Zed Series Release Notes


Upgrade Notes

  • The oslo_utils.fnmatch module has been removed. The stdlib fnmatch module is thread safe in Python 3+.

  • The isotime, strtime and iso8601_from_timestamp helpers have been removed from oslo_utils.timeutils. These are all available in the stdlib in Python 3.


Security Issues

  • This patch ensures that we mask sensitive data when masking password, even if double quotes are used as password value.


Bug Fixes

  • Fix regex used to mask password. The strutils.mask_password function will now correctly handle passwords that contain single or double quotes. Previously, only the characters before the quote were masked.


Bug Fixes

  • bug #1942682: Fix inconsistent value of QemuImgInfo.encrypted. Now the attribute is always ‘yes’ or None regardless of the format(human or json) used.


New Features

  • keystoneidsentinel singleton was introduced to generate random keystone-like UUIDs. New sentinel could be used in the same way as existing uuidsentinel.


Deprecation Notes

  • Oslo.utils’s fnmatch module is deprecated, please use the stdlib fnmatch module which is thread safe for python 3+.

  • Support for parsing the human format has been deprecated and will be removed in a future release.


New Features

  • Add a strict flag to netutils.is_valid_ipv4 to allowing users to restrict validation to IP addresses in presentation format (a.b.c.d) as opposed to address format (a.b.c.d, a.b.c, a.b, a).


New Features

  • A wrapper for hashlib.md5() has been added to allow OpenStack to run on systems where FIPS is enabled. Under FIPS, md5 is disabled and calls to hashlib.md5() will fail. In most cases in OpenStack, though, md5 is not used within a security context.

    In https://bugs.python.org/issue9216, a proposal has been made to allow the addition of a keyword parameter usedforsecurity, which can be used to designate non-security context uses. In this case, md5() operations would be permitted. This feature is expected to be delivered in python 3.9.

    Downstream python already supports this option, though. This wrapper simply allows for this option to be supported where the underlying python version supports it.


New Features

  • New method is_json is_yaml added in fileutils. These can be used to check if file is JSON or YAML formatted.


New Features

  • New method netutils.get_mac_addr_by_ipv6(ipv6, dialect) extracts the MAC address from IPv6 addresses generated from MACs.


Bug Fixes

  • qemu 4.1.0 output shifts to scientific notation at 1000mb, breaking oslo.utils. QemuImgInfo is now fixed to support this notation.


Upgrade Notes

  • Support for Python 2.7 has been dropped. The minimum version of Python now supported is Python 3.6.


Security Issues

  • This patch ensures that we mask sensitive data when masking dicts, even if the case doesn’t match. This means the behaviour of mask_password and mask_dict_password is now the same.

  • Additional password names were included from real world logs that contained sensitive information.


Other Notes

  • Introduce reno for deployer release notes.


Bug Fixes

  • Expanded range of allowed ports by adding 0 to valid number.