| opendevreview | Shreya Vishwajeet Desai proposed openstack/keystone master: Fix system role assignments in effective role listing https://review.opendev.org/c/openstack/keystone/+/983497 | 02:46 |
|---|---|---|
| opendevreview | Artem Goncharov proposed openstack/keystone master: Prevent unauthorized EC2 credential creation and deletion https://review.opendev.org/c/openstack/keystone/+/983587 | 16:03 |
| opendevreview | Artem Goncharov proposed openstack/keystone stable/2025.2: Prevent unauthorized EC2 credential creation and deletion https://review.opendev.org/c/openstack/keystone/+/983588 | 16:09 |
| opendevreview | Artem Goncharov proposed openstack/keystone stable/2025.1: Prevent unauthorized EC2 credential creation and deletion https://review.opendev.org/c/openstack/keystone/+/983589 | 16:11 |
| opendevreview | Artem Goncharov proposed openstack/keystone stable/2024.2: Prevent unauthorized EC2 credential creation and deletion https://review.opendev.org/c/openstack/keystone/+/983591 | 16:12 |
| opendevreview | Artem Goncharov proposed openstack/keystone stable/2026.1: Prevent unauthorized EC2 credential creation and deletion https://review.opendev.org/c/openstack/keystone/+/983593 | 16:15 |
| fungi | gtema: thanks for pushing those. i saw xek had also attached a backport for unmaintained/2024.1, were you going to push that as well or should i refrain from mentioning it in the advisory? | 16:33 |
| fungi | i'm good with either option, just want to make sure i'm not still waiting for that last upload | 16:33 |
| gtema | ah, that is the unmaintained now. I was heavily strugling since the opendev.org was not reachable at all for me and I wasn't even able to list correct branch names | 16:34 |
| gtema | I'll push it now | 16:34 |
| gtema | but actually, it is unmaintained, so there is no need to wait for that. | 16:35 |
| gtema | I am not even sure our CI is working there | 16:36 |
| fungi | well, we merely link the review url, it doesn't necessarily need to merge. if there's a backport to unmaintained branches we link them in the advisory and include a note saying that it was provided as a convenience but that there won't be any point releases that include it | 16:38 |
| gtema | ok, I pushed it (https://review.opendev.org/c/openstack/keystone/+/983597) but don't see a bot message here | 16:41 |
| fungi | thanks, and yeah it's likely gerritbot isn't matching on unmaintained/.* for that so wouldn't report it here | 16:43 |
| fungi | it did show up in the lp bug though | 16:43 |
| gtema | ok, good | 16:44 |
| -opendevstatus- NOTICE: Load on the opendev.org Gitea backends is under control again for now, if any Zuul jobs failed with SSL errors or disconnects reaching the service prior to 16:15 UTC they can be safely rechecked | 17:03 | |
| opendevreview | Ivan Anfimov proposed openstack/keystone stable/2024.2: fix(pep8): pin setuptools<82 for flake8-import-order compatibility https://review.opendev.org/c/openstack/keystone/+/982658 | 20:39 |
| opendevreview | Boris Bobrov proposed openstack/keystone master: Add tests for restricted app cred guard on EC2 credential creation https://review.opendev.org/c/openstack/keystone/+/983648 | 21:36 |
| opendevreview | Boris Bobrov proposed openstack/keystone master: Add tests for restricted app cred guard https://review.opendev.org/c/openstack/keystone/+/983648 | 21:36 |
| opendevreview | Boris Bobrov proposed openstack/keystone master: Block restricted app creds from creating EC2 credentials via /credentials https://review.opendev.org/c/openstack/keystone/+/983655 | 21:57 |
| opendevreview | Boris Bobrov proposed openstack/keystone master: Block app cred tokens from authorizing OAuth1 requests https://review.opendev.org/c/openstack/keystone/+/983656 | 21:57 |
Generated by irclog2html.py 4.1.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!