search

dev-sec / puppet-os-hardening

This puppet module provides numerous security-related configurations, providing all-round base protection.
http://dev-sec.io/
Apache License 2.0
279 stars 101 forks source link

modern version of stdlib #310

Closed ghost closed 6 months ago

ghost commented 1 year ago

Is your feature request related to a problem? Please describe. The existing limitation of stdlib version stops this module working on moderne versions of puppet

Describe the solution you'd like Update to the latest version of stdlib, or at least be able to use one greater than 8.0.0 (which is very old)

Describe alternatives you've considered Removing the limitation in the metadata.json file from a forked version of the module (which is not ideal)

Additional context Error from librarian [Librarian] Conflict between puppetlabs-stdlib (>= 4.6.0, < 8.0.0) <https://forgeapi.puppetlabs.com> and puppetlabs-stdlib/9.2.0 <https://forgeapi.puppetlabs.com>

akester commented 8 months ago

I'm testing locally, but so far I'm having no issues with 8.6.0, Puppet 7.23.0, and Debian 12.

I also am using the updated augeasproviders_sysctl library, as the one referenced directly as a requirement is marked as deprecated as well.

I ran into a similar issue with puppetlabs/apt trying to use old styles of functions in stdlib, and this module seemed to be the hold out for anything more modern. So far it seems happy on a new version with no changes made to the module at all.

I'm happy to spin up a more formal MR. Right now I just have it cloned on a local Git instance and included it as a submodule to bypass the automated dependency resolution.

akester commented 6 months ago

I did open #317 for this with some proposed changes.