Last active
March 2, 2018 18:54
-
-
Save AlanCoding/9442a512ab6977940bc7b5b346d4f70b to your computer and use it in GitHub Desktop.
Notes of what I found when upgrading AWX dependencies
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apache-libcloud==2.0.0 2.2.1 | |
| upgraded last round | |
| inventory scripts | |
| appdirs==1.4.2 | |
| already up to date | |
| asgi-amqp==1.1.1 | |
| already up to date | |
| asgiref==1.1.2 | |
| 2.1.6 is available | |
| required new dep, pathlib | |
| require 1.1.2 by asgi-amqp | |
| letting it go to requirements.txt | |
| azure==2.0.0rc6 3.0.0 | |
| upgraded | |
| backports.ssl-match-hostname==3.5.0.1 | |
| already up to date | |
| boto==2.46.1 2.48.0 | |
| http://boto.cloudhackers.com/en/latest/releasenotes/v2.48.0.html | |
| doesn't look risky | |
| upgraded last time | |
| hit problem running inventory update | |
| boto v2.48.0 fails | |
| boto v2.47.0 works | |
| boto v2.46.1 works | |
| boto3==1.4.4 1.6.2 | |
| channels==1.1.8 | |
| celery==3.1.25 | |
| ouch, it burns, not touching | |
| daphne==1.3.0 | |
| 2.0.4 for channels 2 | |
| Django==1.11.7 1.11.10 | |
| minor version update release notes look okay | |
| django-auth-ldap==1.2.8 | |
| already up to date | |
| django-celery==3.2.2 | |
| already up to date | |
| django-crum==0.7.1 0.7.2 | |
| upgraded | |
| django-extensions==1.7.8 2.0.0 | |
| upgraded last round | |
| lots going on | |
| https://github.com/django-extensions/django-extensions/blob/master/CHANGELOG.md | |
| django-jsonfield==1.0.1 | |
| already up to date | |
| django-oauth-toolkit==1.0.0 | |
| already up to date | |
| django-polymorphic==1.3 2.0.2 | |
| upgraded last round | |
| latest contains Django 1.11 fixes | |
| http://django-polymorphic.readthedocs.io/en/stable/changelog.html | |
| django-pglocks==1.0.2 | |
| already up to date | |
| django-radius==1.1.0 1.3.2 | |
| no good changelog | |
| imported as radiusauth in SSO | |
| 1.2.0 added import of future library, causing test fails | |
| django-solo==1.1.2 1.1.3 | |
| fixes | |
| https://github.com/lazybird/django-solo/commit/5309c5a89136bcb1f857e77c3b9c1c2449930e85 | |
| django-split-settings==0.2.5 0.3.0 | |
| upgraded last round | |
| django-taggit==0.22.1 0.22.2 | |
| upgraded last round | |
| https://github.com/alex/django-taggit/commit/c788211b272a7df06ab845e0c789c16befe56b00 | |
| looks harmless | |
| djangorestframework==3.7.3 3.7.7 | |
| 3.7.4 was a fairly large update | |
| djangorestframework-yaml==1.0.3 | |
| already up to date | |
| gevent-websocket==0.9.5 | |
| pinned because of django channels | |
| irc==15.1.1 16.2 | |
| upgraded last round | |
| https://github.com/jaraco/irc/blob/master/CHANGES.rst | |
| one method removed, maybe okay? | |
| jsonschema==2.6.0 | |
| upgraded last round | |
| already up to date | |
| M2Crypto==0.25.1 0.29.0 | |
| https://github.com/mcepl/M2Crypto/blob/master/CHANGES | |
| lots of cleanup, no major red flags | |
| Markdown==2.6.7 2.6.11 | |
| https://python-markdown.github.io/change_log/ | |
| only bug fixes and documentation | |
| ordereddict==1.1 | |
| already up to date | |
| pexpect==4.4.0 | |
| already up to date (previously updated) | |
| psphere==0.5.2 | |
| already up to date | |
| psutil==5.2.2 5.4.3 | |
| upgraded last round | |
| https://github.com/giampaolo/psutil/blob/master/HISTORY.rst | |
| lots. | |
| psycopg2==2.7.3.2 | |
| tried 2.7.4 | |
| http://initd.org/psycopg/docs/news.html | |
| Packages installed from wheel raise a warning on import | |
| caused a Segmentation fault | |
| installed psycopg2-binary-2.7.4 | |
| Wheel packages compiled against PostgreSQL 10.1 libpq and OpenSSL 1.0.2n | |
| pycrypto==2.6.1 | |
| already up to date | |
| pygerduty==0.35.2 0.37.0 | |
| upgraded last round | |
| https://github.com/dropbox/pygerduty/blob/master/CHANGELOG.md | |
| pyOpenSSL==17.0.0 17.5.0 | |
| https://pyopenssl.org/en/stable/changelog.html | |
| requires cryptography 2.1.4, which was upgraded to in this batch | |
| pyparsing==2.2.0 | |
| already up to date | |
| python-logstash==0.4.6 | |
| already up to date | |
| python-memcached==1.58 1.59 | |
| https://github.com/linsomniac/python-memcached/blob/master/ChangeLog | |
| pin six>=1.4, not a problem | |
| python-radius==1.0 | |
| already up to date | |
| python-saml==2.2.1 2.4.0 | |
| 2.2.2 does not segfault | |
| 2.2.3 does segfault | |
| 2.3.0 | |
| 2.4.0 | |
| https://github.com/onelogin/python-saml/blob/master/changelog.md | |
| has a vulnerability fix | |
| social-auth-core==1.5.0 1.7.0 | |
| https://github.com/python-social-auth/social-core/blob/master/CHANGELOG.md | |
| Support string and lists on SAML permanent id value | |
| didn't see any other relevant change | |
| social-auth-app-django==2.0.0 2.1.0 | |
| https://github.com/python-social-auth/social-app-django/blob/master/CHANGELOG.md | |
| looks minor | |
| pyvmomi==6.5 | |
| https://github.com/vmware/pyvmomi/releases | |
| redbaron==0.6.3 | |
| upgraded last round | |
| requests-futures==0.9.7 | |
| already up to date | |
| service-identity==16.0.0 17.0.0 | |
| https://service-identity.readthedocs.io/en/stable/changelog.html | |
| browser/compat updates | |
| shade==1.20.0 1.27.0 | |
| upgraded last round | |
| I question if we need this. | |
| slackclient==1.0.6 1.1.2 | |
| upgraded last round | |
| tacacs_plus==1.0 | |
| 2.3 is available | |
| upgraded last round | |
| https://github.com/ansible/tacacs_plus/releases | |
| apparently this is nothing but features we don't need | |
| twilio==6.1.0 6.10.4 | |
| upgraded last round | |
| https://github.com/twilio/twilio-python/blob/master/CHANGES.md | |
| basically added more stuff | |
| twisted==17.9.0 | |
| not upgrading because of note | |
| uWSGI==2.0.14 2.0.17 | |
| https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html | |
| Maintenance release x 2 | |
| CVE-2018-6758 | |
| xmltodict==0.11.0 | |
| upgraded last round | |
| already up to date | |
| pip==9.0.1 | |
| upgraded last round | |
| already up to date | |
| setuptools==36.0.1 38.5.1 | |
| upgraded last round | |
| http://setuptools.readthedocs.io/en/latest/history.html | |
| Ansible | |
| requests-credssp==0.1.0 | |
| by request, most recent version | |
| backports.ssl-match-hostname==3.5.0.1 | |
| no idea what this is doing in there, has some related Ansible issues | |
| already up to date | |
| kombu==3.0.37 4.1.0 | |
| 3.0.37 is version that celery is using | |
| Bill questions if we need this | |
| boto==2.46.1 | |
| boto3==1.4.4 | |
| ovirt-engine-sdk-python==4.1.6 4.2.4 | |
| Ansible ovirt facts ovirt-engine-sdk-python >= 4.2.4 | |
| python-memcached==1.59 | |
| psphere==0.5.2 | |
| psutil==5.2.2 | |
| pyvmomi==6.5 | |
| pywinrm[kerberos]==0.2.2 0.3.0 | |
| upgraded by upgrading pywinrm only | |
| https://github.com/diyan/pywinrm/blob/master/CHANGELOG.md | |
| Maintenance releases | |
| https://github.com/ansible/ansible/blob/76ff3e9efc0a74799bc2962508fdfcc8c2a920b6/docs/docsite/rst/user_guide/windows_winrm.rst#L20 | |
| pip install "pywinrm>=0.3.0" | |
| requests<2.16 # Older versions rely on certify | |
| requests-credssp==0.1.0 # For windows authentication awx/issues/1144 | |
| secretstorage==2.3.1 | |
| already up to date | |
| shade==1.20.0 | |
| https://github.com/ansible/ansible/blob/0f893027c47560777f5295a338238a820c6c954b/lib/ansible/modules/cloud/openstack/os_quota.py#L175 | |
| >1.9.0 | |
| https://github.com/ansible/ansible/blob/0f893027c47560777f5295a338238a820c6c954b/lib/ansible/modules/cloud/openstack/os_keystone_endpoint.py#L54 | |
| >1.11.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment