From abfc48b8949e1a18f2e68d2ff25df7b2446a9b85 Mon Sep 17 00:00:00 2001 From: John McCrae Date: Wed, 8 Jan 2025 19:48:13 +0000 Subject: [PATCH 1/7] updating winrm to overcome a CVE Signed-off-by: John McCrae --- winrm-fs.gemspec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/winrm-fs.gemspec b/winrm-fs.gemspec index b2596e5..0093e63 100644 --- a/winrm-fs.gemspec +++ b/winrm-fs.gemspec @@ -31,9 +31,9 @@ Gem::Specification.new do |s| s.add_runtime_dependency 'erubi', '>= 1.7' s.add_runtime_dependency 'logging', ['>= 1.6.1', '< 3.0'] s.add_runtime_dependency 'rubyzip', '~> 2.0' - s.add_runtime_dependency 'winrm', '~> 2.0' + s.add_runtime_dependency 'chef-winrm', '>= 2.3.10' s.add_development_dependency 'pry' - s.add_development_dependency 'rake', '>= 10.3', '< 13' + s.add_development_dependency 'rake', '>= 13.2.1' s.add_development_dependency 'rspec', '~> 3.0' s.add_development_dependency 'rubocop', '~> 1.26.0' end From 64d1d218ffdd5f782e92162b6413f457fe741485 Mon Sep 17 00:00:00 2001 From: John McCrae Date: Wed, 8 Jan 2025 19:53:25 +0000 Subject: [PATCH 2/7] updating winrm to overcome a CVE Signed-off-by: John McCrae --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cda1c1b..cb1cbbd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,8 +12,8 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-18.04, windows-2019] - ruby: ['2.6', '2.7', '3.0', '3.1'] + os: [ubuntu-24.04, windows-2019] + ruby: ['3.0', '3.1'] runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v2 From 0ce665e4f3a233040fde705a929e2a8396b1ec25 Mon Sep 17 00:00:00 2001 From: John McCrae Date: Wed, 8 Jan 2025 19:56:55 +0000 Subject: [PATCH 3/7] updating winrm to overcome a CVE Signed-off-by: John McCrae --- winrm-fs.gemspec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/winrm-fs.gemspec b/winrm-fs.gemspec index 0093e63..201adc1 100644 --- a/winrm-fs.gemspec +++ b/winrm-fs.gemspec @@ -27,11 +27,11 @@ Gem::Specification.new do |s| s.bindir = 'bin' s.executables = ['rwinrmcp'] - s.required_ruby_version = '>= 2.5.0' + s.add_runtime_dependency 'chef-winrm', '>= 2.3.10' + s.required_ruby_version '>= 3.0' s.add_runtime_dependency 'erubi', '>= 1.7' s.add_runtime_dependency 'logging', ['>= 1.6.1', '< 3.0'] s.add_runtime_dependency 'rubyzip', '~> 2.0' - s.add_runtime_dependency 'chef-winrm', '>= 2.3.10' s.add_development_dependency 'pry' s.add_development_dependency 'rake', '>= 13.2.1' s.add_development_dependency 'rspec', '~> 3.0' From a26558b6702f83eeaa3accea895e087810421716 Mon Sep 17 00:00:00 2001 From: John McCrae Date: Wed, 8 Jan 2025 19:58:34 +0000 Subject: [PATCH 4/7] updating winrm to overcome a CVE Signed-off-by: John McCrae --- winrm-fs.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/winrm-fs.gemspec b/winrm-fs.gemspec index 201adc1..7436f91 100644 --- a/winrm-fs.gemspec +++ b/winrm-fs.gemspec @@ -28,7 +28,7 @@ Gem::Specification.new do |s| s.bindir = 'bin' s.executables = ['rwinrmcp'] s.add_runtime_dependency 'chef-winrm', '>= 2.3.10' - s.required_ruby_version '>= 3.0' + s.required_ruby_version = '>= 3.0' s.add_runtime_dependency 'erubi', '>= 1.7' s.add_runtime_dependency 'logging', ['>= 1.6.1', '< 3.0'] s.add_runtime_dependency 'rubyzip', '~> 2.0' From ab1ae26f7a8179cdb4d10d28e878aacafa615655 Mon Sep 17 00:00:00 2001 From: John McCrae Date: Wed, 8 Jan 2025 20:00:17 +0000 Subject: [PATCH 5/7] updating winrm to overcome a CVE Signed-off-by: John McCrae --- .rubocop.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.rubocop.yml b/.rubocop.yml index 4f21afe..4bb59ef 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,6 +1,6 @@ inherit_from: .rubocop_todo.yml AllCops: - TargetRubyVersion: 2.5 + TargetRubyVersion: 3.0 Naming/FileName: Exclude: From 4820fb976824a74f8969d7ea1db384e61a489b7d Mon Sep 17 00:00:00 2001 From: John McCrae Date: Wed, 8 Jan 2025 20:09:09 +0000 Subject: [PATCH 6/7] updating winrm to overcome a CVE Signed-off-by: John McCrae --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 80e78df..95b25ae 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.3.5 +1.3.6 From d3c8732789458874ea98fab653bb31f29a6844a9 Mon Sep 17 00:00:00 2001 From: John McCrae Date: Wed, 8 Jan 2025 21:56:18 +0000 Subject: [PATCH 7/7] updating winrm to overcome a CVE Signed-off-by: John McCrae --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cb1cbbd..985aeb8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-24.04, windows-2019] + os: [windows-2022, windows-2019] ruby: ['3.0', '3.1'] runs-on: ${{ matrix.os }} steps: