Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update asyncssh requirement from ~=2.13.2 to >=2.13.2,<2.15.0 #424

Merged
merged 2 commits into from
Oct 2, 2023
Merged

chore: update asyncssh requirement from ~=2.13.2 to >=2.13.2,<2.15.0 #424

merged 2 commits into from
Oct 2, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 2, 2023
edited
Loading

Updates the requirements on asyncssh to permit the latest version.

Changelog

Sourced from asyncssh's changelog.

Release 2.14.0 (30 Sep 2023)

  • Added support for a new accept_handler argument when setting up local port forwarding, allowing the client host and port to be validated and/or logged for each new forwarded connection. An accept handler can also be returned from the server_requested function to provide this functionality when acting as a server. Thanks go to GitHub user zgxkbtl for suggesting this feature.

  • Added an option to disable expensive RSA private key checks when using OpenSSL 3.x. Functions that read private keys have been modified to include a new unsafe_skip_rsa_key_validation argument which can be used to avoid these additional checks, if you are loading keys from a trusted source.

  • Added host information into AsyncSSH exceptions when host key validation fails, and a few other improvements related to X.509 certificate validation errors. Thanks go to Peter Moore for suggesting this and providing an example.

  • Fixed a regression which prevented keys loaded into an SSH agent with a certificate from working correctly beginning in AsyncSSH after version 2.5.0. Thanks go to GitHub user htol for reporting this issue and suggesting the commit which caused the problem.

  • Fixed an issue which was triggering an internal exception when shutting down server sessions with the line editor enabled which could cause some output to be lost on exit, especially when running on Windows. Thanks go to GitHub user jerrbe for reporting this issue.

  • Fixed an issue in a unit test seen in Python 3.12 beta. Thanks go to Georg Sauthoff for providing this fix.

  • Fixed a documentation error in SSHClientConnectionOptions and SSHServerConnectionOptions. Thanks go to GitHub user bowenerchen for reporting this issue.

Release 2.13.2 (21 Jun 2023)

  • Fixed an issue with host-based authentication when using proxy_command, allowing it to be used if the caller explicitly specifies client_host. Thanks go to GitHub user yuqingm7 for reporting this issue.

  • Improved handling of signature algorithms for OpenSSH certificates so that RSA SHA-2 signatures will work with both older and newer versions of OpenSSH.

  • Worked around an issue with some Cisco SSH implementations generating

... (truncated)

Commits
  • 973aee9 Bump version number up to 2.14.0 and update change log
  • 70f65eb Add support for an "accept handler" in connection forwarding
  • 777d328 Avoid triggering an exception when shutting down the line editor
  • e755778 Fix documentation error in SSHConnectionOptions
  • fa6a1c9 Enable --use-pep517 for tox-invoked pip
  • c3ad5f1 Include additional context in some AsyncSSH exceptions
  • 5e6450a Fix issue with keys with OpenSSH certificates loaded into SSH agent
  • e65ec42 Read from stdout instead of communicate
  • e70969f Add an option to disable expensive OpenSSL 3.x RSA private key checks
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore: update asyncssh requirement from ~=2.13.2 to >=2.13.2,<2.15.0
de8544f 
Updates the requirements on [asyncssh](https://github.com/ronf/asyncssh) to permit the latest version.
- [Changelog](https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst)
- [Commits](ronf/asyncssh@v2.13.2...v2.14.0)

---
updated-dependencies:
- dependency-name: asyncssh
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies PR related to ANTA dependencies label Oct 2, 2023
@gmuloc gmuloc merged commit a1bfb6f into main Oct 2, 2023
17 checks passed
@dependabot dependabot bot deleted the dependabot/pip/asyncssh-gte-2.13.2-and-lt-2.15.0 branch October 2, 2023 08:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gmuloc gmuloc gmuloc approved these changes

@carl-baillargeon carl-baillargeon Awaiting requested review from carl-baillargeon

@mtache mtache Awaiting requested review from mtache

@titom73 titom73 Awaiting requested review from titom73

Assignees
No one assigned
Labels
dependencies PR related to ANTA dependencies rn: chore
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@gmuloc