Bump salt from 3000 to 3005.2 in /salt-redirector

[dependabot]

Bumps salt from 3000 to 3005.2.

Release notes

Sourced from salt's releases.

v3005.2

No release notes provided.

v3005.1-2

No release notes provided.

v3005.1

No release notes provided.

v3005

Version 3005

v3005rc2

No release notes provided.

v3005rc1

No release notes provided.

v3004.2

No release notes provided.

v3004.1

No release notes provided.

v3004

WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.

Official Salt packages can be found at https://repo.saltproject.io/

v3004rc1

No release notes provided.

v3003.5

No release notes provided.

v3003.4

No release notes provided.

v3003.3

No release notes provided.

v3003.2

WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.

Official Salt packages can be found at https://repo.saltproject.io/

v3003.1

WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.

Official Salt packages can be found at https://repo.saltproject.io/

... (truncated)

Changelog

Sourced from salt's changelog.

Salt v3005.2 (2023-07-31)

Changed

• Additional required package upgrades

  • It's now pyzmq>=20.0.0 on all platforms, and <=22.0.3 just for windows.
  • Upgrade to pyopenssl==23.0.0 due to the cryptography upgrade. (#63757)

Security

• fix CVE-2023-20897 by catching exception instead of letting exception disrupt connection (cve-2023-20897)

• Fixed gitfs cachedir_basename to avoid hash collisions. Added MP Lock to gitfs. These changes should stop race conditions. (cve-2023-20898)

• Upgrade to requests==2.31.0

  Due to:

  • GHSA-j8r2-6x86-q33q (#64336)

• Upgrade to cryptography==41.0.3(and therefor pyopenssl==23.2.0 due to GHSA-jm77-qphf-c4w8)

  Also resolves the following cryptography advisories:

  Due to:

  • GHSA-5cpq-8wj7-hf2v
  • GHSA-x4qr-2fvf-3mr5
  • GHSA-w7pp-m8wf-vj6r

  There is no security upgrade available for Py3.5 (#64595)

• Bump to certifi==2023.07.22 due to GHSA-xqr8-7jwr-rhp7

  Python 3.5 cannot get the updated requirements since certifi no longer supports this python version (#64720)

3006.1 (2023-05-05)

Fixed

• Check that the return data from the cloud create function is a dictionary before attempting to pull values out. #61236
• Ensure NamedLoaderContext's have their value() used if passing to other modules #62477
• add documentation note about reactor state ids. #63589
• Added support for test=True to the file.cached state module #63785
• Updated source_hash documentation and added a log warning when source_hash is used with a source other than http, https and ftp. #63810
• Fixed clear pillar cache on every highstate and added clean_pillar_cache=False to saltutil functions. #64081
• Fix dmsetup device names with hyphen being picked up. #64082
• Update all the scheduler functions to include a fire_event argument which will determine whether to fire the completion event onto the event bus. This event is only used when these functions are called via the schedule execution modules. Update all the calls to the schedule related functions in the deltaproxy proxy minion to include fire_event=False, as the event bus is not available when these functions are called. #64102, #64103
• Default to a 0 timeout if none is given for the terraform roster to avoid -o ConnectTimeout=None when using salt-ssh #64109
• Disable class level caching of the file client on SaltCacheLoader and properly use context managers to take care of initialization and termination of the file client. #64111

... (truncated)

Commits

• c71ff92 pre
• c9bc453 run pre
• e60abda stop branch collision
• dff6f6c [3005.2] Update cryptography to 41.0.3
• 5972888 base64 hash
• 8344fe5 Fix the request and pyzmq requirements
• 73beb55 [3005.2] Update docs
• 57caa68 Update Python to 3.9.17
• 5ea80bb It's gitfs not gtfs, plus some code fixes and cleanup
• 9529f72 Fix gitfs tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.