Yoga Series Release Notes¶
This patch ensures that we mask sensitive data when masking password, even if double quotes are used as password value.
Fix regex used to mask password. The
strutils.mask_passwordfunction will now correctly handle passwords that contain single or double quotes. Previously, only the characters before the quote were masked.
bug #1942682: Fix inconsistent value of QemuImgInfo.encrypted. Now the attribute is always ‘yes’ or None regardless of the format(human or json) used.
keystoneidsentinel singleton was introduced to generate random keystone-like UUIDs. New sentinel could be used in the same way as existing uuidsentinel.
fnmatchmodule is deprecated, please use the stdlib
fnmatchmodule which is thread safe for python 3+.
Support for parsing the
humanformat has been deprecated and will be removed in a future release.
netutils.is_valid_ipv4to allowing users to restrict validation to IP addresses in presentation format (
a.b.c.d) as opposed to address format (
A wrapper for hashlib.md5() has been added to allow OpenStack to run on systems where FIPS is enabled. Under FIPS, md5 is disabled and calls to hashlib.md5() will fail. In most cases in OpenStack, though, md5 is not used within a security context.
In https://bugs.python.org/issue9216, a proposal has been made to allow the addition of a keyword parameter usedforsecurity, which can be used to designate non-security context uses. In this case, md5() operations would be permitted. This feature is expected to be delivered in python 3.9.
Downstream python already supports this option, though. This wrapper simply allows for this option to be supported where the underlying python version supports it.
is_yamladded in fileutils. These can be used to check if file is JSON or YAML formatted.
netutils.get_mac_addr_by_ipv6(ipv6, dialect)extracts the MAC address from IPv6 addresses generated from MACs.
qemu 4.1.0 output shifts to scientific notation at 1000mb, breaking oslo.utils.
QemuImgInfois now fixed to support this notation.
Support for Python 2.7 has been dropped. The minimum version of Python now supported is Python 3.6.
This patch ensures that we mask sensitive data when masking dicts, even if the case doesn’t match. This means the behaviour of mask_password and mask_dict_password is now the same.
Additional password names were included from real world logs that contained sensitive information.
Introduce reno for deployer release notes.
Expanded range of allowed ports by adding 0 to valid number.