search

chocolatey / chocolatey-ansible

The Chocolatey module collection for Ansible
GNU General Public License v3.0
47 stars 29 forks source link

(build) Bump required Jinja2 version for build and test pipelines #145

Closed Windos closed 4 months ago

Windos commented 4 months ago

Description Of Changes

This MR bumps the required Jinja2 version used in the build and test pipelines to ~>3.1.3 (and version from 3.1.3 through 3.1.x)

Motivation and Context

Versions of Jinja2 below 3.1.3 are affected by CVE-2024-22195

This MR also updates the Azure Windows Client image used in the Azure Pipeline as the previous one had been removed.

Testing

This change has been exercised through the Azure Pipeline and resulted in a successful build and test.

Operating Systems Testing

N/A

Change Types Made

Build change * [ ] Bug fix (non-breaking change). * [ ] Feature / Enhancement (non-breaking change). * [ ] Breaking change (fix or feature that could cause existing functionality to change). * [ ] Documentation changes. * [ ] PowerShell code changes.

Change Checklist

* [ ] Requires a change to the documentation. * [ ] Documentation has been updated. * [ ] Tests to cover my changes, have been added. * [ ] All new and existing tests passed? * [ ] PowerShell code changes: PowerShell v2 compatibility checked?

Related Issue

N/A

pauby commented 4 months ago

Thanks for sorting this out @Windos