3: "{{ [list1, list2]|
+list3: "{{ [list1, list2] |
           community.general.lists_mergeby('name',
                                           recursive=true,
                                           list_merge='append_rp') }}"
--- a/docs/docsite/helper/lists_mergeby/example-008.yml
+++ b/docs/docsite/helper/lists_mergeby/example-008.yml
@@ -8,7 +8,7 @@
    dir: example-008_vars
 - debug:
    var: list3
-  when: debug|d(false)|bool
+  when: debug | d(false) | bool
 - template:
    src: list3.out.j2
    dest: example-008.out
--- a/docs/docsite/helper/lists_mergeby/example-008_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-008_vars/list3.yml
@@ -2,8 +2,7 @@
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
-
-list3: "{{ [list1, list2]|
+list3: "{{ [list1, list2] |
           community.general.lists_mergeby('name',
                                           recursive=true,
                                           list_merge='prepend_rp') }}"
--- a/docs/docsite/helper/lists_mergeby/example-009.yml
+++ b/docs/docsite/helper/lists_mergeby/example-009.yml
@@ -0,0 +1,14 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+- name: 9. Merge single list by common attribute 'name'
+  include_vars:
+    dir: example-009_vars
+- debug:
+    var: list3
+  when: debug | d(false) | bool
+- template:
+    src: list3.out.j2
+    dest: example-009.out
--- a/docs/docsite/helper/lists_mergeby/example-009_vars/default-common.yml
+++ b/docs/docsite/helper/lists_mergeby/example-009_vars/default-common.yml
@@ -0,0 +1 @@
+../default-common.yml
--- a/docs/docsite/helper/lists_mergeby/example-009_vars/list3.yml
+++ b/docs/docsite/helper/lists_mergeby/example-009_vars/list3.yml
@@ -0,0 +1,6 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+list3: "{{ [list1 + list2, []] |
+           community.general.lists_mergeby('name') }}"
--- a/docs/docsite/helper/lists_mergeby/examples.yml
+++ b/docs/docsite/helper/lists_mergeby/examples.yml
@@ -4,51 +4,75 @@
 # SPDX-License-Identifier: GPL-3.0-or-later

 examples:
-  - label: 'In the example below the lists are merged by the attribute ``name``:'
+  - title: Two lists
+    description: 'In the example below the lists are merged by the attribute ``name``:'
    file: example-001_vars/list3.yml
    lang: 'yaml+jinja'
-  - label: 'This produces:'
+  - title:
+    description: 'This produces:'
    file: example-001.out
    lang: 'yaml'
-  - label: 'It is possible to use a list of lists as an input of the filter:'
+  - title: List of two lists
+    description: 'It is possible to use a list of lists as an input of the filter:'
    file: example-002_vars/list3.yml
    lang: 'yaml+jinja'
-  - label: 'This produces the same result as in the previous example:'
+  - title:
+    description: 'This produces the same result as in the previous example:'
    file: example-002.out
    lang: 'yaml'
-  - label: 'Example ``list_merge=replace`` (default):'
+  - title: Single list
+    description: 'It is possible to merge single list:'
+    file: example-009_vars/list3.yml
+    lang: 'yaml+jinja'
+  - title:
+    description: 'This produces the same result as in the previous example:'
+    file: example-009.out
+    lang: 'yaml'
+  - title: list_merge=replace (default)
+    description: 'Example :ansopt:`community.general.lists_mergeby#filter:list_merge=replace` (default):'
    file: example-003_vars/list3.yml
    lang: 'yaml+jinja'
-  - label: 'This produces:'
+  - title:
+    description: 'This produces:'
    file: example-003.out
    lang: 'yaml'
-  - label: 'Example ``list_merge=keep``:'
+  - title: list_merge=keep
+    description: 'Example :ansopt:`community.general.lists_mergeby#filter:list_merge=keep`:'
    file: example-004_vars/list3.yml
    lang: 'yaml+jinja'
-  - label: 'This produces:'
+  - title:
+    description: 'This produces:'
    file: example-004.out
    lang: 'yaml'
-  - label: 'Example ``list_merge=append``:'
+  - title: list_merge=append
+    description: 'Example :ansopt:`community.general.lists_mergeby#filter:list_merge=append`:'
    file: example-005_vars/list3.yml
    lang: 'yaml+jinja'
-  - label: 'This produces:'
+  - title:
+    description: 'This produces:'
    file: example-005.out
    lang: 'yaml'
-  - label: 'Example ``list_merge=prepend``:'
+  - title: list_merge=prepend
+    description: 'Example :ansopt:`community.general.lists_mergeby#filter:list_merge=prepend`:'
    file: example-006_vars/list3.yml
    lang: 'yaml+jinja'
-  - label: 'This produces:'
+  - title:
+    description: 'This produces:'
    file: example-006.out
    lang: 'yaml'
-  - label: 'Example ``list_merge=append_rp``:'
+  - title: list_merge=append_rp
+    description: 'Example :ansopt:`community.general.lists_mergeby#filter:list_merge=append_rp`:'
    file: example-007_vars/list3.yml
    lang: 'yaml+jinja'
-  - label: 'This produces:'
+  - title:
+    description: 'This produces:'
    file: example-007.out
    lang: 'yaml'
-  - label: 'Example ``list_merge=prepend_rp``:'
+  - title: list_merge=prepend_rp
+    description: 'Example :ansopt:`community.general.lists_mergeby#filter:list_merge=prepend_rp`:'
    file: example-008_vars/list3.yml
    lang: 'yaml+jinja'
-  - label: 'This produces:'
+  - title:
+    description: 'This produces:'
    file: example-008.out
    lang: 'yaml'
--- a/docs/docsite/helper/lists_mergeby/examples_all.rst.j2
+++ b/docs/docsite/helper/lists_mergeby/examples_all.rst.j2
@@ -4,10 +4,10 @@
  SPDX-License-Identifier: GPL-3.0-or-later

 {% for i in examples %}
-{{ i.label }}
+{{ i.description }}

 .. code-block:: {{ i.lang }}

-  {{ lookup('file', i.file)|indent(2) }}
+  {{ lookup('file', i.file) | split('\n') | reject('match', '^(#|---)') | join ('\n') | indent(2) }}

 {% endfor %}
--- a/docs/docsite/helper/lists_mergeby/extra-vars.yml
+++ b/docs/docsite/helper/lists_mergeby/extra-vars.yml
@@ -0,0 +1,7 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+examples_one: true
+examples_all: true
+merging_lists_of_dictionaries: true
--- a/docs/docsite/helper/lists_mergeby/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst.j2
+++ b/docs/docsite/helper/lists_mergeby/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst.j2
@@ -6,57 +6,69 @@
 Merging lists of dictionaries
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

-If you have two or more lists of dictionaries and want to combine them into a list of merged dictionaries, where the dictionaries are merged by an attribute, you can use the ``lists_mergeby`` filter.
+If you have two or more lists of dictionaries and want to combine them into a list of merged dictionaries, where the dictionaries are merged by an attribute, you can use the :ansplugin:`community.general.lists_mergeby <community.general.lists_mergeby#filter>` filter.

-.. note:: The output of the examples in this section use the YAML callback plugin. Quoting: "Ansible output that can be quite a bit easier to read than the default JSON formatting." See :ref:`the documentation for the community.general.yaml callback plugin <ansible_collections.community.general.yaml_callback>`.
+.. note:: The output of the examples in this section use the YAML callback plugin. Quoting: "Ansible output that can be quite a bit easier to read than the default JSON formatting." See the documentation for the :ansplugin:`community.general.yaml callback plugin <community.general.yaml#callback>`.

 Let us use the lists below in the following examples:

 .. code-block:: yaml

-  {{ lookup('file', 'default-common.yml')|indent(2) }}
+  {{ lookup('file', 'default-common.yml') | split('\n') | reject('match', '^(#|---)') | join ('\n')  | indent(2) }}

 {% for i in examples[0:2] %}
-{{ i.label }}
+{% if i.title | d('', true) | length > 0 %}
+{{ i.title }}
+{{ "%s" % ('"' * i.title|length) }}
+{% endif %}
+{{ i.description }}

 .. code-block:: {{ i.lang }}

-  {{ lookup('file', i.file)|indent(2) }}
+  {{ lookup('file', i.file) | split('\n') | reject('match', '^(#|---)') | join ('\n') | indent(2) }}

 {% endfor %}

 .. versionadded:: 2.0.0

-{% for i in examples[2:4] %}
-{{ i.label }}
+{% for i in examples[2:6] %}
+{% if i.title | d('', true) | length > 0 %}
+{{ i.title }}
+{{ "%s" % ('"' * i.title|length) }}
+{% endif %}
+{{ i.description }}

 .. code-block:: {{ i.lang }}

-  {{ lookup('file', i.file)|indent(2) }}
+  {{ lookup('file', i.file) | split('\n') | reject('match', '^(#|---)') | join ('\n') | indent(2) }}

 {% endfor %}

-The filter also accepts two optional parameters: ``recursive`` and ``list_merge``. These parameters are only supported when used with ansible-base 2.10 or ansible-core, but not with Ansible 2.9. This is available since community.general 4.4.0.
+The filter also accepts two optional parameters: :ansopt:`community.general.lists_mergeby#filter:recursive` and :ansopt:`community.general.lists_mergeby#filter:list_merge`. This is available since community.general 4.4.0.

 **recursive**
-    Is a boolean, default to ``False``. Should the ``community.general.lists_mergeby`` recursively merge nested hashes. Note: It does not depend on the value of the ``hash_behaviour`` setting in ``ansible.cfg``.
+    Is a boolean, default to ``false``. Should the :ansplugin:`community.general.lists_mergeby#filter` filter recursively merge nested hashes. Note: It does not depend on the value of the ``hash_behaviour`` setting in ``ansible.cfg``.

 **list_merge**
-    Is a string, its possible values are ``replace`` (default), ``keep``, ``append``, ``prepend``, ``append_rp`` or ``prepend_rp``. It modifies the behaviour of ``community.general.lists_mergeby`` when the hashes to merge contain arrays/lists.
+    Is a string, its possible values are :ansval:`replace` (default), :ansval:`keep`, :ansval:`append`, :ansval:`prepend`, :ansval:`append_rp` or :ansval:`prepend_rp`. It modifies the behaviour of :ansplugin:`community.general.lists_mergeby#filter` when the hashes to merge contain arrays/lists.

-The examples below set ``recursive=true`` and display the differences among all six options of ``list_merge``. Functionality of the parameters is exactly the same as in the filter ``combine``. See :ref:`Combining hashes/dictionaries <combine_filter>` to learn details about these options.
+The examples below set :ansopt:`community.general.lists_mergeby#filter:recursive=true` and display the differences among all six options of :ansopt:`community.general.lists_mergeby#filter:list_merge`. Functionality of the parameters is exactly the same as in the filter :ansplugin:`ansible.builtin.combine#filter`. See :ref:`Combining hashes/dictionaries <combine_filter>` to learn details about these options.

 Let us use the lists below in the following examples

 .. code-block:: yaml

-  {{ lookup('file', 'default-recursive-true.yml')|indent(2) }}
+  {{ lookup('file', 'default-recursive-true.yml') | split('\n') | reject('match', '^(#|---)') | join ('\n') |indent(2) }}

-{% for i in examples[4:16] %}
-{{ i.label }}
+{% for i in examples[6:] %}
+{% if i.title | d('', true) | length > 0 %}
+{{ i.title }}
+{{ "%s" % ('"' * i.title|length) }}
+{% endif %}
+{{ i.description }}

 .. code-block:: {{ i.lang }}

-  {{ lookup('file', i.file)|indent(2) }}
+  {{ lookup('file', i.file) | split('\n') | reject('match', '^(#|---)') | join ('\n') |indent(2) }}

 {% endfor %}
--- a/docs/docsite/helper/lists_mergeby/list3.out.j2
+++ b/docs/docsite/helper/lists_mergeby/list3.out.j2
@@ -4,4 +4,4 @@ GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://w
 SPDX-License-Identifier: GPL-3.0-or-later
 #}
 list3:
-{{ list3|to_nice_yaml(indent=0) }}
+  {{ list3 | to_yaml(indent=2, sort_keys=false) | indent(2) }}
--- a/docs/docsite/helper/lists_mergeby/playbook.yml
+++ b/docs/docsite/helper/lists_mergeby/playbook.yml
@@ -5,7 +5,7 @@

 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 # 1) Run all examples and create example-XXX.out
-# shell> ansible-playbook playbook.yml -e examples=true
+# shell> ansible-playbook playbook.yml -e examples_one=true
 #
 # 2) Optionally, for testing, create examples_all.rst
 # shell> ansible-playbook playbook.yml -e examples_all=true
@@ -45,18 +45,20 @@
          tags: t007
        - import_tasks: example-008.yml
          tags: t008
-      when: examples|d(false)|bool
+        - import_tasks: example-009.yml
+          tags: t009
+      when: examples_one | d(false) | bool

    - block:
        - include_vars: examples.yml
        - template:
            src: examples_all.rst.j2
            dest: examples_all.rst
-      when: examples_all|d(false)|bool
+      when: examples_all | d(false) | bool

    - block:
        - include_vars: examples.yml
        - template:
            src: filter_guide_abstract_informations_merging_lists_of_dictionaries.rst.j2
            dest: filter_guide_abstract_informations_merging_lists_of_dictionaries.rst
-      when: merging_lists_of_dictionaries|d(false)|bool
+      when: merging_lists_of_dictionaries | d(false) | bool
--- a/docs/docsite/links.yml
+++ b/docs/docsite/links.yml
@@ -9,6 +9,8 @@ edit_on_github:
  path_prefix: ''

 extra_links:
+  - description: Ask for help
+    url: https://forum.ansible.com/c/help/6/none
  - description: Submit a bug report
    url: https://github.com/ansible-collections/community.general/issues/new?assignees=&labels=&template=bug_report.yml
  - description: Request a feature
@@ -22,6 +24,10 @@ communication:
    - topic: General usage and support questions
      network: Libera
      channel: '#ansible'
-  mailing_lists:
-    - topic: Ansible Project List
-      url: https://groups.google.com/g/ansible-project
+  forums:
+    - topic: "Ansible Forum: General usage and support questions"
+      # The following URL directly points to the "Get Help" section
+      url: https://forum.ansible.com/c/help/6/none
+    - topic: "Ansible Forum: Discussions about the collection itself, not for specific modules or plugins"
+      # The following URL directly points to the "community-general" tag
+      url: https://forum.ansible.com/tag/community-general
--- a/docs/docsite/rst/filter_guide_abstract_informations_lists_helper.rst
+++ b/docs/docsite/rst/filter_guide_abstract_informations_lists_helper.rst
@@ -65,7 +65,7 @@ All three statements are equivalent and give:

 .. note:: Be aware that in most cases, filter calls without any argument require ``flatten=true``, otherwise the input is returned as result. The reason for this is, that the input is considered as a variable argument and is wrapped by an additional outer list. ``flatten=true`` ensures that this list is removed before the input is processed by the filter logic.

-The filters ansplugin:`community.general.lists_difference#filter` or :ansplugin:`community.general.lists_symmetric_difference#filter` can be used in the same way as the filters in the examples above. They calculate the difference or the symmetric difference between two or more lists and preserve the item order.
+The filters :ansplugin:`community.general.lists_difference#filter` or :ansplugin:`community.general.lists_symmetric_difference#filter` can be used in the same way as the filters in the examples above. They calculate the difference or the symmetric difference between two or more lists and preserve the item order.

 For example, the symmetric difference of ``A``, ``B`` and ``C`` may be written as:

--- a/docs/docsite/rst/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst
+++ b/docs/docsite/rst/filter_guide_abstract_informations_merging_lists_of_dictionaries.rst
@@ -6,33 +6,30 @@
 Merging lists of dictionaries
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

-If you have two or more lists of dictionaries and want to combine them into a list of merged dictionaries, where the dictionaries are merged by an attribute, you can use the :ansplugin:`community.general.lists_mergeby filter <community.general.lists_mergeby#filter>`.
+If you have two or more lists of dictionaries and want to combine them into a list of merged dictionaries, where the dictionaries are merged by an attribute, you can use the :ansplugin:`community.general.lists_mergeby <community.general.lists_mergeby#filter>` filter.

-.. note:: The output of the examples in this section use the YAML callback plugin. Quoting: "Ansible output that can be quite a bit easier to read than the default JSON formatting." See :ref:`the documentation for the community.general.yaml callback plugin <ansible_collections.community.general.yaml_callback>`.
+.. note:: The output of the examples in this section use the YAML callback plugin. Quoting: "Ansible output that can be quite a bit easier to read than the default JSON formatting." See the documentation for the :ansplugin:`community.general.yaml callback plugin <community.general.yaml#callback>`.

 Let us use the lists below in the following examples:

 .. code-block:: yaml

  list1:
-    - name: foo
-      extra: true
-    - name: bar
-      extra: false
-    - name: meh
-      extra: true
+    - {name: foo, extra: true}
+    - {name: bar, extra: false}
+    - {name: meh, extra: true}

  list2:
-    - name: foo
-      path: /foo
-    - name: baz
-      path: /baz
+    - {name: foo, path: /foo}
+    - {name: baz, path: /baz}

+Two lists
+"""""""""
 In the example below the lists are merged by the attribute ``name``:

 .. code-block:: yaml+jinja

-  list3: "{{ list1|
+  list3: "{{ list1 |
             community.general.lists_mergeby(list2, 'name') }}"

 This produces:
@@ -40,24 +37,21 @@ This produces:
 .. code-block:: yaml

  list3:
-  - extra: false
-    name: bar
-  - name: baz
-    path: /baz
-  - extra: true
-    name: foo
-    path: /foo
-  - extra: true
-    name: meh
+    - {name: bar, extra: false}
+    - {name: baz, path: /baz}
+    - {name: foo, extra: true, path: /foo}
+    - {name: meh, extra: true}


 .. versionadded:: 2.0.0

+List of two lists
+"""""""""""""""""
 It is possible to use a list of lists as an input of the filter:

 .. code-block:: yaml+jinja

-  list3: "{{ [list1, list2]|
+  list3: "{{ [list1, list2] |
             community.general.lists_mergeby('name') }}"

 This produces the same result as in the previous example:
@@ -65,15 +59,29 @@ This produces the same result as in the previous example:
 .. code-block:: yaml

  list3:
-  - extra: false
-    name: bar
-  - name: baz
-    path: /baz
-  - extra: true
-    name: foo
-    path: /foo
-  - extra: true
-    name: meh
+    - {name: bar, extra: false}
+    - {name: baz, path: /baz}
+    - {name: foo, extra: true, path: /foo}
+    - {name: meh, extra: true}
+
+Single list
+"""""""""""
+It is possible to merge single list:
+
+.. code-block:: yaml+jinja
+
+  list3: "{{ [list1 + list2, []] |
+             community.general.lists_mergeby('name') }}"
+
+This produces the same result as in the previous example:
+
+.. code-block:: yaml
+
+  list3:
+    - {name: bar, extra: false}
+    - {name: baz, path: /baz}
+    - {name: foo, extra: true, path: /foo}
+    - {name: meh, extra: true}


 The filter also accepts two optional parameters: :ansopt:`community.general.lists_mergeby#filter:recursive` and :ansopt:`community.general.lists_mergeby#filter:list_merge`. This is available since community.general 4.4.0.
@@ -95,8 +103,7 @@ Let us use the lists below in the following examples
      param01:
        x: default_value
        y: default_value
-        list:
-          - default_value
+        list: [default_value]
    - name: myname02
      param01: [1, 1, 2, 3]

@@ -105,16 +112,17 @@ Let us use the lists below in the following examples
      param01:
        y: patch_value
        z: patch_value
-        list:
-          - patch_value
+        list: [patch_value]
    - name: myname02
-      param01: [3, 4, 4, {key: value}]
+      param01: [3, 4, 4]

+list_merge=replace (default)
+""""""""""""""""""""""""""""
 Example :ansopt:`community.general.lists_mergeby#filter:list_merge=replace` (default):

 .. code-block:: yaml+jinja

-  list3: "{{ [list1, list2]|
+  list3: "{{ [list1, list2] |
             community.general.lists_mergeby('name',
                                             recursive=true) }}"

@@ -123,25 +131,22 @@ This produces:
 .. code-block:: yaml

  list3:
-  - name: myname01
-    param01:
-      list:
-      - patch_value
-      x: default_value
-      y: patch_value
-      z: patch_value
-  - name: myname02
-    param01:
-    - 3
-    - 4
-    - 4
-    - key: value
+    - name: myname01
+      param01:
+        x: default_value
+        y: patch_value
+        list: [patch_value]
+        z: patch_value
+    - name: myname02
+      param01: [3, 4, 4]

+list_merge=keep
+"""""""""""""""
 Example :ansopt:`community.general.lists_mergeby#filter:list_merge=keep`:

 .. code-block:: yaml+jinja

-  list3: "{{ [list1, list2]|
+  list3: "{{ [list1, list2] |
             community.general.lists_mergeby('name',
                                             recursive=true,
                                             list_merge='keep') }}"
@@ -151,25 +156,22 @@ This produces:
 .. code-block:: yaml

  list3:
-  - name: myname01
-    param01:
-      list:
-      - default_value
-      x: default_value
-      y: patch_value
-      z: patch_value
-  - name: myname02
-    param01:
-    - 1
-    - 1
-    - 2
-    - 3
+    - name: myname01
+      param01:
+        x: default_value
+        y: patch_value
+        list: [default_value]
+        z: patch_value
+    - name: myname02
+      param01: [1, 1, 2, 3]

+list_merge=append
+"""""""""""""""""
 Example :ansopt:`community.general.lists_mergeby#filter:list_merge=append`:

 .. code-block:: yaml+jinja

-  list3: "{{ [list1, list2]|
+  list3: "{{ [list1, list2] |
             community.general.lists_mergeby('name',
                                             recursive=true,
                                             list_merge='append') }}"
@@ -179,30 +181,22 @@ This produces:
 .. code-block:: yaml

  list3:
-  - name: myname01
-    param01:
-      list:
-      - default_value
-      - patch_value
-      x: default_value
-      y: patch_value
-      z: patch_value
-  - name: myname02
-    param01:
-    - 1
-    - 1
-    - 2
-    - 3
-    - 3
-    - 4
-    - 4
-    - key: value
+    - name: myname01
+      param01:
+        x: default_value
+        y: patch_value
+        list: [default_value, patch_value]
+        z: patch_value
+    - name: myname02
+      param01: [1, 1, 2, 3, 3, 4, 4]

+list_merge=prepend
+""""""""""""""""""
 Example :ansopt:`community.general.lists_mergeby#filter:list_merge=prepend`:

 .. code-block:: yaml+jinja

-  list3: "{{ [list1, list2]|
+  list3: "{{ [list1, list2] |
             community.general.lists_mergeby('name',
                                             recursive=true,
                                             list_merge='prepend') }}"
@@ -212,30 +206,22 @@ This produces:
 .. code-block:: yaml

  list3:
-  - name: myname01
-    param01:
-      list:
-      - patch_value
-      - default_value
-      x: default_value
-      y: patch_value
-      z: patch_value
-  - name: myname02
-    param01:
-    - 3
-    - 4
-    - 4
-    - key: value
-    - 1
-    - 1
-    - 2
-    - 3
+    - name: myname01
+      param01:
+        x: default_value
+        y: patch_value
+        list: [patch_value, default_value]
+        z: patch_value
+    - name: myname02
+      param01: [3, 4, 4, 1, 1, 2, 3]

+list_merge=append_rp
+""""""""""""""""""""
 Example :ansopt:`community.general.lists_mergeby#filter:list_merge=append_rp`:

 .. code-block:: yaml+jinja

-  list3: "{{ [list1, list2]|
+  list3: "{{ [list1, list2] |
             community.general.lists_mergeby('name',
                                             recursive=true,
                                             list_merge='append_rp') }}"
@@ -245,29 +231,22 @@ This produces:
 .. code-block:: yaml

  list3:
-  - name: myname01
-    param01:
-      list:
-      - default_value
-      - patch_value
-      x: default_value
-      y: patch_value
-      z: patch_value
-  - name: myname02
-    param01:
-    - 1
-    - 1
-    - 2
-    - 3
-    - 4
-    - 4
-    - key: value
+    - name: myname01
+      param01:
+        x: default_value
+        y: patch_value
+        list: [default_value, patch_value]
+        z: patch_value
+    - name: myname02
+      param01: [1, 1, 2, 3, 4, 4]

+list_merge=prepend_rp
+"""""""""""""""""""""
 Example :ansopt:`community.general.lists_mergeby#filter:list_merge=prepend_rp`:

 .. code-block:: yaml+jinja

-  list3: "{{ [list1, list2]|
+  list3: "{{ [list1, list2] |
             community.general.lists_mergeby('name',
                                             recursive=true,
                                             list_merge='prepend_rp') }}"
@@ -277,21 +256,12 @@ This produces:
 .. code-block:: yaml

  list3:
-  - name: myname01
-    param01:
-      list:
-      - patch_value
-      - default_value
-      x: default_value
-      y: patch_value
-      z: patch_value
-  - name: myname02
-    param01:
-    - 3
-    - 4
-    - 4
-    - key: value
-    - 1
-    - 1
-    - 2
+    - name: myname01
+      param01:
+        x: default_value
+        y: patch_value
+        list: [patch_value, default_value]
+        z: patch_value
+    - name: myname02
+      param01: [3, 4, 4, 1, 1, 2]

--- a/docs/docsite/rst/filter_guide_selecting_json_data.rst
+++ b/docs/docsite/rst/filter_guide_selecting_json_data.rst
@@ -124,7 +124,7 @@ To get a hash map with all ports and names of a cluster:
        var: item
      loop: "{{ domain_definition | community.general.json_query(server_name_cluster1_query) }}"
      vars:
-        server_name_cluster1_query: "domain.server[?cluster=='cluster2'].{name: name, port: port}"
+        server_name_cluster1_query: "domain.server[?cluster=='cluster1'].{name: name, port: port}"

 To extract ports from all clusters with name starting with 'server1':

--- a/galaxy.yml
+++ b/galaxy.yml
@@ -5,7 +5,7 @@

 namespace: community
 name: general
-version: 8.5.0
+version: 8.6.11
 readme: README.md
 authors:
  - Ansible (https://github.com/ansible)
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@@ -13,6 +13,28 @@ action_groups:
    - consul_session
    - consul_token
 plugin_routing:
+  callback:
+    actionable:
+      tombstone:
+        removal_version: 2.0.0
+        warning_text: Use the 'default' callback plugin with 'display_skipped_hosts
+          = no' and 'display_ok_hosts = no' options.
+    full_skip:
+      tombstone:
+        removal_version: 2.0.0
+        warning_text: Use the 'default' callback plugin with 'display_skipped_hosts
+          = no' option.
+    hipchat:
+      deprecation:
+        removal_version: 10.0.0
+        warning_text: The hipchat service has been discontinued and the self-hosted variant has been End of Life since 2020.
+    osx_say:
+      redirect: community.general.say
+    stderr:
+      tombstone:
+        removal_version: 2.0.0
+        warning_text: Use the 'default' callback plugin with 'display_failed_stderr
+          = yes' option.
  connection:
    docker:
      redirect: community.docker.docker
@@ -4707,24 +4729,6 @@ plugin_routing:
      redirect: dellemc.openmanage.dellemc_idrac
    remote_management.dellemc.ome:
      redirect: dellemc.openmanage.ome
-  callback:
-    actionable:
-      tombstone:
-        removal_version: 2.0.0
-        warning_text: Use the 'default' callback plugin with 'display_skipped_hosts
-          = no' and 'display_ok_hosts = no' options.
-    full_skip:
-      tombstone:
-        removal_version: 2.0.0
-        warning_text: Use the 'default' callback plugin with 'display_skipped_hosts
-          = no' option.
-    osx_say:
-      redirect: community.general.say
-    stderr:
-      tombstone:
-        removal_version: 2.0.0
-        warning_text: Use the 'default' callback plugin with 'display_failed_stderr
-          = yes' option.
  inventory:
    docker_machine:
      redirect: community.docker.docker_machine
--- a/plugins/action/iptables_state.py
+++ b/plugins/action/iptables_state.py
@@ -88,6 +88,10 @@ class ActionModule(ActionBase):
            max_timeout = self._connection._play_context.timeout
            module_args = self._task.args

+            async_status_args = {}
+            starter_cmd = None
+            confirm_cmd = None
+
            if module_args.get('state', None) == 'restored':
                if not wrap_async:
                    if not check_mode:
--- a/plugins/callback/hipchat.py
+++ b/plugins/callback/hipchat.py
@@ -18,6 +18,10 @@ DOCUMENTATION = '''
    description:
      - This callback plugin sends status updates to a HipChat channel during playbook execution.
      - Before 2.4 only environment variables were available for configuring this plugin.
+    deprecated:
+      removed_in: 10.0.0
+      why: The hipchat service has been discontinued and the self-hosted variant has been End of Life since 2020.
+      alternative: There is none.
    options:
      token:
        description: HipChat API token for v1 or v2 API.
--- a/plugins/callback/loganalytics.py
+++ b/plugins/callback/loganalytics.py
@@ -59,13 +59,16 @@ import uuid
 import socket
 import getpass

-from datetime import datetime
 from os.path import basename

 from ansible.module_utils.urls import open_url
 from ansible.parsing.ajson import AnsibleJSONEncoder
 from ansible.plugins.callback import CallbackBase

+from ansible_collections.community.general.plugins.module_utils.datetime import (
+    now,
+)
+

 class AzureLogAnalyticsSource(object):
    def __init__(self):
@@ -93,7 +96,7 @@ class AzureLogAnalyticsSource(object):
        return "https://{0}.ods.opinsights.azure.com/api/logs?api-version=2016-04-01".format(workspace_id)

    def __rfc1123date(self):
-        return datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')
+        return now().strftime('%a, %d %b %Y %H:%M:%S GMT')

    def send_event(self, workspace_id, shared_key, state, result, runtime):
        if result._task_fields['args'].get('_ansible_check_mode') is True:
@@ -167,7 +170,7 @@ class CallbackModule(CallbackBase):

    def _seconds_since_start(self, result):
        return (
-            datetime.utcnow() -
+            now() -
            self.start_datetimes[result._task._uuid]
        ).total_seconds()

@@ -185,10 +188,10 @@ class CallbackModule(CallbackBase):
        self.loganalytics.ansible_playbook = basename(playbook._file_name)

    def v2_playbook_on_task_start(self, task, is_conditional):
-        self.start_datetimes[task._uuid] = datetime.utcnow()
+        self.start_datetimes[task._uuid] = now()

    def v2_playbook_on_handler_task_start(self, task):
-        self.start_datetimes[task._uuid] = datetime.utcnow()
+        self.start_datetimes[task._uuid] = now()

    def v2_runner_on_ok(self, result, **kwargs):
        self.loganalytics.send_event(
--- a/plugins/callback/logstash.py
+++ b/plugins/callback/logstash.py
@@ -99,7 +99,6 @@ from ansible import context
 import socket
 import uuid
 import logging
-from datetime import datetime

 try:
    import logstash
@@ -109,6 +108,10 @@ except ImportError:

 from ansible.plugins.callback import CallbackBase

+from ansible_collections.community.general.plugins.module_utils.datetime import (
+    now,
+)
+

 class CallbackModule(CallbackBase):

@@ -126,7 +129,7 @@ class CallbackModule(CallbackBase):
                                  "pip install python-logstash for Python 2"
                                  "pip install python3-logstash for Python 3")

-        self.start_time = datetime.utcnow()
+        self.start_time = now()

    def _init_plugin(self):
        if not self.disabled:
@@ -185,7 +188,7 @@ class CallbackModule(CallbackBase):
            self.logger.info("ansible start", extra=data)

    def v2_playbook_on_stats(self, stats):
-        end_time = datetime.utcnow()
+        end_time = now()
        runtime = end_time - self.start_time
        summarize_stat = {}
        for host in stats.processed.keys():
--- a/plugins/callback/opentelemetry.py
+++ b/plugins/callback/opentelemetry.py
@@ -304,6 +304,7 @@ class OpenTelemetrySource(object):
        status = Status(status_code=StatusCode.OK)
        if host_data.status != 'included':
            # Support loops
+            enriched_error_message = None
            if 'results' in host_data.result._result:
                if host_data.status == 'failed':
                    message = self.get_error_message_from_results(host_data.result._result['results'], task_data.action)
@@ -350,7 +351,8 @@ class OpenTelemetrySource(object):
        if not disable_logs:
            # This will avoid populating span attributes to the logs
            span.add_event(task_data.dump, attributes={} if disable_attributes_in_logs else attributes)
-            span.end(end_time=host_data.finish)
+        # Close span always
+        span.end(end_time=host_data.finish)

    def set_span_attributes(self, span, attributes):
        """ update the span attributes with the given attributes if not None """
@@ -497,6 +499,20 @@ class CallbackModule(CallbackBase):
        # See https://github.com/open-telemetry/opentelemetry-specification/issues/740
        self.traceparent = self.get_option('traceparent')

+    def dump_results(self, task, result):
+        """ dump the results if disable_logs is not enabled """
+        if self.disable_logs:
+            return ""
+        # ansible.builtin.uri contains the response in the json field
+        save = dict(result._result)
+
+        if "json" in save and task.action in ("ansible.builtin.uri", "ansible.legacy.uri", "uri"):
+            save.pop("json")
+        # ansible.builtin.slurp contains the response in the content field
+        if "content" in save and task.action in ("ansible.builtin.slurp", "ansible.legacy.slurp", "slurp"):
+            save.pop("content")
+        return self._dump_results(save)
+
    def v2_playbook_on_start(self, playbook):
        self.ansible_playbook = basename(playbook._file_name)

@@ -546,7 +562,7 @@ class CallbackModule(CallbackBase):
            self.tasks_data,
            status,
            result,
-            self._dump_results(result._result)
+            self.dump_results(self.tasks_data[result._task._uuid], result)
        )

    def v2_runner_on_ok(self, result):
@@ -554,7 +570,7 @@ class CallbackModule(CallbackBase):
            self.tasks_data,
            'ok',
            result,
-            self._dump_results(result._result)
+            self.dump_results(self.tasks_data[result._task._uuid], result)
        )

    def v2_runner_on_skipped(self, result):
@@ -562,7 +578,7 @@ class CallbackModule(CallbackBase):
            self.tasks_data,
            'skipped',
            result,
-            self._dump_results(result._result)
+            self.dump_results(self.tasks_data[result._task._uuid], result)
        )

    def v2_playbook_on_include(self, included_file):
--- a/plugins/callback/splunk.py
+++ b/plugins/callback/splunk.py
@@ -88,13 +88,16 @@ import uuid
 import socket
 import getpass

-from datetime import datetime
 from os.path import basename

 from ansible.module_utils.urls import open_url
 from ansible.parsing.ajson import AnsibleJSONEncoder
 from ansible.plugins.callback import CallbackBase

+from ansible_collections.community.general.plugins.module_utils.datetime import (
+    now,
+)
+

 class SplunkHTTPCollectorSource(object):
    def __init__(self):
@@ -134,7 +137,7 @@ class SplunkHTTPCollectorSource(object):
        else:
            time_format = '%Y-%m-%d %H:%M:%S +0000'

-        data['timestamp'] = datetime.utcnow().strftime(time_format)
+        data['timestamp'] = now().strftime(time_format)
        data['host'] = self.host
        data['ip_address'] = self.ip_address
        data['user'] = self.user
@@ -181,7 +184,7 @@ class CallbackModule(CallbackBase):

    def _runtime(self, result):
        return (
-            datetime.utcnow() -
+            now() -
            self.start_datetimes[result._task._uuid]
        ).total_seconds()

@@ -220,10 +223,10 @@ class CallbackModule(CallbackBase):
        self.splunk.ansible_playbook = basename(playbook._file_name)

    def v2_playbook_on_task_start(self, task, is_conditional):
-        self.start_datetimes[task._uuid] = datetime.utcnow()
+        self.start_datetimes[task._uuid] = now()

    def v2_playbook_on_handler_task_start(self, task):
-        self.start_datetimes[task._uuid] = datetime.utcnow()
+        self.start_datetimes[task._uuid] = now()

    def v2_runner_on_ok(self, result, **kwargs):
        self.splunk.send_event(
--- a/plugins/callback/sumologic.py
+++ b/plugins/callback/sumologic.py
@@ -46,13 +46,16 @@ import uuid
 import socket
 import getpass

-from datetime import datetime
 from os.path import basename

 from ansible.module_utils.urls import open_url
 from ansible.parsing.ajson import AnsibleJSONEncoder
 from ansible.plugins.callback import CallbackBase

+from ansible_collections.community.general.plugins.module_utils.datetime import (
+    now,
+)
+

 class SumologicHTTPCollectorSource(object):
    def __init__(self):
@@ -84,8 +87,7 @@ class SumologicHTTPCollectorSource(object):
        data['uuid'] = result._task._uuid
        data['session'] = self.session
        data['status'] = state
-        data['timestamp'] = datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S '
-                                                       '+0000')
+        data['timestamp'] = now().strftime('%Y-%m-%d %H:%M:%S +0000')
        data['host'] = self.host
        data['ip_address'] = self.ip_address
        data['user'] = self.user
@@ -123,7 +125,7 @@ class CallbackModule(CallbackBase):

    def _runtime(self, result):
        return (
-            datetime.utcnow() -
+            now() -
            self.start_datetimes[result._task._uuid]
        ).total_seconds()

@@ -144,10 +146,10 @@ class CallbackModule(CallbackBase):
        self.sumologic.ansible_playbook = basename(playbook._file_name)

    def v2_playbook_on_task_start(self, task, is_conditional):
-        self.start_datetimes[task._uuid] = datetime.utcnow()
+        self.start_datetimes[task._uuid] = now()

    def v2_playbook_on_handler_task_start(self, task):
-        self.start_datetimes[task._uuid] = datetime.utcnow()
+        self.start_datetimes[task._uuid] = now()

    def v2_runner_on_ok(self, result, **kwargs):
        self.sumologic.send_event(
--- a/plugins/callback/yaml.py
+++ b/plugins/callback/yaml.py
@@ -19,6 +19,16 @@ DOCUMENTATION = '''
      - default_callback
    requirements:
      - set as stdout in configuration
+    seealso:
+      - plugin: ansible.builtin.default
+        plugin_type: callback
+        description: >
+          There is a parameter O(ansible.builtin.default#callback:result_format) in P(ansible.builtin.default#callback)
+          that allows you to change the output format to YAML.
+    notes:
+      - >
+        With ansible-core 2.13 or newer, you can instead specify V(yaml) for the parameter O(ansible.builtin.default#callback:result_format)
+        in P(ansible.builtin.default#callback).
 '''

 import yaml
--- a/plugins/filter/dict.py
+++ b/plugins/filter/dict.py
@@ -57,8 +57,8 @@ EXAMPLES = '''

 RETURN = '''
  _value:
-    description: The dictionary having the provided key-value pairs.
-    type: boolean
+    description: A dictionary with the provided key-value pairs.
+    type: dictionary
 '''


--- a/plugins/filter/from_ini.py
+++ b/plugins/filter/from_ini.py
@@ -57,7 +57,7 @@ class IniParser(ConfigParser):
    ''' Implements a configparser which is able to return a dict '''

    def __init__(self):
-        super().__init__()
+        super().__init__(interpolation=None)
        self.optionxform = str

    def as_dict(self):
--- a/plugins/filter/groupby_as_dict.py
+++ b/plugins/filter/groupby_as_dict.py
@@ -13,6 +13,8 @@ DOCUMENTATION = '''
  author: Felix Fontein (@felixfontein)
  description:
    - Transform a sequence of dictionaries to a dictionary where the dictionaries are indexed by an attribute.
+    - This filter is similar to the Jinja2 C(groupby) filter. Use the Jinja2 C(groupby) filter if you have multiple entries with the same value,
+      or when you need a dictionary with list values, or when you need to use deeply nested attributes.
  positional: attribute
  options:
    _input:
--- a/plugins/filter/lists_mergeby.py
+++ b/plugins/filter/lists_mergeby.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Copyright (c) 2020-2022, Vladimir Botka <vbotka@gmail.com>
+# Copyright (c) 2020-2024, Vladimir Botka <vbotka@gmail.com>
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later

@@ -12,22 +12,32 @@ DOCUMENTATION = '''
  version_added: 2.0.0
  author: Vladimir Botka (@vbotka)
  description:
-    - Merge two or more lists by attribute O(index). Optional parameters O(recursive) and O(list_merge)
-      control the merging of the lists in values. The function merge_hash from ansible.utils.vars
-      is used. To learn details on how to use the parameters O(recursive) and O(list_merge) see
-      Ansible User's Guide chapter "Using filters to manipulate data" section "Combining
-      hashes/dictionaries".
+    - Merge two or more lists by attribute O(index). Optional
+      parameters O(recursive) and O(list_merge) control the merging of
+      the nested dictionaries and lists.
+    - The function C(merge_hash) from C(ansible.utils.vars) is used.
+    - To learn details on how to use the parameters O(recursive) and
+      O(list_merge) see Ansible User's Guide chapter "Using filters to
+      manipulate data" section R(Combining hashes/dictionaries, combine_filter) or the
+      filter P(ansible.builtin.combine#filter).
+
  positional: another_list, index
  options:
    _input:
-      description: A list of dictionaries.
+      description:
+        - A list of dictionaries, or a list of lists of dictionaries.
+        - The required type of the C(elements) is set to C(raw)
+          because all elements of O(_input) can be either dictionaries
+          or lists.
      type: list
-      elements: dictionary
+      elements: raw
      required: true
    another_list:
-      description: Another list of dictionaries. This parameter can be specified multiple times.
+      description:
+        - Another list of dictionaries, or a list of lists of dictionaries.
+        - This parameter can be specified multiple times.
      type: list
-      elements: dictionary
+      elements: raw
    index:
      description:
        - The dictionary key that must be present in every dictionary in every list that is used to
@@ -55,40 +65,134 @@ DOCUMENTATION = '''
 '''

 EXAMPLES = '''
- name: Merge two lists
+# Some results below are manually formatted for better readability. The
+# dictionaries' keys will be sorted alphabetically in real output.
+
+- name: Example 1. Merge two lists. The results r1 and r2 are the same.
  ansible.builtin.debug:
-    msg: >-
-      {{ list1 | community.general.lists_mergeby(
-                    list2,
-                    'index',
-                    recursive=True,
-                    list_merge='append'
-                 ) }}"
+    msg: |
+      r1: {{ r1 }}
+      r2: {{ r2 }}
  vars:
    list1:
-      - index: a
-        value: 123
-      - index: b
-        value: 42
+      - {index: a, value: 123}
+      - {index: b, value: 4}
    list2:
-      - index: a
-        foo: bar
-      - index: c
-        foo: baz
-  # Produces the following list of dictionaries:
-  #   {
-  #     "index": "a",
-  #     "foo": "bar",
-  #     "value": 123
-  #   },
-  #   {
-  #     "index": "b",
-  #     "value": 42
-  #   },
-  #   {
-  #     "index": "c",
-  #     "foo": "baz"
-  #   }
+      - {index: a, foo: bar}
+      - {index: c, foo: baz}
+    r1: "{{ list1 | community.general.lists_mergeby(list2, 'index') }}"
+    r2: "{{ [list1, list2] | community.general.lists_mergeby('index') }}"
+
+#  r1:
+#    - {index: a, foo: bar, value: 123}
+#    - {index: b, value: 4}
+#    - {index: c, foo: baz}
+#  r2:
+#    - {index: a, foo: bar, value: 123}
+#    - {index: b, value: 4}
+#    - {index: c, foo: baz}
+
+- name: Example 2. Merge three lists
+  ansible.builtin.debug:
+    var: r
+  vars:
+    list1:
+      - {index: a, value: 123}
+      - {index: b, value: 4}
+    list2:
+      - {index: a, foo: bar}
+      - {index: c, foo: baz}
+    list3:
+      - {index: d, foo: qux}
+    r: "{{ [list1, list2, list3] | community.general.lists_mergeby('index') }}"
+
+#  r:
+#    - {index: a, foo: bar, value: 123}
+#    - {index: b, value: 4}
+#    - {index: c, foo: baz}
+#    - {index: d, foo: qux}
+
+- name: Example 3. Merge single list. The result is the same as 2.
+  ansible.builtin.debug:
+    var: r
+  vars:
+    list1:
+      - {index: a, value: 123}
+      - {index: b, value: 4}
+      - {index: a, foo: bar}
+      - {index: c, foo: baz}
+      - {index: d, foo: qux}
+    r: "{{ [list1, []] | community.general.lists_mergeby('index') }}"
+
+#  r:
+#    - {index: a, foo: bar, value: 123}
+#    - {index: b, value: 4}
+#    - {index: c, foo: baz}
+#    - {index: d, foo: qux}
+
+- name: Example 4. Merge two lists. By default, replace nested lists.
+  ansible.builtin.debug:
+    var: r
+  vars:
+    list1:
+      - {index: a, foo: [X1, X2]}
+      - {index: b, foo: [X1, X2]}
+    list2:
+      - {index: a, foo: [Y1, Y2]}
+      - {index: b, foo: [Y1, Y2]}
+    r: "{{ [list1, list2] | community.general.lists_mergeby('index') }}"
+
+#  r:
+#    - {index: a, foo: [Y1, Y2]}
+#    - {index: b, foo: [Y1, Y2]}
+
+- name: Example 5. Merge two lists. Append nested lists.
+  ansible.builtin.debug:
+    var: r
+  vars:
+    list1:
+      - {index: a, foo: [X1, X2]}
+      - {index: b, foo: [X1, X2]}
+    list2:
+      - {index: a, foo: [Y1, Y2]}
+      - {index: b, foo: [Y1, Y2]}
+    r: "{{ [list1, list2] | community.general.lists_mergeby('index', list_merge='append') }}"
+
+#  r:
+#    - {index: a, foo: [X1, X2, Y1, Y2]}
+#    - {index: b, foo: [X1, X2, Y1, Y2]}
+
+- name: Example 6. Merge two lists. By default, do not merge nested dictionaries.
+  ansible.builtin.debug:
+    var: r
+  vars:
+    list1:
+      - {index: a, foo: {x: 1, y: 2}}
+      - {index: b, foo: [X1, X2]}
+    list2:
+      - {index: a, foo: {y: 3, z: 4}}
+      - {index: b, foo: [Y1, Y2]}
+    r: "{{ [list1, list2] | community.general.lists_mergeby('index') }}"
+
+#  r:
+#    - {index: a, foo: {y: 3, z: 4}}
+#    - {index: b, foo: [Y1, Y2]}
+
+- name: Example 7. Merge two lists. Merge nested dictionaries too.
+  ansible.builtin.debug:
+    var: r
+  vars:
+    list1:
+      - {index: a, foo: {x: 1, y: 2}}
+      - {index: b, foo: [X1, X2]}
+    list2:
+      - {index: a, foo: {y: 3, z: 4}}
+      - {index: b, foo: [Y1, Y2]}
+    r: "{{ [list1, list2] | community.general.lists_mergeby('index', recursive=true) }}"
+
+#  r:
+#    - {index: a, foo: {x:1, y: 3, z: 4}}
+#    - {index: b, foo: [Y1, Y2]}
 '''

 RETURN = '''
@@ -108,13 +212,14 @@ from operator import itemgetter


 def list_mergeby(x, y, index, recursive=False, list_merge='replace'):
-    ''' Merge 2 lists by attribute 'index'. The function merge_hash from ansible.utils.vars is used.
-        This function is used by the function lists_mergeby.
+    '''Merge 2 lists by attribute 'index'. The function 'merge_hash'
+       from ansible.utils.vars is used.  This function is used by the
+       function lists_mergeby.
    '''

    d = defaultdict(dict)
-    for l in (x, y):
-        for elem in l:
+    for lst in (x, y):
+        for elem in lst:
            if not isinstance(elem, Mapping):
                msg = "Elements of list arguments for lists_mergeby must be dictionaries. %s is %s"
                raise AnsibleFilterError(msg % (elem, type(elem)))
@@ -124,20 +229,9 @@ def list_mergeby(x, y, index, recursive=False, list_merge='replace'):


 def lists_mergeby(*terms, **kwargs):
-    ''' Merge 2 or more lists by attribute 'index'. Optional parameters 'recursive' and 'list_merge'
-        control the merging of the lists in values. The function merge_hash from ansible.utils.vars
-        is used. To learn details on how to use the parameters 'recursive' and 'list_merge' see
-        Ansible User's Guide chapter "Using filters to manipulate data" section "Combining
-        hashes/dictionaries".
-
-        Example:
-        - debug:
-            msg: "{{ list1|
-                     community.general.lists_mergeby(list2,
-                                                     'index',
-                                                     recursive=True,
-                                                     list_merge='append')|
-                     list }}"
+    '''Merge 2 or more lists by attribute 'index'. To learn details
+       on how to use the parameters 'recursive' and 'list_merge' see
+       the filter ansible.builtin.combine.
    '''

    recursive = kwargs.pop('recursive', False)
@@ -155,7 +249,7 @@ def lists_mergeby(*terms, **kwargs):
                   "must be lists. %s is %s")
            raise AnsibleFilterError(msg % (sublist, type(sublist)))
        if len(sublist) > 0:
-            if all(isinstance(l, Sequence) for l in sublist):
+            if all(isinstance(lst, Sequence) for lst in sublist):
                for item in sublist:
                    flat_list.append(item)
            else:
--- a/plugins/filter/to_days.yml
+++ b/plugins/filter/to_days.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_days
-  short_description: Converte a duration string to days
+  short_description: Converts a duration string to days
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to days.
--- a/plugins/filter/to_hours.yml
+++ b/plugins/filter/to_hours.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_hours
-  short_description: Converte a duration string to hours
+  short_description: Converts a duration string to hours
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to hours.
--- a/plugins/filter/to_ini.py
+++ b/plugins/filter/to_ini.py
@@ -63,7 +63,7 @@ class IniParser(ConfigParser):
    ''' Implements a configparser which sets the correct optionxform '''

    def __init__(self):
-        super().__init__()
+        super().__init__(interpolation=None)
        self.optionxform = str


--- a/plugins/filter/to_milliseconds.yml
+++ b/plugins/filter/to_milliseconds.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_milliseconds
-  short_description: Converte a duration string to milliseconds
+  short_description: Converts a duration string to milliseconds
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to milliseconds.
--- a/plugins/filter/to_minutes.yml
+++ b/plugins/filter/to_minutes.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_minutes
-  short_description: Converte a duration string to minutes
+  short_description: Converts a duration string to minutes
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to minutes.
--- a/plugins/filter/to_months.yml
+++ b/plugins/filter/to_months.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_months
-  short_description: Converte a duration string to months
+  short_description: Convert a duration string to months
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to months.
--- a/plugins/filter/to_seconds.yml
+++ b/plugins/filter/to_seconds.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_seconds
-  short_description: Converte a duration string to seconds
+  short_description: Converts a duration string to seconds
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to seconds.
--- a/plugins/filter/to_time_unit.yml
+++ b/plugins/filter/to_time_unit.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_time_unit
-  short_description: Converte a duration string to the given time unit
+  short_description: Converts a duration string to the given time unit
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to the given time unit.
--- a/plugins/filter/to_weeks.yml
+++ b/plugins/filter/to_weeks.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_weeks
-  short_description: Converte a duration string to weeks
+  short_description: Converts a duration string to weeks
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to weeks.
--- a/plugins/filter/to_years.yml
+++ b/plugins/filter/to_years.yml
@@ -5,7 +5,7 @@

 DOCUMENTATION:
  name: to_years
-  short_description: Converte a duration string to years
+  short_description: Converts a duration string to years
  version_added: 0.2.0
  description:
    - Parse a human readable time duration string and convert to years.
--- a/plugins/inventory/cobbler.py
+++ b/plugins/inventory/cobbler.py
@@ -117,7 +117,8 @@ from ansible.errors import AnsibleError
 from ansible.module_utils.common.text.converters import to_text
 from ansible.plugins.inventory import BaseInventoryPlugin, Cacheable, to_safe_group_name
 from ansible.module_utils.six import text_type
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe

 # xmlrpc
 try:
--- a/plugins/inventory/gitlab_runners.py
+++ b/plugins/inventory/gitlab_runners.py
@@ -83,7 +83,8 @@ keyed_groups:
 from ansible.errors import AnsibleError, AnsibleParserError
 from ansible.module_utils.common.text.converters import to_native
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe

 try:
    import gitlab
--- a/plugins/inventory/icinga2.py
+++ b/plugins/inventory/icinga2.py
@@ -102,7 +102,8 @@ from ansible.errors import AnsibleParserError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
 from ansible.module_utils.urls import open_url
 from ansible.module_utils.six.moves.urllib.error import HTTPError
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe


 class InventoryModule(BaseInventoryPlugin, Constructable):
--- a/plugins/inventory/linode.py
+++ b/plugins/inventory/linode.py
@@ -122,7 +122,8 @@ compose:

 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe


 try:
--- a/plugins/inventory/lxd.py
+++ b/plugins/inventory/lxd.py
@@ -175,7 +175,7 @@ from ansible.module_utils.six import raise_from
 from ansible.errors import AnsibleError, AnsibleParserError
 from ansible.module_utils.six.moves.urllib.parse import urlencode
 from ansible_collections.community.general.plugins.module_utils.lxd import LXDClient, LXDClientException
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe

 try:
    import ipaddress
--- a/plugins/inventory/nmap.py
+++ b/plugins/inventory/nmap.py
@@ -126,7 +126,8 @@ from ansible.errors import AnsibleParserError
 from ansible.module_utils.common.text.converters import to_native, to_text
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
 from ansible.module_utils.common.process import get_bin_path
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe


 class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
--- a/plugins/inventory/online.py
+++ b/plugins/inventory/online.py
@@ -68,7 +68,8 @@ from ansible.plugins.inventory import BaseInventoryPlugin
 from ansible.module_utils.common.text.converters import to_text
 from ansible.module_utils.ansible_release import __version__ as ansible_version
 from ansible.module_utils.six.moves.urllib.parse import urljoin
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe


 class InventoryModule(BaseInventoryPlugin):
--- a/plugins/inventory/opennebula.py
+++ b/plugins/inventory/opennebula.py
@@ -97,7 +97,8 @@ except ImportError:
 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
 from ansible.module_utils.common.text.converters import to_native
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe

 from collections import namedtuple
 import os
@@ -142,7 +143,8 @@ class InventoryModule(BaseInventoryPlugin, Constructable):
            nic = [nic]

        for net in nic:
-            return net['IP']
+            if net.get('IP'):
+                return net['IP']

        return False

--- a/plugins/inventory/proxmox.py
+++ b/plugins/inventory/proxmox.py
@@ -226,9 +226,9 @@ from ansible.module_utils.common.text.converters import to_native
 from ansible.module_utils.six import string_types
 from ansible.module_utils.six.moves.urllib.parse import urlencode
 from ansible.utils.display import Display
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe

 from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe

 # 3rd party imports
 try:
@@ -329,8 +329,9 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
                    data = json['data']
                    break
                else:
-                    # /hosts 's 'results' is a list of all hosts, returned is paginated
-                    data = data + json['data']
+                    if json['data']:
+                        # /hosts 's 'results' is a list of all hosts, returned is paginated
+                        data = data + json['data']
                    break

            self._cache[self.cache_key][url] = data
--- a/plugins/inventory/scaleway.py
+++ b/plugins/inventory/scaleway.py
@@ -121,10 +121,10 @@ else:
 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable
 from ansible_collections.community.general.plugins.module_utils.scaleway import SCALEWAY_LOCATION, parse_pagination_link
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe
 from ansible.module_utils.urls import open_url
 from ansible.module_utils.common.text.converters import to_native, to_text
 from ansible.module_utils.six import raise_from
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe

 import ansible.module_utils.six.moves.urllib.parse as urllib_parse

--- a/plugins/inventory/stackpath_compute.py
+++ b/plugins/inventory/stackpath_compute.py
@@ -72,7 +72,8 @@ from ansible.plugins.inventory import (
    Cacheable
 )
 from ansible.utils.display import Display
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe


 display = Display()
--- a/plugins/inventory/virtualbox.py
+++ b/plugins/inventory/virtualbox.py
@@ -62,7 +62,8 @@ from ansible.module_utils.common.text.converters import to_bytes, to_native, to_
 from ansible.module_utils.common._collections_compat import MutableMapping
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
 from ansible.module_utils.common.process import get_bin_path
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe
+
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe


 class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
--- a/plugins/inventory/xen_orchestra.py
+++ b/plugins/inventory/xen_orchestra.py
@@ -82,9 +82,9 @@ from time import sleep

 from ansible.errors import AnsibleError
 from ansible.plugins.inventory import BaseInventoryPlugin, Constructable, Cacheable
-from ansible.utils.unsafe_proxy import wrap_var as make_unsafe

 from ansible_collections.community.general.plugins.module_utils.version import LooseVersion
+from ansible_collections.community.general.plugins.plugin_utils.unsafe import make_unsafe

 # 3rd party imports
 try:
--- a/plugins/lookup/bitwarden.py
+++ b/plugins/lookup/bitwarden.py
@@ -29,7 +29,7 @@ DOCUMENTATION = """
          - Field to retrieve, for example V(name) or V(id).
          - If set to V(id), only zero or one element can be returned.
            Use the Jinja C(first) filter to get the only list element.
-          - When O(collection_id) is set, this field can be undefined to retrieve the whole collection records.
+          - If set to V(None) or V(''), or if O(_terms) is empty, records are not filtered by fields.
        type: str
        default: name
        version_added: 5.7.0
@@ -40,6 +40,10 @@ DOCUMENTATION = """
        description: Collection ID to filter results by collection. Leave unset to skip filtering.
        type: str
        version_added: 6.3.0
+      organization_id:
+        description: Organization ID to filter results by organization. Leave unset to skip filtering.
+        type: str
+        version_added: 8.5.0
      bw_session:
        description: Pass session key instead of reading from env.
        type: str
@@ -142,45 +146,45 @@ class Bitwarden(object):
            raise BitwardenException(err)
        return to_text(out, errors='surrogate_or_strict'), to_text(err, errors='surrogate_or_strict')

-    def _get_matches(self, search_value, search_field, collection_id=None):
+    def _get_matches(self, search_value, search_field, collection_id=None, organization_id=None):
        """Return matching records whose search_field is equal to key.
        """

        # Prepare set of params for Bitwarden CLI
-        if search_value:
-            if search_field == 'id':
-                params = ['get', 'item', search_value]
-            else:
-                params = ['list', 'items', '--search', search_value]
-            if collection_id:
-                params.extend(['--collectionid', collection_id])
+        if search_field == 'id':
+            params = ['get', 'item', search_value]
        else:
-            if not collection_id:
-                raise AnsibleError("search_value is required if collection_id is not set.")
+            params = ['list', 'items']
+            if search_value:
+                params.extend(['--search', search_value])

-            params = ['list', 'items', '--collectionid', collection_id]
+        if collection_id:
+            params.extend(['--collectionid', collection_id])
+        if organization_id:
+            params.extend(['--organizationid', organization_id])

        out, err = self._run(params)

        # This includes things that matched in different fields.
        initial_matches = AnsibleJSONDecoder().raw_decode(out)[0]

-        if search_field == 'id' or not search_value:
+        if search_field == 'id':
            if initial_matches is None:
                initial_matches = []
            else:
                initial_matches = [initial_matches]

-        # Filter to only include results from the right field.
-        return [item for item in initial_matches if item[search_field] == search_value]
+        # Filter to only include results from the right field, if a search is requested by value or field
+        return [item for item in initial_matches
+                if not search_value or not search_field or item.get(search_field) == search_value]

-    def get_field(self, field, search_value=None, search_field="name", collection_id=None):
+    def get_field(self, field, search_value, search_field="name", collection_id=None, organization_id=None):
        """Return a list of the specified field for records whose search_field match search_value
        and filtered by collection if collection has been provided.

        If field is None, return the whole record for each match.
        """
-        matches = self._get_matches(search_value, search_field, collection_id)
+        matches = self._get_matches(search_value, search_field, collection_id, organization_id)
        if not field:
            return matches
        field_matches = []
@@ -215,15 +219,16 @@ class LookupModule(LookupBase):
        field = self.get_option('field')
        search_field = self.get_option('search')
        collection_id = self.get_option('collection_id')
+        organization_id = self.get_option('organization_id')
        _bitwarden.session = self.get_option('bw_session')

        if not _bitwarden.unlocked:
            raise AnsibleError("Bitwarden Vault locked. Run 'bw unlock'.")

        if not terms:
-            return [_bitwarden.get_field(field, None, search_field, collection_id)]
+            terms = [None]

-        return [_bitwarden.get_field(field, term, search_field, collection_id) for term in terms]
+        return [_bitwarden.get_field(field, term, search_field, collection_id, organization_id) for term in terms]


 _bitwarden = Bitwarden()
--- a/plugins/lookup/bitwarden_secrets_manager.py
+++ b/plugins/lookup/bitwarden_secrets_manager.py
@@ -70,6 +70,7 @@ RETURN = """
 """

 from subprocess import Popen, PIPE
+from time import sleep

 from ansible.errors import AnsibleLookupError
 from ansible.module_utils.common.text.converters import to_text
@@ -84,11 +85,29 @@ class BitwardenSecretsManagerException(AnsibleLookupError):
 class BitwardenSecretsManager(object):
    def __init__(self, path='bws'):
        self._cli_path = path
+        self._max_retries = 3
+        self._retry_delay = 1

    @property
    def cli_path(self):
        return self._cli_path

+    def _run_with_retry(self, args, stdin=None, retries=0):
+        out, err, rc = self._run(args, stdin)
+
+        if rc != 0:
+            if retries >= self._max_retries:
+                raise BitwardenSecretsManagerException("Max retries exceeded. Unable to retrieve secret.")
+
+            if "Too many requests" in err:
+                delay = self._retry_delay * (2 ** retries)
+                sleep(delay)
+                return self._run_with_retry(args, stdin, retries + 1)
+            else:
+                raise BitwardenSecretsManagerException(f"Command failed with return code {rc}: {err}")
+
+        return out, err, rc
+
    def _run(self, args, stdin=None):
        p = Popen([self.cli_path] + args, stdout=PIPE, stderr=PIPE, stdin=PIPE)
        out, err = p.communicate(stdin)
@@ -107,7 +126,7 @@ class BitwardenSecretsManager(object):
            'get', 'secret', secret_id
        ]

-        out, err, rc = self._run(params)
+        out, err, rc = self._run_with_retry(params)
        if rc != 0:
            raise BitwardenSecretsManagerException(to_text(err))

--- a/plugins/lookup/collection_version.py
+++ b/plugins/lookup/collection_version.py
@@ -63,11 +63,11 @@ RETURN = """
 import json
 import os
 import re
+from importlib import import_module

 import yaml

 from ansible.errors import AnsibleLookupError
-from ansible.module_utils.compat.importlib import import_module
 from ansible.plugins.lookup import LookupBase


--- a/plugins/lookup/dig.py
+++ b/plugins/lookup/dig.py
@@ -330,6 +330,7 @@ class LookupModule(LookupBase):
        myres.use_edns(0, ednsflags=dns.flags.DO, payload=edns_size)

        domains = []
+        nameservers = []
        qtype = self.get_option('qtype')
        flat = self.get_option('flat')
        fail_on_error = self.get_option('fail_on_error')
@@ -345,7 +346,6 @@ class LookupModule(LookupBase):
            if t.startswith('@'):       # e.g. "@10.0.1.2,192.0.2.1" is ok.
                nsset = t[1:].split(',')
                for ns in nsset:
-                    nameservers = []
                    # Check if we have a valid IP address. If so, use that, otherwise
                    # try to resolve name to address using system's resolver. If that
                    # fails we bail out.
@@ -358,7 +358,6 @@ class LookupModule(LookupBase):
                            nameservers.append(nsaddr)
                        except Exception as e:
                            raise AnsibleError("dns lookup NS: %s" % to_native(e))
-                    myres.nameservers = nameservers
                continue
            if '=' in t:
                try:
@@ -397,6 +396,9 @@ class LookupModule(LookupBase):

        # print "--- domain = {0} qtype={1} rdclass={2}".format(domain, qtype, rdclass)

+        if len(nameservers) > 0:
+            myres.nameservers = nameservers
+
        if qtype.upper() == 'PTR':
            reversed_domains = []
            for domain in domains:
--- a/plugins/lookup/github_app_access_token.py
+++ b/plugins/lookup/github_app_access_token.py
@@ -49,8 +49,8 @@ EXAMPLES = '''
    dest: /srv/checkout
  vars:
    github_token: >-
-      lookup('community.general.github_app_access_token', key_path='/home/to_your/key',
-             app_id='123456', installation_id='64209')
+      {{ lookup('community.general.github_app_access_token', key_path='/home/to_your/key',
+                app_id='123456', installation_id='64209') }}
 '''

 RETURN = '''
--- a/plugins/lookup/merge_variables.py
+++ b/plugins/lookup/merge_variables.py
@@ -12,7 +12,7 @@ DOCUMENTATION = """
      - Mark Ettema (@m-a-r-k-e)
      - Alexander Petrenz (@alpex8)
    name: merge_variables
-    short_description: merge variables with a certain suffix
+    short_description: merge variables whose names match a given pattern
    description:
        - This lookup returns the merged result of all variables in scope that match the given prefixes, suffixes, or
          regular expressions, optionally.
@@ -157,7 +157,9 @@ class LookupModule(LookupBase):
                cross_host_merge_result = initial_value
                for host in variables["hostvars"]:
                    if self._is_host_in_allowed_groups(variables["hostvars"][host]["group_names"]):
-                        cross_host_merge_result = self._merge_vars(term, cross_host_merge_result, variables["hostvars"][host])
+                        host_variables = dict(variables["hostvars"].raw_get(host))
+                        host_variables["hostvars"] = variables["hostvars"]  # re-add hostvars
+                        cross_host_merge_result = self._merge_vars(term, cross_host_merge_result, host_variables)
                ret.append(cross_host_merge_result)

        return ret
@@ -195,7 +197,8 @@ class LookupModule(LookupBase):
            result = initial_value

        for var_name in var_merge_names:
-            var_value = self._templar.template(variables[var_name])  # Render jinja2 templates
+            with self._templar.set_temporary_context(available_variables=variables):  # tmp. switch renderer to context of current variables
+                var_value = self._templar.template(variables[var_name])  # Render jinja2 templates
            var_type = _verify_and_get_type(var_value)

            if prev_var_type is None:
--- a/plugins/lookup/passwordstore.py
+++ b/plugins/lookup/passwordstore.py
@@ -139,6 +139,21 @@ DOCUMENTATION = '''
        type: bool
        default: true
        version_added: 8.1.0
+      missing_subkey:
+        description:
+          - Preference about what to do if the password subkey is missing.
+          - If set to V(error), the lookup will error out if the subkey does not exist.
+          - If set to V(empty) or V(warn), will return a V(none) in case the subkey does not exist.
+        version_added: 8.6.0
+        type: str
+        default: empty
+        choices:
+          - error
+          - warn
+          - empty
+        ini:
+          - section: passwordstore_lookup
+            key: missing_subkey
    notes:
      - The lookup supports passing all options as lookup parameters since community.general 6.0.0.
 '''
@@ -147,6 +162,7 @@ ansible.cfg: |
  [passwordstore_lookup]
  lock=readwrite
  locktimeout=45s
+  missing_subkey=warn

 tasks.yml: |
  ---
@@ -432,13 +448,28 @@ class LookupModule(LookupBase):
            if self.paramvals['subkey'] in self.passdict:
                return self.passdict[self.paramvals['subkey']]
            else:
+                if self.paramvals["missing_subkey"] == "error":
+                    raise AnsibleError(
+                        "passwordstore: subkey {0} for passname {1} not found and missing_subkey=error is set".format(
+                            self.paramvals["subkey"], self.passname
+                        )
+                    )
+
+                if self.paramvals["missing_subkey"] == "warn":
+                    display.warning(
+                        "passwordstore: subkey {0} for passname {1} not found".format(
+                            self.paramvals["subkey"], self.passname
+                        )
+                    )
+
                return None

    @contextmanager
    def opt_lock(self, type):
        if self.get_option('lock') == type:
            tmpdir = os.environ.get('TMPDIR', '/tmp')
-            lockfile = os.path.join(tmpdir, '.passwordstore.lock')
+            user = os.environ.get('USER')
+            lockfile = os.path.join(tmpdir, '.{0}.passwordstore.lock'.format(user))
            with FileLock().lock_file(lockfile, tmpdir, self.lock_timeout):
                self.locked = type
                yield
@@ -481,6 +512,7 @@ class LookupModule(LookupBase):
            'umask': self.get_option('umask'),
            'timestamp': self.get_option('timestamp'),
            'preserve': self.get_option('preserve'),
+            "missing_subkey": self.get_option("missing_subkey"),
        }

    def run(self, terms, variables, **kwargs):
--- a/plugins/lookup/random_string.py
+++ b/plugins/lookup/random_string.py
@@ -104,37 +104,37 @@ EXAMPLES = r"""
 - name: Generate random string
  ansible.builtin.debug:
    var: lookup('community.general.random_string')
-  # Example result: ['DeadBeeF']
+  # Example result: 'DeadBeeF'

 - name: Generate random string with length 12
  ansible.builtin.debug:
    var: lookup('community.general.random_string', length=12)
-  # Example result: ['Uan0hUiX5kVG']
+  # Example result: 'Uan0hUiX5kVG'

 - name: Generate base64 encoded random string
  ansible.builtin.debug:
    var: lookup('community.general.random_string', base64=True)
-  # Example result: ['NHZ6eWN5Qk0=']
+  # Example result: 'NHZ6eWN5Qk0='

 - name: Generate a random string with 1 lower, 1 upper, 1 number and 1 special char (at least)
  ansible.builtin.debug:
    var: lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1)
-  # Example result: ['&Qw2|E[-']
+  # Example result: '&Qw2|E[-'

 - name: Generate a random string with all lower case characters
-  debug:
+  ansible.builtin.debug:
    var: query('community.general.random_string', upper=false, numbers=false, special=false)
  # Example result: ['exolxzyz']

 - name: Generate random hexadecimal string
-  debug:
+  ansible.builtin.debug:
    var: query('community.general.random_string', upper=false, lower=false, override_special=hex_chars, numbers=false)
  vars:
    hex_chars: '0123456789ABCDEF'
  # Example result: ['D2A40737']

 - name: Generate random hexadecimal string with override_all
-  debug:
+  ansible.builtin.debug:
    var: query('community.general.random_string', override_all=hex_chars)
  vars:
    hex_chars: '0123456789ABCDEF'
--- a/plugins/module_utils/datetime.py
+++ b/plugins/module_utils/datetime.py
@@ -0,0 +1,32 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright (c) 2023 Felix Fontein <felix@fontein.de>
+# Simplified BSD License (see LICENSES/BSD-2-Clause.txt or https://opensource.org/licenses/BSD-2-Clause)
+# SPDX-License-Identifier: BSD-2-Clause
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+import datetime as _datetime
+import sys
+
+
+_USE_TIMEZONE = sys.version_info >= (3, 6)
+
+
+def ensure_timezone_info(value):
+    if not _USE_TIMEZONE or value.tzinfo is not None:
+        return value
+    return value.astimezone(_datetime.timezone.utc)
+
+
+def fromtimestamp(value):
+    if _USE_TIMEZONE:
+        return _datetime.fromtimestamp(value, tz=_datetime.timezone.utc)
+    return _datetime.utcfromtimestamp(value)
+
+
+def now():
+    if _USE_TIMEZONE:
+        return _datetime.datetime.now(tz=_datetime.timezone.utc)
+    return _datetime.datetime.utcnow()
--- a/plugins/module_utils/gitlab.py
+++ b/plugins/module_utils/gitlab.py
@@ -81,16 +81,23 @@ def find_group(gitlab_instance, identifier):
    return group


-def ensure_gitlab_package(module):
+def ensure_gitlab_package(module, min_version=None):
    if not HAS_GITLAB_PACKAGE:
        module.fail_json(
            msg=missing_required_lib("python-gitlab", url='https://python-gitlab.readthedocs.io/en/stable/'),
            exception=GITLAB_IMP_ERR
        )
+    gitlab_version = gitlab.__version__
+    if min_version is not None and LooseVersion(gitlab_version) < LooseVersion(min_version):
+        module.fail_json(
+            msg="This module requires python-gitlab Python module >= %s "
+                "(installed version: %s). Please upgrade python-gitlab to version %s or above."
+                % (min_version, gitlab_version, min_version)
+        )


-def gitlab_authentication(module):
-    ensure_gitlab_package(module)
+def gitlab_authentication(module, min_version=None):
+    ensure_gitlab_package(module, min_version=min_version)

    gitlab_url = module.params['api_url']
    validate_certs = module.params['validate_certs']
--- a/plugins/module_utils/identity/keycloak/keycloak.py
+++ b/plugins/module_utils/identity/keycloak/keycloak.py
@@ -28,6 +28,9 @@ URL_CLIENT_ROLES = "{url}/admin/realms/{realm}/clients/{id}/roles"
 URL_CLIENT_ROLE = "{url}/admin/realms/{realm}/clients/{id}/roles/{name}"
 URL_CLIENT_ROLE_COMPOSITES = "{url}/admin/realms/{realm}/clients/{id}/roles/{name}/composites"

+URL_CLIENT_ROLE_SCOPE_CLIENTS = "{url}/admin/realms/{realm}/clients/{id}/scope-mappings/clients/{scopeid}"
+URL_CLIENT_ROLE_SCOPE_REALM = "{url}/admin/realms/{realm}/clients/{id}/scope-mappings/realm"
+
 URL_REALM_ROLES = "{url}/admin/realms/{realm}/roles"
 URL_REALM_ROLE = "{url}/admin/realms/{realm}/roles/{name}"
 URL_REALM_ROLEMAPPINGS = "{url}/admin/realms/{realm}/users/{id}/role-mappings/realm"
@@ -3049,6 +3052,105 @@ class KeycloakAPI(object):
        except Exception:
            return False

+    def get_client_role_scope_from_client(self, clientid, clientscopeid, realm="master"):
+        """ Fetch the roles associated with the client's scope for a specific client on the Keycloak server.
+        :param clientid: ID of the client from which to obtain the associated roles.
+        :param clientscopeid: ID of the client who owns the roles.
+        :param realm: Realm from which to obtain the scope.
+        :return: The client scope of roles from specified client.
+        """
+        client_role_scope_url = URL_CLIENT_ROLE_SCOPE_CLIENTS.format(url=self.baseurl, realm=realm, id=clientid, scopeid=clientscopeid)
+        try:
+            return json.loads(to_native(open_url(client_role_scope_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
+                                                 timeout=self.connection_timeout,
+                                                 validate_certs=self.validate_certs).read()))
+        except Exception as e:
+            self.fail_open_url(e, msg='Could not fetch roles scope for client %s in realm %s: %s' % (clientid, realm, str(e)))
+
+    def update_client_role_scope_from_client(self, payload, clientid, clientscopeid, realm="master"):
+        """ Update and fetch the roles associated with the client's scope on the Keycloak server.
+        :param payload: List of roles to be added to the scope.
+        :param clientid: ID of the client to update scope.
+        :param clientscopeid: ID of the client who owns the roles.
+        :param realm: Realm from which to obtain the clients.
+        :return: The client scope of roles from specified client.
+        """
+        client_role_scope_url = URL_CLIENT_ROLE_SCOPE_CLIENTS.format(url=self.baseurl, realm=realm, id=clientid, scopeid=clientscopeid)
+        try:
+            open_url(client_role_scope_url, method='POST', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
+                     data=json.dumps(payload), validate_certs=self.validate_certs)
+
+        except Exception as e:
+            self.fail_open_url(e, msg='Could not update roles scope for client %s in realm %s: %s' % (clientid, realm, str(e)))
+
+        return self.get_client_role_scope_from_client(clientid, clientscopeid, realm)
+
+    def delete_client_role_scope_from_client(self, payload, clientid, clientscopeid, realm="master"):
+        """ Delete the roles contains in the payload from the client's scope on the Keycloak server.
+        :param payload: List of roles to be deleted.
+        :param clientid: ID of the client to delete roles from scope.
+        :param clientscopeid: ID of the client who owns the roles.
+        :param realm: Realm from which to obtain the clients.
+        :return: The client scope of roles from specified client.
+        """
+        client_role_scope_url = URL_CLIENT_ROLE_SCOPE_CLIENTS.format(url=self.baseurl, realm=realm, id=clientid, scopeid=clientscopeid)
+        try:
+            open_url(client_role_scope_url, method='DELETE', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
+                     data=json.dumps(payload), validate_certs=self.validate_certs)
+
+        except Exception as e:
+            self.fail_open_url(e, msg='Could not delete roles scope for client %s in realm %s: %s' % (clientid, realm, str(e)))
+
+        return self.get_client_role_scope_from_client(clientid, clientscopeid, realm)
+
+    def get_client_role_scope_from_realm(self, clientid, realm="master"):
+        """ Fetch the realm roles from the client's scope on the Keycloak server.
+        :param clientid: ID of the client from which to obtain the associated realm roles.
+        :param realm: Realm from which to obtain the clients.
+        :return: The client realm roles scope.
+        """
+        client_role_scope_url = URL_CLIENT_ROLE_SCOPE_REALM.format(url=self.baseurl, realm=realm, id=clientid)
+        try:
+            return json.loads(to_native(open_url(client_role_scope_url, method='GET', http_agent=self.http_agent, headers=self.restheaders,
+                                                 timeout=self.connection_timeout,
+                                                 validate_certs=self.validate_certs).read()))
+        except Exception as e:
+            self.fail_open_url(e, msg='Could not fetch roles scope for client %s in realm %s: %s' % (clientid, realm, str(e)))
+
+    def update_client_role_scope_from_realm(self, payload, clientid, realm="master"):
+        """ Update and fetch the realm roles from the client's scope on the Keycloak server.
+        :param payload: List of realm roles to add.
+        :param clientid: ID of the client to update scope.
+        :param realm: Realm from which to obtain the clients.
+        :return: The client realm roles scope.
+        """
+        client_role_scope_url = URL_CLIENT_ROLE_SCOPE_REALM.format(url=self.baseurl, realm=realm, id=clientid)
+        try:
+            open_url(client_role_scope_url, method='POST', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
+                     data=json.dumps(payload), validate_certs=self.validate_certs)
+
+        except Exception as e:
+            self.fail_open_url(e, msg='Could not update roles scope for client %s in realm %s: %s' % (clientid, realm, str(e)))
+
+        return self.get_client_role_scope_from_realm(clientid, realm)
+
+    def delete_client_role_scope_from_realm(self, payload, clientid, realm="master"):
+        """ Delete the realm roles contains in the payload from the client's scope on the Keycloak server.
+        :param payload: List of realm roles to delete.
+        :param clientid: ID of the client to delete roles from scope.
+        :param realm: Realm from which to obtain the clients.
+        :return: The client realm roles scope.
+        """
+        client_role_scope_url = URL_CLIENT_ROLE_SCOPE_REALM.format(url=self.baseurl, realm=realm, id=clientid)
+        try:
+            open_url(client_role_scope_url, method='DELETE', http_agent=self.http_agent, headers=self.restheaders, timeout=self.connection_timeout,
+                     data=json.dumps(payload), validate_certs=self.validate_certs)
+
+        except Exception as e:
+            self.fail_open_url(e, msg='Could not delete roles scope for client %s in realm %s: %s' % (clientid, realm, str(e)))
+
+        return self.get_client_role_scope_from_realm(clientid, realm)
+
    def fail_open_url(self, e, msg, **kwargs):
        try:
            if isinstance(e, HTTPError):
--- a/plugins/module_utils/ilo_redfish_utils.py
+++ b/plugins/module_utils/ilo_redfish_utils.py
@@ -29,6 +29,7 @@ class iLORedfishUtils(RedfishUtils):
        result['ret'] = True
        data = response['data']

+        current_session = None
        if 'Oem' in data:
            if data["Oem"]["Hpe"]["Links"]["MySession"]["@odata.id"]:
                current_session = data["Oem"]["Hpe"]["Links"]["MySession"]["@odata.id"]
--- a/plugins/module_utils/ipa.py
+++ b/plugins/module_utils/ipa.py
@@ -104,7 +104,7 @@ class IPAClient(object):

    def get_ipa_version(self):
        response = self.ping()['summary']
-        ipa_ver_regex = re.compile(r'IPA server version (\d\.\d\.\d).*')
+        ipa_ver_regex = re.compile(r'IPA server version (\d+\.\d+\.\d+).*')
        version_match = ipa_ver_regex.match(response)
        ipa_version = None
        if version_match:
--- a/plugins/module_utils/puppet.py
+++ b/plugins/module_utils/puppet.py
@@ -107,5 +107,6 @@ def puppet_runner(module):
            verbose=cmd_runner_fmt.as_bool("--verbose"),
        ),
        check_rc=False,
+        force_lang=module.params["environment_lang"],
    )
    return runner
--- a/plugins/module_utils/redfish_utils.py
+++ b/plugins/module_utils/redfish_utils.py
@@ -1149,6 +1149,54 @@ class RedfishUtils(object):
            return response
        return {'ret': True, 'changed': True}

+    def manager_reset_to_defaults(self, command):
+        return self.reset_to_defaults(command, self.manager_uri,
+                                      '#Manager.ResetToDefaults')
+
+    def reset_to_defaults(self, command, resource_uri, action_name):
+        key = "Actions"
+        reset_type_values = ['ResetAll',
+                             'PreserveNetworkAndUsers',
+                             'PreserveNetwork']
+
+        if command not in reset_type_values:
+            return {'ret': False, 'msg': 'Invalid Command (%s)' % command}
+
+        # read the resource and get the current power state
+        response = self.get_request(self.root_uri + resource_uri)
+        if response['ret'] is False:
+            return response
+        data = response['data']
+
+        # get the reset Action and target URI
+        if key not in data or action_name not in data[key]:
+            return {'ret': False, 'msg': 'Action %s not found' % action_name}
+        reset_action = data[key][action_name]
+        if 'target' not in reset_action:
+            return {'ret': False,
+                    'msg': 'target URI missing from Action %s' % action_name}
+        action_uri = reset_action['target']
+
+        # get AllowableValues
+        ai = self._get_all_action_info_values(reset_action)
+        allowable_values = ai.get('ResetType', {}).get('AllowableValues', [])
+
+        # map ResetType to an allowable value if needed
+        if allowable_values and command not in allowable_values:
+            return {'ret': False,
+                    'msg': 'Specified reset type (%s) not supported '
+                           'by service. Supported types: %s' %
+                           (command, allowable_values)}
+
+        # define payload
+        payload = {'ResetType': command}
+
+        # POST to Action URI
+        response = self.post_request(self.root_uri + action_uri, payload)
+        if response['ret'] is False:
+            return response
+        return {'ret': True, 'changed': True}
+
    def _find_account_uri(self, username=None, acct_id=None):
        if not any((username, acct_id)):
            return {'ret': False, 'msg':
@@ -1549,6 +1597,8 @@ class RedfishUtils(object):

        data = response['data']

+        result['multipart_supported'] = 'MultipartHttpPushUri' in data
+
        if "Actions" in data:
            actions = data['Actions']
            if len(actions) > 0:
@@ -3629,8 +3679,8 @@ class RedfishUtils(object):
                'msg': "Provided Storage Subsystem ID %s does not exist on the server" % storage_subsystem_id}

        # Validate input parameters
-        required_parameters = ['RAIDType', 'Drives', 'CapacityBytes']
-        allowed_parameters = ['DisplayName', 'InitializeMethod', 'MediaSpanCount',
+        required_parameters = ['RAIDType', 'Drives']
+        allowed_parameters = ['CapacityBytes', 'DisplayName', 'InitializeMethod', 'MediaSpanCount',
                              'Name', 'ReadCachePolicy', 'StripSizeBytes', 'VolumeUsage', 'WriteCachePolicy']

        for parameter in required_parameters:
@@ -3736,7 +3786,7 @@ class RedfishUtils(object):
        vendor = self._get_vendor()['Vendor']
        rsp_uri = ""
        for loc in resp_data['Location']:
-            if loc['Language'] == "en":
+            if loc['Language'].startswith("en"):
                rsp_uri = loc['Uri']
                if vendor == 'HPE':
                    # WORKAROUND
--- a/plugins/module_utils/scaleway.py
+++ b/plugins/module_utils/scaleway.py
@@ -17,6 +17,10 @@ from ansible.module_utils.basic import env_fallback, missing_required_lib
 from ansible.module_utils.urls import fetch_url
 from ansible.module_utils.six.moves.urllib.parse import urlencode

+from ansible_collections.community.general.plugins.module_utils.datetime import (
+    now,
+)
+
 SCALEWAY_SECRET_IMP_ERR = None
 try:
    from passlib.hash import argon2
@@ -306,10 +310,10 @@ class Scaleway(object):
        # Prevent requesting the resource status too soon
        time.sleep(wait_sleep_time)

-        start = datetime.datetime.utcnow()
+        start = now()
        end = start + datetime.timedelta(seconds=wait_timeout)

-        while datetime.datetime.utcnow() < end:
+        while now() < end:
            self.module.debug("We are going to wait for the resource to finish its transition")

            state = self.fetch_state(resource)
--- a/plugins/module_utils/wdc_redfish_utils.py
+++ b/plugins/module_utils/wdc_redfish_utils.py
@@ -11,6 +11,7 @@ import datetime
 import re
 import time
 import tarfile
+import os

 from ansible.module_utils.urls import fetch_file
 from ansible_collections.community.general.plugins.module_utils.redfish_utils import RedfishUtils
@@ -79,19 +80,25 @@ class WdcRedfishUtils(RedfishUtils):
            return response
        return self._find_updateservice_additional_uris()

-    def _is_enclosure_multi_tenant(self):
+    def _is_enclosure_multi_tenant_and_fetch_gen(self):
        """Determine if the enclosure is multi-tenant.

        The serial number of a multi-tenant enclosure will end in "-A" or "-B".
+        Fetching enclsoure generation.

-        :return: True/False if the enclosure is multi-tenant or not; None if unable to determine.
+        :return: True/False if the enclosure is multi-tenant or not and return enclosure generation;
+        None if unable to determine.
        """
        response = self.get_request(self.root_uri + self.service_root + "Chassis/Enclosure")
        if response['ret'] is False:
            return None
        pattern = r".*-[A,B]"
        data = response['data']
-        return re.match(pattern, data['SerialNumber']) is not None
+        if 'EnclVersion' not in data:
+            enc_version = 'G1'
+        else:
+            enc_version = data['EnclVersion']
+        return re.match(pattern, data['SerialNumber']) is not None, enc_version

    def _find_updateservice_additional_uris(self):
        """Find & set WDC-specific update service URIs"""
@@ -180,15 +187,44 @@ class WdcRedfishUtils(RedfishUtils):
        To determine if the bundle is multi-tenant or not, it looks inside the .bin file within the tarfile,
        and checks the appropriate byte in the file.

+        If not tarfile, the bundle is checked for 2048th byte to determine whether it is Gen2 bundle.
+        Gen2 is always single tenant at this time.
+
        :param str bundle_uri:  HTTP URI of the firmware bundle.
-        :return: Firmware version number contained in the bundle, and whether or not the bundle is multi-tenant.
-        Either value will be None if unable to determine.
+        :return: Firmware version number contained in the bundle, whether or not the bundle is multi-tenant
+        and bundle generation. Either value will be None if unable to determine.
        :rtype: str or None, bool or None
        """
        bundle_temp_filename = fetch_file(module=self.module,
                                          url=bundle_uri)
+        bundle_version = None
+        is_multi_tenant = None
+        gen = None
+
+        # If not tarfile, then if the file has "MMG2" or "DPG2" at 2048th byte
+        # then the bundle is for MM or DP G2
        if not tarfile.is_tarfile(bundle_temp_filename):
-            return None, None
+            cookie1 = None
+            with open(bundle_temp_filename, "rb") as bundle_file:
+                file_size = os.path.getsize(bundle_temp_filename)
+                if file_size >= 2052:
+                    bundle_file.seek(2048)
+                    cookie1 = bundle_file.read(4)
+            # It is anticipated that DP firmware bundle will be having the value "DPG2"
+            # for cookie1 in the header
+            if cookie1 and cookie1.decode("utf8") == "MMG2" or cookie1.decode("utf8") == "DPG2":
+                file_name, ext = os.path.splitext(str(bundle_uri.rsplit('/', 1)[1]))
+                # G2 bundle file name: Ultrastar-Data102_3000_SEP_1010-032_2.1.12
+                parsedFileName = file_name.split('_')
+                if len(parsedFileName) == 5:
+                    bundle_version = parsedFileName[4]
+                    # MM G2 is always single tanant
+                    is_multi_tenant = False
+                    gen = "G2"
+
+            return bundle_version, is_multi_tenant, gen
+
+        # Bundle is for MM or DP G1
        tf = tarfile.open(bundle_temp_filename)
        pattern_pkg = r"oobm-(.+)\.pkg"
        pattern_bin = r"(.*\.bin)"
@@ -205,8 +241,9 @@ class WdcRedfishUtils(RedfishUtils):
                bin_file.seek(11)
                byte_11 = bin_file.read(1)
                is_multi_tenant = byte_11 == b'\x80'
+                gen = "G1"

-        return bundle_version, is_multi_tenant
+        return bundle_version, is_multi_tenant, gen

    @staticmethod
    def uri_is_http(uri):
@@ -267,15 +304,16 @@ class WdcRedfishUtils(RedfishUtils):
        # Check the FW version in the bundle file, and compare it to what is already on the IOMs

        # Bundle version number
-        bundle_firmware_version, is_bundle_multi_tenant = self._get_bundle_version(bundle_uri)
-        if bundle_firmware_version is None or is_bundle_multi_tenant is None:
+        bundle_firmware_version, is_bundle_multi_tenant, bundle_gen = self._get_bundle_version(bundle_uri)
+        if bundle_firmware_version is None or is_bundle_multi_tenant is None or bundle_gen is None:
            return {
                'ret': False,
-                'msg': 'Unable to extract bundle version or multi-tenant status from update image tarfile'
+                'msg': 'Unable to extract bundle version or multi-tenant status or generation from update image file'
            }

+        is_enclosure_multi_tenant, enclosure_gen = self._is_enclosure_multi_tenant_and_fetch_gen()
+
        # Verify that the bundle is correctly multi-tenant or not
-        is_enclosure_multi_tenant = self._is_enclosure_multi_tenant()
        if is_enclosure_multi_tenant != is_bundle_multi_tenant:
            return {
                'ret': False,
@@ -285,6 +323,16 @@ class WdcRedfishUtils(RedfishUtils):
                )
            }

+        # Verify that the bundle is compliant with the target enclosure
+        if enclosure_gen != bundle_gen:
+            return {
+                'ret': False,
+                'msg': 'Enclosure generation is {0} but bundle is of {1}'.format(
+                    enclosure_gen,
+                    bundle_gen,
+                )
+            }
+
        # Version number installed on IOMs
        firmware_inventory = self.get_firmware_inventory()
        if not firmware_inventory["ret"]:
--- a/Show More
+++ b/Show More