Recommended update for python-msrestazure and it's dependencies

SUSE Recommended Update: Recommended update for python-msrestazure and it's dependencies
Announcement ID: SUSE-RU-2018:3405-1
Rating: moderate
References: #1109694
Affected Products:
  • SUSE Linux Enterprise Module for Public Cloud 15

An update that has one recommended fix can now be installed.


This update for python-adal, python-isodate, python-msrest, python-msrestazure fixes the following issues:

  • Update to version 0.5.0

+ Features * Implementation is now using ADAL and not request-oauthlib. This allows more AD scenarios (like federated). * Add additionalInfo parsing for CloudError. * Implement new LRO options of Autorest. * Improve MSI for VM token polling algorithm. * MSIAuthentication now uses IMDS endpoint if available. * MSIAuthentication can be used in any environment that defines MSI_ENDPOINT env variable. * CloudError now includes the "innererror" attribute to match OData v4. * Introduces ARMPolling implementation of Azure Resource Management LRO. * Add support for WebApp/Functions in MSIAuthentication classes. * Add parse_resource_id(), resource_id(), validate_resource_id() to parse ARM ids. * Retry strategy now n reach 24 seconds (instead of 12 seconds). * Add Managed Service Integrated (MSI) authentication. * Add "timeout" to ServicePrincipalCredentials and UserPasswordCredentials. * Threads created by AzureOperationPoller have now a name prefixed by "AzureOperationPoller" to help identify them. * Improve MSIAuthentication to support User Assigned Identity.
+ Bugfixes * MSIAuthentication regression for KeyVault since IMDS support. * MSIAuthentication should initialize the token attribute on creation. * Fixes refreshToken in UserPassCredentials and AADTokenCredentials. * Fix US government cloud definition. * Reduce max MSI polling time for VM. * IMDS/MSI: Retry on more error codes. * IMDS/MSI: Fix a boundary case on timeout. * Fix parse_resource_id() tool to be case*insensitive to keywords when matching. * Add missing baseclass init call for AdalAuthentication. * Fix LRO result if POST uses AsyncOperation header. * Remove a possible infinite loop with MSIAuthentication. * Fix session obj for cloudmetadata endpoint. * Fix authentication resource node for AzureSatck. * Better detection of AppService with MSIAuthentication. * get_cloud_from_metadata_endpoint incorrect on AzureStack. * get_cloud_from_metadata_endpoint certificate issue. * Fix AttributeError if error JSON from ARM does not follow ODatav4 (as it should). * Fix AttributeError if input JSON is not a dict. * Fix AdalError handling in some scenarios. * Update Azure Gov login endpoint. * Update metadata ARM endpoint parser.
+ Incompatible changes * Remove unused auth_uri, state, client and token_uri attributes in ServicePrincipalCredentials, UserPassCredentials and AADTokenCredentials. * Remove token caching based on "keyring". Token caching should be implemented using ADAL now. * Remove InteractiveCredentials. This class was deprecated and unusable. Use ADAL device code instead.
  • Update to version 0.5.0

+ Require python-enum32 and python-typing.
+ Features * Support additionalProperties and XML. * Deserialize/from_dict now accepts a content*type parameter to parse XML strings. * Add XML support * Add many type hints, and MyPY testing on CI. * HTTP calls are made through a HTTPDriver API. Only implementation is `requests` for now. This driver API is *not* considered stable and you should pin your msrest version if you want to provide a personal implementation. * msrest is now able to keep the "requests.Session" alive for performance. * All Authentication classes now define `signed_session` and `refresh_session` with an optional `session` parameter. * Disable HTTP log by default (security), add `enable_http_log` to restore it. * Add TopicCredentials for EventGrid client. * Add LROPoller class. This is a customizable LRO engine. * Model now accept kwargs in constructor for future kwargs models. * Add support for additional_properties. * The interpretation of Swagger 2.0 "discriminator" is now lenient. * Add ApiKeyCredentials class. This can be used to support OpenAPI ApiKey feature. * Add CognitiveServicesAuthentication class. Pre*declared ApiKeyCredentials class for Cognitive Services. * Add Configuration.session_configuration_callback to customize the requests.Session if necessary. * Add a flag to Serializer to disable client*side*validation. * Remove "import requests" from "" for apps that require fast loading time. * Input is now more lenient. * Model have a "validate" method to check content constraints. * Model have now new methods for serialize, as_dict, deserialize and from_dict.
+ Bugfixes * Fix a serialization issue if additional_properties is declared, and "automatic model" syntax is used ("automatic model" being the ability to pass a dict to command and have the model auto*created). * Better parse empty node and not string types. * Improve "object" XML parsing. * Fix some XML serialization subtle scenarios. * Fix some complex XML Swagger definitions. * Lower Accept header overwrite logging message. * Fix 'object' type and XML format. * Incorrect milliseconds serialization for some datetime object. * Improve `SDKClient.__exit__` to take exc_details as optional parameters and not required. * Refresh_session should also use the permanent HTTP session if available. * Fix incorrect date parsing if ms precision is over 6 digits. * Fix minimal dependency of isodate. * Fix serialisation from dict if datetime provided. * Date parsing is now compliant with Autorest / Swagger 2.0 specification (less lenient). * Accept to deserialize enum of different type if content string match. * Stop failing on deserialization if enum string is unkwon. Return the string instead. * Do not validate additional_properties. * Improve validation error if expected type is dict, but actual type is not. * Fix additional_properties if Swagger was flatten. * Optional formdata parameters were raising an exception. * "application/x*www*form*urlencoded" form was sent using "multipart/form*data". * Fix regression: accept "set" as a valid "[str]" * Always log response body. * Improved exception message if error JSON is Odata v4. * Refuse "str" as a valid "[str]" type. * Better exception handling if input from server is not JSON valid. * Fix regression introduced in msrest 0.4.12 * dict syntax with enum modeled as string and enum used. * Fix regression introduced in msrest 0.4.12 * dict syntax using isodate.Duration. * Better Enum checking.
+ Internal optimisation * Call that does not return a streamable object are now executed in requests stream mode False (was True whatever the type of the call). This should reduce the number of leaked opened session and allow urllib3 to manage connection pooling more efficiently. Only clients generated with Autorest.Python >= 2.1.31 (not impacted otherwise, fully backward compatible)
+ Deprecation * Trigger DeprecationWarning for _client.add_header and _client.send_formdata.
  • Update to version 1.0.2

  • Update to version 0.6.0 + Support incomplete month date. + Rely on duck typing when doing duration maths. + Support ':' as separator in fractional time zones.

Patch Instructions:

To install this SUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Module for Public Cloud 15:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2018-2442=1

Package List:

  • SUSE Linux Enterprise Module for Public Cloud 15 (noarch):
    • python3-adal-1.0.2-3.3.1
    • python3-isodate-0.6.0-3.3.1
    • python3-msrest-0.5.5-3.3.1
    • python3-msrestazure-0.5.0-3.3.1