Closed kbrock closed 1 week ago
I'm curious what @agrare thinks. We didn't have it before, so it's not like it worked previously.
@agrare Background is there are 2 vmware clients for python.
community/vmware
ansible collection one requires pyvmomi plus a git repo for vsphere-automation-sdk-python (ref)vmware/vmware_rest
requires aiohttp (ref)I'm pretty sure we've only every worked with community/vmware, but I wasn't sure if you had other experiences in the wild.
In that note. We've worked fine without the git package
I haven't run into it previously but it states it is part of the "Red Hat Ansible Certified Content for VMware" Are these security issues with aiohttp being ignored by upstream?
I just added in https://github.com/ManageIQ/manageiq-rpm_build/pull/495 Think we want to drop this
This was added to support all possible vmware clients But we don't use this client, none of our customers requested it and it looks to have security issues
@Fryguy your call if we want to go this route or want to resolve the issues
This resolves quite a few Mend issues (High and Medium) like https://github.com/ManageIQ/manageiq-rpm_build/issues/501 and https://github.com/ManageIQ/manageiq-rpm_build/issues/502