[pull] master from trailofbits:master#160
Merged
Merged
Conversation
Bumps [azure-identity](https://github.com/Azure/azure-sdk-for-python) from 1.23.1 to 1.25.1. - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md) - [Commits](Azure/azure-sdk-for-python@azure-identity_1.23.1...azure-identity_1.25.1) --- updated-dependencies: - dependency-name: azure-identity dependency-version: 1.25.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [boto3](https://github.com/boto/boto3) from 1.40.3 to 1.41.5. - [Release notes](https://github.com/boto/boto3/releases) - [Commits](boto/boto3@1.40.3...1.41.5) --- updated-dependencies: - dependency-name: boto3 dependency-version: 1.41.5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Fix Vultr startup script JSON serialization error
The startup_script module was failing with "Object of type 'bytes' is not
JSON serializable" because the lookup('template', ...) was returning bytes
instead of a string.
Added | string filter to explicitly convert the template result to a
string, matching the pattern used by the DigitalOcean cloud provider.
Also simplified from multiline block format to inline format for
consistency with other cloud providers.
Fixes the error: "Object of type 'bytes' is not JSON serializable by the
'tagless' profile."
* Add string filters to template lookups in cloud-init base template
Added | string filters to lookup() calls in the cloud-init base template
to ensure consistent string handling across all cloud providers.
The Vultr startup_script module requires all values to be JSON-serializable
strings, and lookup() can return bytes in some contexts. This change ensures
that both the SSH config template lookup and the SSH public key file lookup
explicitly return strings.
This is a defensive fix that improves compatibility with strict JSON
serialization requirements in some Ansible modules, while remaining
backward compatible with existing cloud providers.
Related to: vultr.cloud.startup_script JSON serialization requirements
* Use two-step fact assignment for Vultr startup script
Changed to set the cloud-init script as a fact first, then reference
that fact in the startup_script module. This follows the pattern used
by the Linode provider and avoids JSON serialization issues with nested
template lookups.
This approach ensures the template is fully evaluated and stored as a
string before being passed to the vultr.cloud.startup_script module,
which then base64-encodes it for the API.
Related to: JSON serialization with "tagless" profile in Ansible 2.19+
The ansible.utils.ipmath filter is used in config.cfg and WireGuard templates but the collection was not listed in requirements.yml. This causes 'No filter named ipmath' errors for users who install ansible-core separately rather than the full ansible package. Fixes #14879 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>
When running ./algo update-users, if the server is unreachable, users
previously saw cryptic Ansible SSH retry errors like:
ssh_retry: attempt: 3, ssh return code is 255
This adds a pre-flight check that tests SSH connectivity before running
the full playbook. If the connection fails, it provides a helpful error
message with:
- Clear explanation of what failed
- Possible causes (server not running, IP changed, firewall blocking)
- Diagnostic commands to run (nc, ssh -vvv)
Fixes #14878
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
- Remove pyopenssl from core dependencies: community.crypto 3.0.3 removed pyopenssl backend from ALL modules, now uses only cryptography library - Remove boto from AWS optional dependencies: Algo only uses boto3/botocore (library/lightsail_region_facts.py confirms this), and amazon.aws collection requires only boto3>=1.34.0 Verified by: - Code search confirming no imports of pyopenssl or old boto - Runtime tests in isolated environments without these packages - All 101 unit tests passing - Ansible playbook syntax checks passing 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )