## Unreleased: 12.0.0 * [**Jesse Hu**](https://github.com/jessehu): retry on HTTP 50X Error when calling Chef REST API * [**Nolan Davidson**](https://github.com/nsdavidson): The chef-apply command now prints usage information when called without arguments * [**Kazuki Saito**](https://github.com/sakazuki): CHEF-4933: idempotency fixes for ifconfig provider * [**Kirill Shirinkin**](https://github.com/Fodoj): The knife bootstrap command expands the path of the secret-file * [**Malte Swart**](https://github.com/mswart): [CHEF-4101] DeepMerge - support overwriting hash values with nil * [**James Belchamber**](https://github.com/JamesBelchamber): Mount provider remount action now honours options * [**Mark Gibbons**](https://github.com/MarkGibbons): Fix noauto support in Solaris Mount Provider * [**Jordan Evans**](https://github.com/jordane): support version constraints in value_for_platform * [**Yukihiko Sawanobori**](https://github.com/sawanoboly): Add environment resource attribute to scm resources * [**Grzesiek Kolodziejczyk**](https://github.com/grk): Use thread-safe OpenSSL::Digest instead of Digest * [**Grzesiek Kolodziejczyk**](https://github.com/grk): Chef::Digester converted to thread-safe Singleton mixin. * [**Vasiliy Tolstov**](https://github.com/vtolstov): Reload systemd service only if it's running, otherwise start. * [**Chris Jerdonek**](https://github.com/cjerdonek): knife diagnostic messages sent to stdout instead of stderr * [**Xabier de Zuazo**](https://github.com/zuazo): Remove the unused StreamingCookbookUploader class (CHEF-4586) * [**Jacob Vosmaer**](https://github.com/jacobvosmaer): Fix creation of non-empty FreeBSD groups (#1698) * [**Nathan Huff**](https://github.com/nhuff): Check local repository for ips package installs (#1703) * [**Sean Clemmer**](https://github.com/sczizzo): Fix "cron" resource handling of special strings (e.g. @reboot, @yearly) (#1708) * [**Phil Dibowitz**](https://github.com/jaymzh): 'group' provider on OSX properly uses 'dscl' to determine existing groups * [**Hugo Lopes Tavares**](https://github.com/hltbra): Catch StandardError in Chef::ResourceReporter#post_reporting_data (Issue 1550). * [**Daniel O'Connor**](https://github.com/CloCkWeRX): Fix regex causing DuplicateRole error (Issue 1739). * [**Xeron**](https://github.com/xeron): Ability to specify an array for data_bag_path. (CHEF-3399, CHEF-4753) * [**Jordan**](https://github.com/jordane): Use Systemd for recent Fedora and RHEL 7. * [**Xabier de Zuazo**](https://github.com/zuazo): Encrypted data bags should use different HMAC key and include the IV in the HMAC (CHEF-5356). * [**Pierre Ynard**](https://github.com/linkfanel): Don't modify variable passed to env resource when updating. * [**Chris Aumann**](https://github.com/chr4): Add "force" attribute to resource/user, pass "-f" to userdel. (Issue 1601) * [**Brian Cobb**](https://github.com/bcobb): Chef::VersionConstraint#to_s should accurately reflect constraint's behavior. * [**Kevin Graham**](https://github.com/kgraham): Do not override ShellOut:live_stream if already set. * [**Mike Heijmans**](https://github.com/parabuzzle): Change knife option --force to --delete-validators. (Issue 1652) * [**Pavel Yudin**](https://github.com/Kasen): Add Parallels Cloud Server (PCS) platform support. * [**tbe**](https://github.com/tbe): Minor fixes for the Paludis package provider: * only search for non-masked packages, * increase command timeout length for package installation. * [**sawanoboly**](https://github.com/sawanoboly): Use shared_path for deploy resource. * [**Victor Hahn**](https://github.com/victorhahncastell): Add template syntax check to files in the templates/ dir only. * [**Jordan**](https://github.com/jordane): Allow git provider to checkout existing branch names. * [**Eric Herot**](https://github.com/eherot): Add whitespace boundaries to some mount point references in mount provider. * [**Dave Eddy**](https://github.com/bahamas10): Improve the regex for /etc/rc.conf for the FreeBSD service provider * [**Stanislav Bogatyrev**](https://github.com/realloc): Fetch recipe_url before loading json_attribs in chef-solo (CHEF-5075) * [**Mal Graty**](https://github.com/mal): Workaround for a breaking change in git's shallow-clone behavior. (Issue 1563) ### Chef Contributions * Ruby has been updated to 2.1.3 along with rubygems update to 2.4.2 * Removed shelling out to erubis/ruby for syntax checks (>= 1.9 has been able to do this in the ruby vm itself for awhile now and we've dropped 1.8.7 which could not do this and had to shell_out) * Report the request and response when a non-200 error code happens * [FEATURE] Upgrade `knife upload` and `knife download` to download **everything** in an organization, now including the organization definition itself (`knife download /org.json`) and the invitations and member list (`knife download /invitations.json` and `knife download /members.json`). Should be compatible with knife-ec-backup. * Make default Windows paths more backslashy * `knife` now prefers to load `config.rb` in preference to `knife.rb`; `knife.rb` will be used if `config.rb` is not found. * Fixed Config[:cache_path] to use path_join() * Updated chef-zero to 3.0, so that client tests can be run against Enterprise Chef as well as Open Source. * knife cookbook site download/list/search/share/show/unshare now uses supermerket.getchef.com urls * added Chef::ResourceCollection#insert_at API to the ResourceCollection * http_proxy and related config vars no longer clobber already set ENV vars * all http_proxy configs now set lowercase + uppercase versions of ENV vars * https_proxy/ftp_proxy support setting `http://` URLs (and whatever mix and match makes sense) * End-to-end tests for Ubuntu 12.04 * Only run end-to-end tests when secure environment variables are present. * Remove recipe DSL from base provisioner (Issue 1446). * Enable client-side key generation by default. (Issue 1711) * CookbookSiteStreamingUploader now uses ssl_verify_mode config option (Issue 1518). * chef/json_compat now throws its own exceptions not JSON gem exceptions * Modify action for env raises Chef::Exceptions::Env exception on Windows (Chef Issues 1754) * Fix a bug in the experimental Policyfile mode that caused errors when using templates. * Disable JSON encoding of request body when non-JSON content type is specified. * Clean up FileVendor and CookbookUploader internal APIs * log resource now marks itself as supporting why-run * http_request no longer appends "?message=" query string to GET and HEAD requests * added shell_out commands directly to the recipe DSL * cookbook synchronizer deletes old files from cookbooks * do not clear file cache when override run list is set (CHEF-3684) * ruby 1.8.7/1.9.1/1.9.2 support is dropped * set no_lazy_load to true (CHEF-4961) * set file_stating_uses_destdir config option default to true (CHEF-5040) * remove dependency on rest-client gem * Add method shell_out_with_systems_locale to ShellOut. * chef-repo rake tasks are deprecated; print relevant information for each one. * Fix RPM package version detection (Issue 1554) * Don't override :default provider map if :default passed as platform (OC-11667). * Fix SuSE package removal failure (Issue 1732). * Enable Travis to run Test Kitchen with Kitchen EC2. * Fix a bug in reporting not to post negative duration values. * Add password setting support for Mac 10.7, 10.8 and 10.9 to the dscl user provider. * ChefSpec can find freebsd_package resource correctly when a package resource is declared on Freebsd. * Autodetect/decrypt encrypted data bag items with data_bag_item dsl method. (Issue 1837, Issue 1849) * windows_user: look up username instead of resource name (Issue #1705) * Remove the unused bootstrap templates that install chef from rubygems * Remove the Chef 10 functionality from bootstrap. * Deprecate --distro / --template_file options in favor of --boostrap-template * Add `:node_ssl_verify_mode` & `:node_verify_api_cert` options to bootstrap to be able to configure these settings on the bootstrapped node. * Add partial_search dsl method to Chef::Search::Query, add result filtering to search. * Transfer trusted certificates under :trusted_certs_dir during bootstrap. * Set :ssl_verify_mode to :verify_peer by default. * Add homebrew provider for package resource, use it by default on OS X (Issue #1709) * Add escape_glob method to PathHelper, update glob operations. * Verify x509 properties of certificates in the :trusted_certs_dir during knife ssl check. * Disable unforked interval chef-client runs. ## Last Release: 11.14.2 * [**Jess Mink**](https://github.com/jmink): Symlinks to directories should be swingable on windows (CHEF-3960) * [**Phil Dibowitz**](https://github.com/jaymzh): SIGTERM will once-more kill a non-daemonized chef-client (CHEF-5172) * [**Pierre Ynard**](https://github.com/linkfanel): chef-service-manager should run as a non-interactive service (CHEF-5150) * [**Tensibai Zhaoying**](https://github.com/Tensibai): Fix file:// URI support in remote\_file on windows (CHEF-4472) * [**John Dyer**](https://github.com/johntdyer): Catch HTTPServerException for 404 in remote_file retry (CHEF-5116) * [**Pavel Yudin**](https://github.com/Kasen): Providers are now set correctly on CloudLinux. (CHEF-5182) * [**Joe Richards**](https://github.com/viyh): Made -E option to work with single lettered environments. (CHEF-3075) * [**Jimmy McCrory**](https://github.com/JimmyMcCrory): Added a 'knife node environment set' command. (CHEF-1910) * [**Hongbin Lu**](https://github.com/hongbin): Made bootstrap report authentication exceptions. (CHEF-5161) * [**Richard Manyanza**](https://github.com/liseki): Made `freebsd_package` resource use the brand new "pkgng" package manager when available.(CHEF-4637) * [**Nikhil Benesch**](https://github.com/benesch): Implemented a threaded download queue for synchronizing cookbooks. (CHEF-4423) * [**Chulki Lee**](https://github.com/chulkilee): Raise an error when source is accidently passed to apt_package (CHEF-5113) * [**Cam Cope**](https://github.com/ccope): Add an open_timeout when opening an http connection (CHEF-5152) * [**Sander van Harmelen**](https://github.com/svanharmelen): Allow environment variables set on Windows to be used immediately (CHEF-5174) * [**Luke Amdor**](https://github.com/rubbish): Add an option to configure the chef-zero port (CHEF-5228) * [**Ricardo Signes**](https://github.com/rjbs): Added support for the usermod provider on OmniOS * [**Anand Suresh**](https://github.com/anandsuresh): Only modify password when one has been specified. (CHEF-5327) * [**Stephan Renatus**](https://github.com/srenatus): Add exception when JSON parsing fails. (CHEF-5309) * [**Xabier de Zuazo**](https://github.com/zuazo): OK to exclude space in dependencies in metadata.rb. (CHEF-4298) * [**Łukasz Jagiełło**](https://github.com/ljagiello): Allow cookbook names with leading underscores. (CHEF-4562) * [**Michael Bernstein**](https://github.com/mrb): Add Code Climate badge to README. * [**Phil Sturgeon**](https://github.com/philsturgeon): Documentation that -E is not respected by knife ssh [search]. (CHEF-4778) * [**Stephan Renatus**](https://github.com/srenatus): Fix resource_spec.rb. * [**Sander van Harmelen**](https://github.com/svanharmelen): Ensure URI compliant urls. (CHEF-5261) * [**Robby Dyer**](https://github.com/robbydyer): Correctly detect when rpm_package does not exist in upgrade action. (CHEF-5273) * [**Sergey Sergeev**](https://github.com/zhirafovod): Hide sensitive data output on chef-client error (CHEF-5098) * [**Mark Vanderwiel**](https://github.com/kramvan1): Add config option :yum-lock-timeout for yum-dump.py * [**Peter Fern**](https://github.com/pdf): Convert APT package resource to use `provides :package`, add timeout parameter. * [**Xabier de Zuazo**](https://github.com/zuazo): Fix Chef::User#list API error when inflate=true. (CHEF-5328) * [**Raphaël Valyi**](https://github.com/rvalyi): Use git resource status checking to reduce shell_out system calls. * [**Eric Krupnik**](https://github.com/ekrupnik): Added .project to git ignore list. * [**Ryan Cragun**](https://github.com/ryancragun): Support override_runlist CLI option in shef/chef-shell. (CHEF-5314) * [**Cam Cope**](https://github.com/ccope): Fix updating user passwords on Solaris. (CHEF-5247) * [**Ben Somers**](https://github.com/bensomers): Enable storage of roles in subdirectories for chef-solo. (CHEF-4193) * [**Robert Tarrall**](https://github.com/tarrall): Fix Upstart provider with parameters. (CHEF-5265) * [**Klaas Jan Wierenga**](https://github.com/kjwierenga): Don't pass on default HTTP port(80) in Host header. (CHEF-5355) * [**MarkGibbons**](https://github.com/MarkGibbons): Allow for undefined solaris services in the service resource. (CHEF-5347) * [**Allan Espinosa**](https://github.com/aespinosa): Properly knife bootstrap on ArchLinux. (CHEF-5366) * [**Matt Hoyle**](https://github.com/deployable): Made windows service resource to handle transitory states. (CHEF-5319, CHEF-4791) * [**Brett cave**](https://github.com/brettcave): Add Dir.pwd as fallback for default user_home if home directory is not set. (CHEF-5365) * [**Caleb Tennis**](https://github.com/ctennis): Add support for automatically using the Systemd service provider when available. (CHEF-3637) * [**Matt Hoyle**](https://github.com/deployable): Add timeout for Chef::Provider::Service::Windows. (CHEF-1165) * [**Jesse Hu**](https://github.com/jessehu): knife[:attribute] in knife.rb should not override --attribute (CHEF-5158) * [**Vasiliy Tolstov**](https://github.com/vtolstov): Added the initial exherbo linux support for Chef providers. * Fix knife cookbook site share on windows (CHEF-4994) * YAJL Allows Invalid JSON File Sending To The Server (CHEF-4899) * YAJL Silently Ingesting Invalid JSON and "Normalizing" Incorrectly (CHEF-4565) * Update rpm provider checking regex to allow for special characters (CHEF-4893) * Allow for spaces in selinux controlled directories (CHEF-5095) * Windows batch resource run action fails: " TypeError: can't convert nil into String" (CHEF-5287) * Log resource always triggers notifications (CHEF-4028) * Prevent tracing? from throwing an exception when first starting chef-shell. * Use Upstart provider on Ubuntu 13.10+. (CHEF-5276) * Cleaned up mount provider superclass * Added "knife serve" to bring up local mode as a server * Print nested LWRPs with indentation in doc formatter output * Make local mode stable enough to run chef-pedant * Wrap code in block context when syntax checking so `return` is valid (CHEF-5199) * Quote git resource rev\_pattern to prevent glob matching files (CHEF-4940) * User resource now only prints the name during why-run runs. (CHEF-5180) * Set --run-lock-timeout to wait/bail if another client has the runlock (CHEF-5074) * remote\_file's source attribute does not support DelayedEvaluators (CHEF-5162) * `option` attribute of mount resource now supports lazy evaluation. (CHEF-5163) * `force_unlink` now only unlinks if the file already exists. (CHEF-5015) * `chef_gem` resource now uses omnibus gem binary. (CHEF-5092) * chef-full template gets knife options to override install script url, add wget/curl cli options, and custom install commands (CHEF-4697) * knife now bootstraps node with the latest current version of chef-client. (CHEF-4911) * Add config options for attribute whitelisting in node.save. (CHEF-3811) * Use user's .chef as a fallback cache path if /var/chef is not accessible. (CHEF-5259) * Fixed Ruby 2.0 Windows compatibility issues around ruby-wmi gem by replacing it with wmi-lite gem. * Set proxy environment variables if preset in config. (CHEF-4712) * Automatically enable verify_api_cert when running chef-client in local-mode. (Chef Issues 1464) * Add helper to warn for broken [windows] paths. (CHEF-5322) * Send md5 checksummed data for registry key if data type is binary, dword, or qword. (Chef-5323) * Add warning if host resembles winrm command and knife-windows is not present. * Use FFI binders to attach :SendMessageTimeout to avoid DL deprecation warning. (ChefDK Issues 69) * Use 'guest' user on AIX for RSpec tests. (OC-9954) * Added DelayedEvaluator support in LWRP using the `lazy {}` key * Fixed a bug where nested resources that inherited from Resource::LWRPBase would not share the same actions/default_action as their parent * Raise error if a guard_interpreter is specified and a block is passed to a guard (conditional) * Allow specifying a guard_interpreter after a conditional on a resource (Fixes #1943)