ChefDK 4.5.0 has been released with updated Chef Infra Client and InSpec along with a number of updated knife plugins. Give it a try!
We are now publishing Habitat packages for ChefDK 4. See chef/chef-dk on Habitat Depot for a complete list of available versions.
Chef Infra Client
Chef Infra Client has been updated from 15.3 to 15.4 with updated resources and several significant fixes to
knife bootstrap. See the Chef Infra Client 15.4 Release Notes for a complete list of the new and improved functionality.
Chef InSpec has been updated from 4.16 to 4.18 with the following changes:
- We have released our beta Chef InSpec plug-in for HashiCorp Vault. Check it out in our inspec-vault GitHub repo and let us know what you think -- or better yet, start jumping in and contributing with us on it.
- Waivers, our new beta feature, was added to InSpec! Waivers allows you to better manage compliance failures. We would love to hear your feedback on this! See the InSpec Waivers documentation for more details.
interfaceresource now has a name property.
userresource to include the passwordage, maxbadpasswords, and badpasswordattempts properties with Windows.
sys_inforesource now supports ip_address, fqdn, domain, and short options when giving a version of the hostname.
- Sped up initial load/response time for all commands by removing pre-leading of resources on invocation of inspec.
- If an error occurs when using the
jsonresource with a command source, you will now get the error message from STDERR returned in the report.
- We improved the formatting of the usage help, so what you see when you type
inspec exec --helpshould look better!
Cookstyle has been updated from 5.6.2 to 5.9.3, which includes 13 new Chef cops, improved detection in existing cops, and improved autocorrection. See the Cookstyle 5.7, 5.8, and 5.9 release notes for additional information on the new cops.
knife-google was updated from 4.1.0 to 4.2.0 with support for adding multiple local SSD interfaces to a new instance.
knife-vsphere was updated from 4.0.1 to 4.0.3, which resolves a bug in determining the state of instances.
Ruby has been updated from 2.6.4 to 2.6.5 in order to resolve the following CVEs:
- CVE-2019-16255: A code injection vulnerability of Shell# and Shell#test
- CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
- CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
- CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick’s Digest access authentication