github-actions[bot] opened a new issue, #13323: URL: https://github.com/apache/cloudstack/issues/13323
## ๐ Apache CloudStack โ Daily Status Report *Generated: June 2, 2026* --- ## ๐ Recent Releases | Release | Date | Type | |---------|------|------| | [4.22.1.0 (LTS)](https://github.com/apache/cloudstack/releases/tag/4.22.1.0) | May 26, 2026 | Maintenance | | [4.22.0.1 (LTS Security)](https://github.com/apache/cloudstack/releases/tag/4.22.0.1) | May 8, 2026 | Security (7 CVEs patched) | | [4.20.3.0 (LTS)](https://github.com/apache/cloudstack/releases/tag/4.20.3.0) | Apr 17, 2026 | Maintenance | Great momentum with two LTS releases shipped in the past month! ๐ --- ## ๐ Pull Request Activity ### โ Recently Merged - **`#13210`** โ Convert command's timeout for snapshots commands *(erikbocks)* - **`#13278`** โ Update GitHub AW actions *(vishesh92)* - **`#13215`** โ Bump GitHub Actions dependencies *(dependabot)* - **`#13050`** โ FlashArray: fall back to array capacity when pod has no quota *(genegr)* - **`#13238`** โ Docs: note MariaDB support in README *(robertsilen)* - **`#13078`** โ fix(linstor): surface ambiguous template fallbacks and legacy orphan cleanup *(jmsperu)* - **`#13021`** โ Fix the validation of CPVMs states in multiple zones *(Tonitzpp)* ### ๐ฅ Hot PRs (Active Today) - **`#13322`** โ Deduplicate Sonar CI GitHub workflow *(Pearl1594)* - **`#13321`** โ UI support for the `scaleSystemVm` API *(gruckbit)* - **`#13320`** โ Stop role from auto-changing on manual account creation *(gp-santos)* - **`#13319`** โ Fix KVM live volume migration command payload *(vanquyen020920)* - **`#13293`** โ Add draft project security threat-model document *(potiuk)* - **`#13236`** โ Introduce Quota resource statement API *(winterhazel)* - **`#13140`** โ Add code coverage grading workflow *(Pearl1594)* ### ๐๏ธ Big Features In Progress - **`#12711`** โ ๐ Key Management Service (KMS) *(vishesh92)* - **`#13033`** โ ๐ Keycloak OAuth provider *(tazouxme)* - **`#12991`** โ ๐พ Backup: Veeam KVM integration *(shwstppr)* - **`#12758`** โ ๐ฆ New backup provider: KBOSS *(JoaoJandre)* - **`#13032`** โ ๐ Network Extension: Orchestrate external network devices *(weizhouapache)* - **`#13015`** โ ๐๏ธ Soft delete for port forwarding, load balancing & firewall rules *(bernardodemarco)* - **`#12124`** โ Dell EMC ECS Object Storage plugin *(mhkadhum)* --- ## ๐ก๏ธ Security Watch A wave of security vulnerability reports has been filed (`#13296`โ`#13311`), covering: - Plaintext credential exposure in IPMI, SSH, CIFS, and KVM helpers - Keystore/SSL private key exposure in logs - VM user-data and VNC password leaks in various subsystems > โ ๏ธ **Maintainers:** These reports need triage and prioritization. Many appear to be part of a coordinated responsible disclosure effort โ consider batching fixes in an upcoming security release. --- ## ๐ Project Highlights - ๐ง **CI/CD improvements** active (Sonar deduplication, code coverage grading) - ๐ **Security threat model document** being drafted โ great proactive step! - ๐ **Plugin ecosystem expanding**: KMS, Keycloak OAuth, Veeam, KBOSS, Dell EMC ECS โ the integrations pipeline is vibrant --- ## โ Recommended Next Steps 1. **Triage the new security vulnerability reports** (`#13296`โ`#13311`) โ assign owners and set target milestones 2. **Review and merge** the KVM live migration fix (`#13319`) โ appears to be a straightforward bugfix 3. **Progress the security threat model** (`#13293`) โ community input welcome 4. **Code coverage workflow** (`#13140`) โ valuable for long-term quality; encourage review 5. **Plan 4.22.2.0 / 4.20.4.0** cadence given the active security report backlog --- *Keep up the great work, contributors! ๐ช The project is active, healthy, and growing fast.* > Generated by [Repo Status](https://github.com/apache/cloudstack/actions/runs/26845485241) ยท sonnet46 558.1K ยท [โท](https://github.com/search?q=repo%3Aapache%2Fcloudstack+is%3Aissue+%22gh-aw-workflow-call-id%3A+apache%2Fcloudstack%2Fdaily-repo-status%22&type=issues) > <details> <summary>Add this agentic workflows to your repo</summary> To install this agentic workflow, run ``` gh aw add githubnext/agentics/workflows/repo-status.md@main ``` </details> <!-- gh-aw-agentic-workflow: Repo Status, engine: copilot, version: 1.0.52, model: claude-sonnet-4.6, id: 26845485241, workflow_id: daily-repo-status, run: https://github.com/apache/cloudstack/actions/runs/26845485241 --> <!-- gh-aw-workflow-id: daily-repo-status --> <!-- gh-aw-workflow-call-id: apache/cloudstack/daily-repo-status --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
