canonical · lucasmoura · Sep 12, 2024 · Sep 9, 2024 · Jul 31, 2024 · Jul 19, 2024
diff --git a/.github/actions/pr-checklist/index.js b/.github/actions/pr-checklist/index.js
@@ -324,6 +324,7 @@ async function run() {
             issue_number: context.issue.number,
             content: "eyes"
         });
+        errors.push("First run. Please fill out the checklist.")
     }
 
     if (errors.length > 0) {

diff --git a/.github/workflows/ci-integration.yaml b/.github/workflows/ci-integration.yaml
@@ -27,7 +27,7 @@ jobs:
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        release: ['xenial', 'bionic', 'focal', 'jammy', 'mantic', 'noble']
+        release: ['xenial', 'bionic', 'focal', 'jammy', 'noble']
     steps:
       - name: Prepare build tools
         env:
@@ -56,7 +56,7 @@ jobs:
           sg sbuild -c "sbuild --dist='${{ matrix.release }}' --resolve-alternatives --no-clean-source --nolog --verbose --no-run-lintian --build-dir='${{ runner.temp }}'"
           mv ../*.deb '${{ runner.temp }}'  # Workaround for Debbug: #990734, drop in Jammy
       - name: Archive debs as artifacts
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: 'ci-debs-${{ matrix.release }}'
           path: '${{ runner.temp }}/*.deb'
@@ -70,7 +70,7 @@ jobs:
       # as much information as possible from them.
       fail-fast: false
       matrix:
-        release: ['bionic', 'focal', 'jammy', 'mantic', 'noble']
+        release: ['bionic', 'focal', 'jammy', 'noble']
         platform: ['lxd-container']
         host_os: ['ubuntu-22.04']
         include:
@@ -109,7 +109,7 @@ jobs:
       - name: Git checkout
         uses: actions/checkout@v3
       - name: Retrieve debs
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4.1.7
         with:
           name: 'ci-debs-${{ matrix.release }}'
           path: '${{ runner.temp }}'
@@ -155,7 +155,7 @@ jobs:
           sg lxd -c "tox -e behave -- -D machine_types=${{ matrix.platform }} -D releases=${{ matrix.release }} --tags=-slow --tags=-upgrade --tags=-no_gh --tags=-vpn"
       - name: Archive test artifacts
         if: always()
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: 'ci-behave-${{ matrix.release }}'
           path: '${{ runner.temp }}/artifacts/behave*'

diff --git a/README.md b/README.md
@@ -15,7 +15,6 @@
 [![Released Bionic Version](https://img.shields.io/ubuntu/v/ubuntu-advantage-tools/bionic?label=Bionic&logo=ubuntu&logoColor=white)](https://launchpad.net/ubuntu/bionic/+source/ubuntu-advantage-tools)
 [![Released Focal Version](https://img.shields.io/ubuntu/v/ubuntu-advantage-tools/focal?label=Focal&logo=ubuntu&logoColor=white)](https://launchpad.net/ubuntu/focal/+source/ubuntu-advantage-tools)
 [![Released Jammy Version](https://img.shields.io/ubuntu/v/ubuntu-advantage-tools/jammy?label=Jammy&logo=ubuntu&logoColor=white)](https://launchpad.net/ubuntu/jammy/+source/ubuntu-advantage-tools)
-[![Released Mantic Version](https://img.shields.io/ubuntu/v/ubuntu-advantage-tools/mantic?label=Mantic&logo=ubuntu&logoColor=white)](https://launchpad.net/ubuntu/mantic/+source/ubuntu-advantage-tools)
 [![Released Noble Version](https://img.shields.io/ubuntu/v/ubuntu-advantage-tools/noble?label=Noble&logo=ubuntu&logoColor=white)](https://launchpad.net/ubuntu/noble/+source/ubuntu-advantage-tools)
 [![Released Oracular Version](https://img.shields.io/ubuntu/v/ubuntu-advantage-tools/oracular?label=Oracular&logo=ubuntu&logoColor=white)](https://launchpad.net/ubuntu/oracular/+source/ubuntu-advantage-tools)
 

diff --git a/apt-hook/20apt-esm-hook.conf b/apt-hook/20apt-esm-hook.conf
@@ -3,5 +3,5 @@ APT::Update::Pre-Invoke {
 };
 
 binary::apt::AptCli::Hooks::Upgrade {
-	"[ ! -f /usr/lib/ubuntu-advantage/apt-esm-json-hook ] || /usr/lib/ubuntu-advantage/apt-esm-json-hook 2>> /var/log/ubuntu-advantage-apt-hook.log || true";
+	"[ ! -f /usr/lib/ubuntu-advantage/apt-esm-json-hook ] || [ $(id -u) -ne 0 ] || /usr/lib/ubuntu-advantage/apt-esm-json-hook 2>> /var/log/ubuntu-advantage-apt-hook.log || true";
 };
diff --git a/debian/apparmor/ubuntu_pro_apt_news.jinja2 b/debian/apparmor/ubuntu_pro_apt_news.jinja2
@@ -19,6 +19,9 @@ profile ubuntu_pro_apt_news flags=(attach_disconnected) {
   capability dac_read_search,
   # GH: 3079
   capability dac_override,
+  capability kill,
+  capability chown,
+  capability fowner,
 
   /etc/apt/** r,
   /etc/default/apport r,
@@ -41,7 +44,8 @@ profile ubuntu_pro_apt_news flags=(attach_disconnected) {
   /var/lib/ubuntu-advantage/messages/ rw,
   /var/lib/ubuntu-advantage/messages/* rw,
   /run/ubuntu-advantage/ rw,
-  /run/ubuntu-advantage/* rw,
+  /run/ubuntu-advantage/apt-news/ rw,
+  /run/ubuntu-advantage/apt-news/* rw,
 
   # LP: #2072489
   # the apt-news package selector needs access to packaging information

diff --git a/debian/changelog b/debian/changelog
@@ -1,3 +1,51 @@
+ubuntu-advantage-tools (35) oracular; urgency=medium
+
+  * d/tests/usage: add more scenarios to dep8 tests
+  * New upstream release 35: (LP: #2083973)
+    - api:
+      + new endpoints:
+        * u.pro.attach.guest.get_guest_token.v1: Get the Pro client guest
+          token
+        * u.pro.config.v1: Show the Pro configuration in the machine
+        * u.pro.packages.updates_with_cves.v1: List the package updates
+          available and the CVEs that will be fixed by those updates
+        * u.pro.security.vulnerabilities.cve.v1: List the fixable CVEs that
+          affect the system
+        * u.pro.security.vulnerabilities.usn.v1: List the fixable USNs that
+          affect the system
+        * u.pro.services.list.v1: Show the services provided by Pro
+        * u.pro.status.notices.v1: Show the active Pro notices in the machine
+        * u.pro.subscription.v1: Show information about the Pro subscription
+          in the machine
+        * u.pro.token_info.v1: Show the Pro token information
+      + u.pro.packages.updates.v1: create new package
+        status: upgrade_available_not_preferred (GH: #3184)
+      + fixes for u.unattended_upgrades.status.v1:
+        * do not crash when a Unattended-Upgrade config is missing
+        * do not report unattended-upgrade disabled if any config is false
+        * report missing Unattended-Upgrade configs as turned off
+    - apt:
+      + always ensure the ESM cache is present (GH: #3132)
+      + silence warnings when fetching apt-news (GH: #3209, LP: #2070095)
+      + update logging for apt errors (GH: #3299)
+      + only run the apt upgrade hook when run as root (LP: #2084677)
+    - cli:
+      + add support for vulnerability commands:
+        * pro vulnerability list: List fixable vulnerabilities in the machine
+        * pro vulnerability show: Show information about an affected
+          vulnerability
+        * pro vulnerability update: Update the vulnerability data on the
+          machine
+    - config: add option lxd_guest_attach to control LXD integration with Pro
+    - contract:
+      + check onlySeries on reboot (GH: #3189)
+      + collect cpu type for activity info
+    - landscape:
+      + update message if service not available through Pro (GH: #3331)
+    - lxd: allow pro auto-attach to work on a LXD container
+
+ -- Lucas Moura <[email protected]>  Tue, 08 Oct 2024 16:50:42 -0300
+
 ubuntu-advantage-tools (34) oracular; urgency=medium
 
   * d/rules: check that version.py is consistent with changelog (GH: #3154)
@@ -45,7 +93,7 @@ ubuntu-advantage-tools (33) oracular; urgency=medium
     - contracts: add support for contracts which target a specific series
     - fips: change enable functionality to ensure all packages with a FIPS
       candidate are upgraded to the FIPS version (GH: #2667)
-    - fix: 
+    - fix:
       + add the current_status field to the plan api return object
       + change recommended attach method to magic attach (GH: #3040)
     - livepatch: prefer the term 'coverage' instead of 'support' in messaging
@@ -708,7 +756,7 @@ ubuntu-advantage-tools (27.11~22.10.1) kinetic; urgency=medium
     - pro:
       + Ubuntu Pro is released as a product
       + make `pro` the recommended executable for the client
-      + client, apt and motd messages updated/rewritten to show Pro 
+      + client, apt and motd messages updated/rewritten to show Pro
         information
       + base URL changed from /advantage to /pro
       + ESM services renamed as part of Pro

diff --git a/debian/control b/debian/control
@@ -50,7 +50,6 @@ Depends: ${misc:Depends},
          ${python3:Depends},
          ${shlibs:Depends},
          python3-apt,
-         python3-pkg-resources,
          ${extra:Depends}
 Recommends: ubuntu-pro-client-l10n
 Breaks: ubuntu-advantage-tools (<<31~), ${misc:Breaks}