# 6.1.14

2021-07-19

Maintenance release 6.1.14

* Architecture #19246: Clean workspace at the end of Rust builds
* Bug #19266: Group management technique doesn't correctly honor gid option
* Bug #19268: Error when processing old inventories with davfs temporary files
* Bug #19269: User Management technique tries to always change user gid when forcing the check of user gid everytime
* Bug #19271: Backport folder exclusion and maven security exclusion in tests
* Bug #19272: Ignore security alert for unused js embeded in scala lib
* Bug #19275:  Ignore security alert for unused js embeded in scala lib (plugin)
* Bug #19276: Remove reference to x-www-form-urlencoded in API commands
* Bug #19279: For plugins, we need to skip CVE check on provided dependencies
* Bug #19280: Document minimum version of JDK (8u92)
* Bug #19284: Add name to LDAP pool to help debugging
* Bug #19305: In inventory, if there are two "rudder" tag, uuid are concatenated
* Bug #19308: rudder.auth.admin.pass should be stored in bcrypt format
* Bug #19335: When configuring a comment in ssh key in technique ssh key distribution, 6 spaces are added at start of comment line
* Bug #19336: cron management doesn't support multiline entry correctly
* Bug #19343:  Add typos check to CI config
* Bug #19351: Semaphore on Nodeinfoservice is not working
* Architecture #19354: Add ci checks on rudder-agent repo
* Architecture #19355: Add ci check for techniques
* Architecture #19359: Backport typos checks to 6.1
* Architecture #19360: Add ci check for typos in docs
* Architecture #19362: Add ci checks for packages
* Bug #19363: Semaphore in APIAccountRepository,GitArchiverUtils and maybe PolicyServerManagementService are not semaphoring
* Bug #19369: Improve computation of cache in NodeInfoService
* Bug #19374: API shows only part of the memory information
* Bug #19375: relayd on relays fails to retry inventories upload
* Bug #19381: Confusing message when we disable non-compliant-report log
* Bug #19388: Add typos check to CI config
* Bug #19390: Force pylint3 instead of pylint in qa-test
* Bug #19392: Rudder agent check should check if certificate matches private key
* Bug #19394: When a node is totally deleted, cache in NodeInfoService can't know about it
* Bug #19395: Info API is not documented
* Bug #19396: Move use of cache outside of semaphore in NodeInfoService
* Bug #19399: Improve NodeInfo cache
* Bug #19400: Update snakeyaml dependency for security
* Bug #19404: Hardcod the output of the style test TestClassPrefix in success cases
* Architecture #19405: rudder-pkg test should use python3
* Bug #19406: Broken agent postinst script
* Bug #19407: CVE in spring dependency
* Bug #19408: Api doc publish does not require docs label
* Bug #19410: Remaining spring dependencies with CVE impacted version
* Bug #19412: Switch to avocado framwork instead of testall custom script to run the tests
* Bug #19414: Inventory with updated properties doesn't always start a policy generation
* Bug #19418: Typo on Plugin Documentation
* Bug #19420: Update Ansible integration link to Rudder inventory script
* Bug #19429: rudder-agent-postinst fails in 7.0 while closing fd
* Bug #19431: Invalid reporting in file content technique
* Bug #19435: Missing cleanup of /var/rudder/reports/failed
* Bug #19437: Fix docs about HTTPS reporting in non-compliant mode
* Architecture #19441: Improve pylint config and add formatter to rudder-pkg
* Bug #19442: Command injection in plugins repository file names
* Bug #19445: File content always reports repair when "Replace content" is selected
* Bug #19447: Broken short hostname in agent certificate
* Bug #19455: Prevent parameter option injection in remote run
* Bug #19456: Lack of HTML escaping in nodes list
* Bug #19457: Enforce stricter restriction on authorized node id and hostname
* Bug #19458: Validate the hostname field
* Bug #19467: Inefficient comparision of strings in Rudder
* Bug #19477: Policy validation at the end of policy generation spends too much time evaluating things
* Bug #19480: Parent ticket break the plugin scripts execution
* Bug #19493: Remove wrong doc about services passwords
* Bug #19502: Missing 'settings' layer in the allowed_networks API doc
* Bug #19503: Vulnerability in spring-security
* Bug #19513: Hostname is not escaped in page details title and in inherited properties
* Bug #19514: JS in a node name is evaluated in the rule changes
* Bug #19516: Incorrect program execution
* Bug #19523: Improve command error message