Safety vulnerability ID: 42974
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Galaxy-ng 4.4.0 updates its dependency 'Django' to v3.2.6 to include security fixes.
Latest version: 4.9.2
galaxy-ng plugin for the Pulp Project
==================
Features
--------
- Update settings.py with Redis config provided by Clowder
`AAH-382 <https://issues.redhat.com/browse/AAH-382>`_
- Create new api endpoints for listing, getting, and updating container registries.
`AAH-434 <https://issues.redhat.com/browse/AAH-434>`_
- Create new api endpoints for listing, getting, and updating container remotes.
`AAH-435 <https://issues.redhat.com/browse/AAH-435>`_
- Create remote sync api endpoint.
`AAH-438 <https://issues.redhat.com/browse/AAH-438>`_
- Create templates to deploy Automation Hub services via the Clowder operator
`AAH-581 <https://issues.redhat.com/browse/AAH-581>`_
- Start deploying galaxy_ng to ephemeral environments in pr_check
`AAH-582 <https://issues.redhat.com/browse/AAH-582>`_
- Update to galaxy-importer version that uses ansible-core 2.11
`AAH-588 <https://issues.redhat.com/browse/AAH-588>`_
- Add new healthz endpoint for liveness probe to check in ephemeral environments.
`AAH-683 <https://issues.redhat.com/browse/AAH-683>`_
- Ensure retain_repo_versions=1 is set for newly created repositories and existing
`AAH-708 <https://issues.redhat.com/browse/AAH-708>`_
- Enable Namespace deletion endpoint.
`AAH-709 <https://issues.redhat.com/browse/AAH-709>`_
- Allow collection versions to be deleted
`AAH-710 <https://issues.redhat.com/browse/AAH-710>`_
- Allow collections to be deleted
`AAH-711 <https://issues.redhat.com/browse/AAH-711>`_
- Allow container repository to be deleted
`AAH-712 <https://issues.redhat.com/browse/AAH-712>`_
- Allow container manifest to be deleted
`AAH-713 <https://issues.redhat.com/browse/AAH-713>`_
- Add configuration for api access logging.
`AAH-733 <https://issues.redhat.com/browse/AAH-733>`_
- Add unix socket support to collection version download view
`AAH-743 <https://issues.redhat.com/browse/AAH-743>`_
- Update settings.py and urls.py with Social Auth values when environment is configured
`AAH-846 <https://issues.redhat.com/browse/AAH-846>`_
- Add the ability to index execution environments from Red Hat registry remotes. This scans the registry for containers that are labeled with the execution environment label and creates remote container repositories for them which can be synced.
`AAH-864 <https://issues.redhat.com/browse/AAH-864>`_
- Enable unauthenticated view-only collection browsing
`AAH-881 <https://issues.redhat.com/browse/AAH-881>`_
- Add CONNECTED_ANSIBLE_CONTROLLERS setting which enables users to specify a list of controller instances that they wish to have galaxy ng connect to.
`AAH-888 <https://issues.redhat.com/browse/AAH-888>`_
- Create access policy for registries endpoint.
`AAH-896 <https://issues.redhat.com/browse/AAH-896>`_
- Create filters for container registries endpoint.
`AAH-897 <https://issues.redhat.com/browse/AAH-897>`_
- Enable basic (username/password) authentication for galaxy apis.
`AAH-901 <https://issues.redhat.com/browse/AAH-901>`_
- Add dependency filter to ui collection versions endpoint
`AAH-902 <https://issues.redhat.com/browse/AAH-902>`_
- Add api endpoint for getting a listof tags in a container repository.
`AAH-906 <https://issues.redhat.com/browse/AAH-906>`_
- Enable keycloak authentication using username and password for podman login.
`AAH-916 <https://issues.redhat.com/browse/AAH-916>`_
- Add pre-authorized-redirect content guard to distributions
`AAH-923 <https://issues.redhat.com/browse/AAH-923>`_
- Allow container registry-remote to be deleted
`AAH-931 <https://issues.redhat.com/browse/AAH-931>`_
- Add created_at and updated_at filters to container registries endpoint.
`AAH-938 <https://issues.redhat.com/browse/AAH-938>`_
- Add api endpoint to sync all remotes in a container registry.
`AAH-945 <https://issues.redhat.com/browse/AAH-945>`_
- Add image manifests to container images api.
`AAH-964 <https://issues.redhat.com/browse/AAH-964>`_
Bugfixes
--------
- Made API Root view to raise 404 if distro path is provided but distro doesn´t exist.
`AAH-157 <https://issues.redhat.com/browse/AAH-157>`_
- Disable streamed sync endpoints
`AAH-224 <https://issues.redhat.com/browse/AAH-224>`_
- Improve errors for max length violations in collection filename import
`AAH-428 <https://issues.redhat.com/browse/AAH-428>`_
- Uses optional file_url from caller, pulp-ansible>=0.8, to support additional pulp backend storage platforms
`AAH-431 <https://issues.redhat.com/browse/AAH-431>`_
- Fix incorrect openapi.yml
Fix in this case mostly means removing an
out of date version in lieu of the autogenerated
version at /api/automation-hub/v3/openapi.yaml
`AAH-450 <https://issues.redhat.com/browse/AAH-450>`_
- Fix "CVE-2021-32052 django: header injection" by moving to django ~=2.2.23
`AAH-583 <https://issues.redhat.com/browse/AAH-583>`_
- Fix synclist to exclude all versions of un-checked collection.
`AAH-585 <https://issues.redhat.com/browse/AAH-585>`_
- Update the required django to ~=2.2.23
`AAH-601 <https://issues.redhat.com/browse/AAH-601>`_
- Pin 'click' version to 7.1.2 for 'rq' compat
`AAH-637 <https://issues.redhat.com/browse/AAH-637>`_
- Implemented filters for state and keywords on imports API.
`AAH-646 <https://issues.redhat.com/browse/AAH-646>`_
- Download collection artifacts from the galaxy apis instead of the pulp content app.
`AAH-661 <https://issues.redhat.com/browse/AAH-661>`_
- Update to work with pulpcore 3.14 API
`AAH-706 <https://issues.redhat.com/browse/AAH-706>`_
- Create 'inbound-namespaces' whenever a namespace is created.
`AAH-739 <https://issues.redhat.com/browse/AAH-739>`_
- Fix typo in AWS S3 configuration for Clowder
`AAH-781 <https://issues.redhat.com/browse/AAH-781>`_
- Fixed missing galaxy-importer configuration in Clowder template.
`AAH-815 <https://issues.redhat.com/browse/AAH-815>`_
- Adds dependency django-automated-logging
`AAH-849 <https://issues.redhat.com/browse/AAH-849>`_
- Fix keycloak setting not being loaded from /etc/pulp/settings.py
`AAH-915 <https://issues.redhat.com/browse/AAH-915>`_
- Bump django-automated-logging version to include IP Address in logs
`AAH-918 <https://issues.redhat.com/browse/AAH-918>`_
- Download collection artifacts from the pulp content app instead of the galaxy apis
`AAH-924 <https://issues.redhat.com/browse/AAH-924>`_
- Fix container pull error to make compatible with drf-access-policy update
`AAH-940 <https://issues.redhat.com/browse/AAH-940>`_
- Add auth_provider to users/ endpoint to denote an SSO user
`AAH-952 <https://issues.redhat.com/browse/AAH-952>`_
- Add get_object to ContainerSyncRemoteView to fix AAH-989
`AAH-989 <https://issues.redhat.com/browse/AAH-989>`_
- Allow deleting execution environment repositories with a dot in name
`AAH-1049 <https://issues.redhat.com/browse/AAH-1049>`_
- Fix a bug where remote container repositories could not be deleted.
`AAH-1095 <https://issues.redhat.com/browse/AAH-1095>`_
Misc
----
- `AAH-224 <https://issues.redhat.com/browse/AAH-224>`_, `AAH-424 <https://issues.redhat.com/browse/AAH-424>`_, `AAH-460 <https://issues.redhat.com/browse/AAH-460>`_, `AAH-563 <https://issues.redhat.com/browse/AAH-563>`_, `AAH-570 <https://issues.redhat.com/browse/AAH-570>`_, `AAH-576 <https://issues.redhat.com/browse/AAH-576>`_, `AAH-579 <https://issues.redhat.com/browse/AAH-579>`_, `AAH-581 <https://issues.redhat.com/browse/AAH-581>`_, `AAH-584 <https://issues.redhat.com/browse/AAH-584>`_, `AAH-603 <https://issues.redhat.com/browse/AAH-603>`_, `AAH-606 <https://issues.redhat.com/browse/AAH-606>`_, `AAH-647 <https://issues.redhat.com/browse/AAH-647>`_, `AAH-707 <https://issues.redhat.com/browse/AAH-707>`_, `AAH-750 <https://issues.redhat.com/browse/AAH-750>`_, `AAH-799 <https://issues.redhat.com/browse/AAH-799>`_, `AAH-830 <https://issues.redhat.com/browse/AAH-830>`_, `AAH-837 <https://issues.redhat.com/browse/AAH-837>`_, `AAH-871 <https://issues.redhat.com/browse/AAH-871>`_, `AAH-873 <https://issues.redhat.com/browse/AAH-873>`_, `AAH-917 <https://issues.redhat.com/browse/AAH-917>`_
----
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application