[PR] Generate methods to reset params [cloudstack-go]

[via GitHub]

vishesh92 opened a new pull request, #84:
URL: https://github.com/apache/cloudstack-go/pull/84

   (no comment)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PROPOSAL] Update the 4.20.0.0 release schedule

[João Jandre]

Hi all,

Regarding the original 4.20.0.0 release schedule proposed here: 
https://lists.apache.org/thread/nyoddmwydz2t59hsfs7gf0vozlf7n434, I 
would like to propose an update to it.


Considering that:
1. The community expended a lot of time working to fix the CVEs that 
were recently found;

2. The community is busy with 4.19.1.0;
3. The original schedule would put the COCEU 2024 and the RC1 on the 
same week;


I think we should postpone the 4.20.0.0 release for at least a month. 
That being said, here is the updated schedule I propose:


- On the first week of July, we freeze the main branch. That means any 
feature must be in by the last week of June. Only accept 
critical/blocker issues until the second week of July.
- On the second week of July, cut 4.20.0.0 RC1 and further RCs if 
necessary, start/conclude vote, and finish release work.


What are your thoughts?

Best Regards,
João Jandre

[PR] Bump jinja2 from 3.1.3 to 3.1.4 [cloudstack-documentation]

[via GitHub]

dependabot[bot] opened a new pull request, #399:
URL: https://github.com/apache/cloudstack-documentation/pull/399

   Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4.
   
   Release notes
   Sourced from https://github.com/pallets/jinja/releases";>jinja2's releases.
   
   3.1.4
   This is the Jinja 3.1.4 security release, which fixes security issues and 
bugs but does not otherwise change behavior and should not result in breaking 
changes.
   PyPI: https://pypi.org/project/Jinja2/3.1.4/";>https://pypi.org/project/Jinja2/3.1.4/
   Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4";>https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4
   
   The xmlattr filter does not allow keys with / 
solidus, > greater-than sign, or = equals sign, in 
addition to disallowing spaces. Regardless of any validation done by Jinja, 
user input should never be used as keys to this filter, or must be separately 
validated first. GHSA-h75v-3vvj-5mfj
   
   
   
   
   Changelog
   Sourced from https://github.com/pallets/jinja/blob/main/CHANGES.rst";>jinja2's 
changelog.
   
   Version 3.1.4
   Released 2024-05-05
   
   The xmlattr filter does not allow keys with / 
solidus, >
   greater-than sign, or = equals sign, in addition to disallowing 
spaces.
   Regardless of any validation done by Jinja, user input should never be used
   as keys to this filter, or must be separately validated first.
   :ghsa:h75v-3vvj-5mfj
   
   
   
   
   Commits
   
   https://github.com/pallets/jinja/commit/dd4a8b5466d8790540c181590b14db4d4d889d57";>dd4a8b5
 release version 3.1.4
   https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb";>0668239
 Merge pull request from GHSA-h75v-3vvj-5mfj
   https://github.com/pallets/jinja/commit/d655030770081e2dfe46f90e27620472a502289d";>d655030
 disallow invalid characters in keys to xmlattr filter
   https://github.com/pallets/jinja/commit/a7863ba9d3521f1450f821119c50d19d7ecea329";>a7863ba
 add ghsa links
   https://github.com/pallets/jinja/commit/b5c98e78c2ee7d2bf0aa06d29ed9bf7082de9cf4";>b5c98e7
 start version 3.1.4
   https://github.com/pallets/jinja/commit/da3a9f0b804199845fcb76f2e08748bdaeba93ee";>da3a9f0
 update project files (https://redirect.github.com/pallets/jinja/issues/1968";>#1968)
   https://github.com/pallets/jinja/commit/0ee5eb41d1a2d7d9a05a02dc26dd70e63aaaeeb1";>0ee5eb4
 satisfy formatter, linter, and strict mypy
   https://github.com/pallets/jinja/commit/20477c63575175196bfc8103f223cc9f5642595d";>20477c6
 update project files (https://redirect.github.com/pallets/jinja/issues/5457";>#5457)
   https://github.com/pallets/jinja/commit/e491223739dedbb1f4fc6a71340c1484e149d947";>e491223
 update pyyaml dev dependency
   https://github.com/pallets/jinja/commit/36f98854c721f98ba103f97f65a8a098da5af0d7";>36f9885
 fix pr link
   Additional commits viewable in https://github.com/pallets/jinja/compare/3.1.3...3.1.4";>compare 
view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jinja2&package-manager=pip&previous-version=3.1.3&new-version=3.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for 

[I] createUser/updateUser APIs need to be POST [cloudstack-go]

[via GitHub]

mlsorensen opened a new issue, #85:
URL: https://github.com/apache/cloudstack-go/issues/85

   
https://github.com/apache/cloudstack-go/blob/0d335efa7425b204db7a8030522493f829fad6f0/generate/generate.go#L1701
   
   The generation code uses post calls for a subset of APIs that are sensitive. 
Eventually the `listApis` should advertise which APIs these are, but until then 
we need to switch these calls (and any other that may send sensitive info) over 
to use POST.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org