New release v2.19.0b2 (#85040 )

* New release v2.19.0b2 * Revert setuptools version bump
Implement TaskResult backward compatibility for callbacks (#85039 )
1256 changed files with 21827 additions and 22369 deletions
--- a/.azure-pipelines/azure-pipelines.yml
+++ b/.azure-pipelines/azure-pipelines.yml
@ -31,7 +31,7 @@ variables:
  - name: fetchDepth
    value: 500
  - name: defaultContainer
-    value: quay.io/ansible/azure-pipelines-test-container:7.0.0
+    value: quay.io/ansible/azure-pipelines-test-container:6.0.0
 pool: Standard
@ -54,12 +54,12 @@ stages:
          nameFormat: Python {0}
          testFormat: units/{0}
          targets:
            - test: 3.8
            - test: 3.9
            - test: '3.10'
            - test: 3.11
            - test: 3.12
            - test: 3.13
            - test: 3.14
  - stage: Windows
    dependsOn: []
    jobs:
@ -90,16 +90,14 @@ stages:
          targets:
            - name: macOS 15.3
              test: macos/15.3
-            - name: RHEL 9.6 py39
+            - name: RHEL 9.5 py39
-              test: rhel/9.6@3.9
+              test: rhel/9.5@3.9
-            - name: RHEL 9.6 py312
+            - name: RHEL 9.5 py312
-              test: rhel/9.6@3.12
+              test: rhel/9.5@3.12
            - name: RHEL 10.0
              test: rhel/10.0
            - name: FreeBSD 13.5
              test: freebsd/13.5
-            - name: FreeBSD 14.3
+            - name: FreeBSD 14.2
-              test: freebsd/14.3
+              test: freebsd/14.2
          groups:
            - 1
            - 2
@ -108,10 +106,12 @@ stages:
          targets:
            - name: macOS 15.3
              test: macos/15.3
-            - name: RHEL 9.6
+            - name: RHEL 9.5
-              test: rhel/9.6
+              test: rhel/9.5
-            - name: RHEL 10.0
+            - name: FreeBSD 13.5
-              test: rhel/10.0
+              test: freebsd/13.5
            - name: FreeBSD 14.2
              test: freebsd/14.2
          groups:
            - 3
            - 4
@ -119,14 +119,12 @@ stages:
      - template: templates/matrix.yml  # context/controller (ansible-test container management)
        parameters:
          targets:
-            - name: Alpine 3.22
+            - name: Alpine 3.21
-              test: alpine/3.22
+              test: alpine/3.21
-            - name: Fedora 42
+            - name: Fedora 41
-              test: fedora/42
+              test: fedora/41
-            - name: RHEL 9.6
+            - name: RHEL 9.5
-              test: rhel/9.6
+              test: rhel/9.5
            - name: RHEL 10.0
              test: rhel/10.0
            - name: Ubuntu 24.04
              test: ubuntu/24.04
          groups:
@ -138,10 +136,10 @@ stages:
        parameters:
          testFormat: linux/{0}
          targets:
-            - name: Alpine 3.22
+            - name: Alpine 3.21
-              test: alpine322
+              test: alpine321
-            - name: Fedora 42
+            - name: Fedora 41
-              test: fedora42
+              test: fedora41
            - name: Ubuntu 22.04
              test: ubuntu2204
            - name: Ubuntu 24.04
@ -153,24 +151,16 @@ stages:
        parameters:
          testFormat: linux/{0}
          targets:
-            - name: Alpine 3.22
+            - name: Alpine 3.21
-              test: alpine322
+              test: alpine321
-            - name: Fedora 42
+            - name: Fedora 41
-              test: fedora42
+              test: fedora41
            - name: Ubuntu 24.04
              test: ubuntu2404
          groups:
            - 3
            - 4
            - 5
      - template: templates/matrix.yml  # context/target (dnf-oldest, dnf-latest)
        parameters:
          testFormat: linux/{0}
          targets:
            - name: Fedora 42
              test: fedora42
          groups:
            - 7
  - stage: Galaxy
    dependsOn: []
    jobs:
@ -179,9 +169,9 @@ stages:
          nameFormat: Python {0}
          testFormat: galaxy/{0}/1
          targets:
            - test: 3.11
            - test: 3.12
            - test: 3.13
            - test: 3.14
  - stage: Generic
    dependsOn: []
    jobs:
@ -190,9 +180,9 @@ stages:
          nameFormat: Python {0}
          testFormat: generic/{0}/1
          targets:
            - test: 3.11
            - test: 3.12
            - test: 3.13
            - test: 3.14
  - stage: Incidental_Windows
    displayName: Incidental Windows
    dependsOn: []
@ -216,6 +206,15 @@ stages:
              test: 2025/psrp/http
            - name: 2025 SSH Key
              test: 2025/ssh/key
  - stage: Incidental
    dependsOn: []
    jobs:
      - template: templates/matrix.yml
        parameters:
          testFormat: i/{0}/1
          targets:
            - name: IOS Python
              test: ios/csr1000v/
  - stage: Summary
    condition: succeededOrFailed()
    dependsOn:
@ -227,5 +226,6 @@ stages:
      - Galaxy
      - Generic
      - Incidental_Windows
      - Incidental
    jobs:
      - template: templates/coverage.yml
--- a/.azure-pipelines/commands/generic.sh
+++ b/.azure-pipelines/commands/generic.sh
@ -13,9 +13,6 @@ else
    target="shippable/generic/"
 fi
 stage="${S:-prod}"
 # shellcheck disable=SC2086
 ansible-test integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \
    --remote-terminate always --remote-stage "${stage}" \
    --docker default --python "${python}"
--- a/.azure-pipelines/commands/incidental/ios.sh
+++ b/.azure-pipelines/commands/incidental/ios.sh
@ -0,0 +1 @@
 network.sh
--- a/.azure-pipelines/commands/incidental/network.sh
+++ b/.azure-pipelines/commands/incidental/network.sh
@ -0,0 +1,40 @@
 #!/usr/bin/env bash
 set -o pipefail -eux
 declare -a args
 IFS='/:' read -ra args <<< "$1"
 platform="${args[0]}"
 version="${args[1]}"
 python_version="${args[2]}"
 target="shippable/${platform}/incidental/"
 stage="${S:-prod}"
 provider="${P:-default}"
 # python versions to test in order
 # all versions run full tests
 IFS=' ' read -r -a python_versions <<< \
    "$(PYTHONPATH="${PWD}/test/lib" python -c 'from ansible_test._internal import constants; print(" ".join(constants.CONTROLLER_PYTHON_VERSIONS))')"
 if [ "${python_version}" ]; then
    # limit tests to a single python version
    python_versions=("${python_version}")
 fi
 for python_version in "${python_versions[@]}"; do
    # terminate remote instances on the final python version tested
    if [ "${python_version}" = "${python_versions[-1]}" ]; then
        terminate="always"
    else
        terminate="never"
    fi
    # shellcheck disable=SC2086
    ansible-test network-integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \
        --platform "${platform}/${version}" \
        --docker default --python "${python_version}" \
        --remote-terminate "${terminate}" --remote-stage "${stage}" --remote-provider "${provider}"
 done
--- a/.azure-pipelines/scripts/dependencies/.pip-tools.toml
+++ b/.azure-pipelines/scripts/dependencies/.pip-tools.toml
@ -1,6 +0,0 @@
 [tool.pip-tools]
 allow-unsafe = true  # weird outdated default
 annotation-style = "line"  # put the source tracking comments inline
 generate-hashes = false  # pip bug https://github.com/pypa/pip/issues/9243
 resolver = "backtracking"  # modern depresolver
 strip-extras = true  # so that output files are true pip constraints
--- a/.azure-pipelines/scripts/dependencies/codecov.in
+++ b/.azure-pipelines/scripts/dependencies/codecov.in
@ -1 +0,0 @@
 codecov-cli
--- a/.azure-pipelines/scripts/dependencies/codecov.txt
+++ b/.azure-pipelines/scripts/dependencies/codecov.txt
@ -1,18 +0,0 @@
 #
 # This file is autogenerated by pip-compile with Python 3.13
 # by the following command:
 #
 #    pip-compile --allow-unsafe --annotation-style=line --output-file=codecov.txt --strip-extras codecov.in
 #
 certifi==2025.8.3         # via requests, sentry-sdk
 charset-normalizer==3.4.3  # via requests
 click==8.2.1              # via codecov-cli
 codecov-cli==11.2.3       # via -r codecov.in
 idna==3.10                # via requests
 ijson==3.4.0              # via codecov-cli
 pyyaml==6.0.2             # via codecov-cli
 requests==2.32.5          # via responses
 responses==0.21.0         # via codecov-cli
 sentry-sdk==2.38.0        # via codecov-cli
 test-results-parser==0.5.4  # via codecov-cli
 urllib3==2.5.0            # via requests, responses, sentry-sdk
--- a/.azure-pipelines/scripts/publish-codecov.py
+++ b/.azure-pipelines/scripts/publish-codecov.py
@ -9,15 +9,11 @@ from __future__ import annotations
 import argparse
 import dataclasses
 import pathlib
-import shlex
+import shutil
 import subprocess
 import tempfile
 import typing as t
-import venv
+import urllib.request
 SCRIPTS_DIR = pathlib.Path(__file__).parent.resolve()
 DEPS_DIR = SCRIPTS_DIR / 'dependencies'
@dataclasses.dataclass(frozen=True)
@ -47,49 +43,6 @@ def parse_args() -> Args:
    return Args(**kwargs)
 def run(
    *args: str | pathlib.Path,
    dry_run: bool = False,
 ) -> None:
    """
    Log and run given command.
    The command is not actually executed if ``dry_run`` is truthy.
    """
    cmd = [str(arg) for arg in args]
    dry_prefix = '[would run] ' if dry_run else ''
    print(f'==> {dry_prefix}{shlex.join(cmd)}', flush=True)
    if not dry_run:
        subprocess.run(cmd, check=True)
 def install_codecov(dest: pathlib.Path, dry_run: bool = False) -> pathlib.Path:
    """Populate a transitively pinned venv with ``codecov-cli``."""
    requirement_file = DEPS_DIR / 'codecov.in'
    constraint_file = requirement_file.with_suffix('.txt')
    venv_dir = dest / 'venv'
    python_bin = venv_dir / 'bin' / 'python'
    codecov_bin = venv_dir / 'bin' / 'codecovcli'
    venv.create(venv_dir, with_pip=True)
    run(
        python_bin,
        '-m',
        'pip',
        'install',
        f'--constraint={constraint_file!s}',
        f'--requirement={requirement_file!s}',
        '--disable-pip-version-check',
        dry_run=dry_run,
    )
    return codecov_bin
 def process_files(directory: pathlib.Path) -> t.Tuple[CoverageFile, ...]:
    processed = []
    for file in directory.joinpath('reports').glob('coverage*.xml'):
@ -104,67 +57,45 @@ def process_files(directory: pathlib.Path) -> t.Tuple[CoverageFile, ...]:
    return tuple(processed)
-def upload_files(codecov_bin: pathlib.Path, config_file: pathlib.Path, files: t.Tuple[CoverageFile, ...], dry_run: bool = False) -> None:
+def upload_files(codecov_bin: pathlib.Path, files: t.Tuple[CoverageFile, ...], dry_run: bool = False) -> None:
    for file in files:
        cmd = [
-            codecov_bin,
+            str(codecov_bin),
-            '--disable-telem',
+            '--name', file.name,
-            '--codecov-yml-path',
+            '--file', str(file.path),
            config_file,
            'upload-process',
            '--disable-search',
            '--disable-file-fixes',
            '--plugin',
            'noop',
            '--name',
            file.name,
            '--file',
            file.path,
        ]
        for flag in file.flags:
-            cmd.extend(['--flag', flag])
+            cmd.extend(['--flags', flag])
        if dry_run:
-            cmd.append('--dry-run')
+            print(f'DRY-RUN: Would run command: {cmd}')
            continue
        subprocess.run(cmd, check=True)
        run(*cmd)
 def download_file(url: str, dest: pathlib.Path, flags: int, dry_run: bool = False) -> None:
    if dry_run:
        print(f'DRY-RUN: Would download {url} to {dest} and set mode to {flags:o}')
        return
-def report_upload_completion(
+    with urllib.request.urlopen(url) as resp:
-    codecov_bin: pathlib.Path,
+        with dest.open('w+b') as f:
-    config_file: pathlib.Path,
+            # Read data in chunks rather than all at once
-    dry_run: bool = False,
+            shutil.copyfileobj(resp, f, 64 * 1024)
 ) -> None:
    """Notify Codecov backend that all reports we wanted are in."""
    cmd = [
        codecov_bin,
        '--disable-telem',
        f'--codecov-yml-path={config_file}',
        'send-notifications',
    ]
-    run(*cmd, dry_run=dry_run)
+    dest.chmod(flags)
-def main() -> None:
+def main():
    args = parse_args()
-
+    url = 'https://ci-files.testing.ansible.com/codecov/linux/codecov'
    with tempfile.TemporaryDirectory(prefix='codecov-') as tmpdir:
-        config_file = pathlib.Path(tmpdir) / 'config.yml'
+        codecov_bin = pathlib.Path(tmpdir) / 'codecov'
-        # Refs:
+        download_file(url, codecov_bin, 0o755, args.dry_run)
-        # * https://docs.codecov.com/docs/codecovyml-reference#codecovnotifymanual_trigger
+
        # * https://docs.codecov.com/docs/notifications#preventing-notifications-until-youre-ready-to-send-notifications
        config_file.write_text('codecov:\n  notify:\n    manual_trigger: true')
        codecov_bin = install_codecov(
            pathlib.Path(tmpdir),
            dry_run=args.dry_run,
        )
        files = process_files(args.path)
-        upload_files(codecov_bin, config_file, files, args.dry_run)
+        upload_files(codecov_bin, files, args.dry_run)
        # Ref: https://docs.codecov.com/docs/cli-options#send-notifications
        report_upload_completion(codecov_bin, config_file, args.dry_run)
 if __name__ == '__main__':
--- a/.azure-pipelines/templates/coverage.yml
+++ b/.azure-pipelines/templates/coverage.yml
@ -7,7 +7,6 @@ jobs:
  - job: Coverage
    displayName: Code Coverage
    container: $[ variables.defaultContainer ]
    timeoutInMinutes: 10
    workspace:
      clean: all
    steps:
--- a/.azure-pipelines/templates/test.yml
+++ b/.azure-pipelines/templates/test.yml
@ -12,7 +12,6 @@ jobs:
    - job: test_${{ replace(replace(replace(replace(job.test, '/', '_'), '.', '_'), '-', '_'), '@', '_') }}
      displayName: ${{ job.name }}
      container: $[ variables.defaultContainer ]
      timeoutInMinutes: 65
      workspace:
        clean: all
      steps:
--- a/.claude/commands/review.md
+++ b/.claude/commands/review.md
@ -1,55 +0,0 @@
 ---
 description: Review an Ansible PR following the project's standardized process from CLAUDE.md
 argument-hint: <pr_number>
 allowed-tools: [TodoWrite, Bash(gh pr view:*), Bash(gh pr diff:*), Bash(gh pr checkout:*), Bash(gh pr checks:*), Read, Grep, Glob, Search]
 ---
 PR Review Command
 =================
 Review an Ansible PR following the project's standardized process from `CLAUDE.md`.
 Usage
 -----
 ```bash
 /review <pr_number>
 ```
 Arguments
 ---------
 - `pr_number` (required): The GitHub PR number to review
 Implementation
 --------------
 This command implements the PR Review Guidelines documented in the `PR Review Guidelines` section of CLAUDE.md.
 Review Process Steps
 --------------------
 The command follows these numbered steps from CLAUDE.md:
 1. **Create TodoWrite list** for systematic review tracking
 2. **Get PR details**: `gh pr view <number>` to understand scope, motivation and the desired outcome
 3. **Get PR diff**: `gh pr diff <number>` to see all changes
 4. **Check required components FIRST**:
   - Verify changelog fragment exists in `changelogs/fragments/`
   - Verify changelog uses correct section (check `changelogs/config.yaml`)
   - Verify tests exist and specifically cover the changed code paths
   - Unit tests should be pytest style, and functional rather than tightly coupled to mocking
   - Integration tests required for almost all plugin changes
 5. **Checkout PR branch**: `gh pr checkout <number>` to examine code holistically
 6. **Review existing feedback**: `gh pr view <number> --comments` for all comments and previous reviews
 7. **Verify all issues addressed**: Ensure bot failures, reviewer requests, and discussion points are resolved
 8. **Call out unresolved feedback**: Explicitly mention any discussions/requests that remain unaddressed
 Critical Review Elements
 ------------------------
 - **Licensing**: Verify GPLv3/BSD-2-Clause compatibility for any new dependencies
 - **Test scope**: Tests must exercise actual changed code, not just add random coverage
 - **Changelog validation**: Fragment structure follows sections defined in `changelogs/config.yaml`
 Each step is tracked in TodoWrite for visibility and systematic completion. A review round should not exceed 20 feedback items.
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@ -105,8 +105,7 @@ body:
    label: Configuration
    description: >-
      Paste verbatim output from `ansible-config dump --only-changed -t all` below, under the prompt line.
-      Remember to redact secret values. You can easily filter Galaxy server secrets using grep,
+      (if using a version older than ansible-core 2.12 you should omit the '-t all')
      for example `ansible-config dump --only-changed -t all | grep -Ev 'token|password|client_secret'`.
      Please don't wrap it with triple backticks — your
      whole input will be turned into a code snippet automatically.
    render: console
@ -137,7 +136,7 @@ body:
  attributes:
    label: Steps to Reproduce
    description: |
-      Describe exactly how to reproduce the problem, using a minimal test-case. It would *really* help us understand your problem if you could also provide any playbooks, configs and commands you used.
+      Describe exactly how to reproduce the problem, using a minimal test-case. It would *really* help us understand your problem if you could also pased any playbooks, configs and commands you used.
      **HINT:** You can paste https://gist.github.com links for larger files.
    value: |
--- a/.github/ISSUE_TEMPLATE/documentation_report.yml
+++ b/.github/ISSUE_TEMPLATE/documentation_report.yml
@ -130,8 +130,6 @@ body:
    label: Configuration
    description: >-
      Paste verbatim output from `ansible-config dump --only-changed -t all` below, under the prompt line.
      Remember to redact secret values. You can easily filter Galaxy server secrets using grep,
      for example `ansible-config dump --only-changed -t all | grep -Ev 'token|password|client_secret'`.
      (if using a version older than ansible-core 2.12 you should omit the '-t all')
      Please don't wrap it with triple backticks — your
      whole input will be turned into a code snippet automatically.
--- a/.github/RELEASE_NAMES.txt
+++ b/.github/RELEASE_NAMES.txt
@ -1,4 +1,3 @@
 2.20.0  Good Times Bad Times
 2.19.0  What Is and What Should Never Be
 2.18.0  Fool in the Rain
 2.17.0  Gallows Pole
--- a/.gitignore
+++ b/.gitignore
@ -97,9 +97,6 @@ Vagrantfile
 # vendored lib dir
 lib/ansible/_vendor/*
 !lib/ansible/_vendor/__init__.py
 # PowerShell signed hashlist
 lib/ansible/config/powershell_signatures.psd1
 *.authenticode
 # test stuff
 /test/integration/cloud-config-*.*
 !/test/integration/cloud-config-*.*.template
@ -127,5 +124,3 @@ test/units/.coverage.*
 /SYMLINK_CACHE.json
 changelogs/.plugin-cache.yaml
 .ansible-test-timeout.json
 # Agents
 CLAUDE.local.md
--- a/AGENTS.md
+++ b/AGENTS.md
@ -1,321 +0,0 @@
 # AGENTS.md
 This file provides guidance to Claude Code (claude.ai/code) and other compatible agentic tools when working with code in this repository.
 **Note:** This file is for AI assistant use only. For human developers, see the [Ansible Developer Guide](https://docs.ansible.com/ansible-core/devel/dev_guide/index.html).
 ## ⚠️ IMPORTANT: Always Start Here
 **BEFORE starting any PR review or development task:**
 1. **Read this file first** - Don't work from memory or assumptions
 2. **Use TodoWrite** to create a task list and track progress systematically
 3. **Follow the numbered steps** in the relevant process sections
 4. **Reference Quick Reference** for correct commands and patterns
 ## ⚠️ CRITICAL: Licensing Requirements
 **NEVER suggest, recommend, or approve code that violates these requirements:**
 - **ansible-core**: All code must be **GPLv3 compatible**
 - **lib/ansible/module_utils/**: Defaults to **BSD-2-Clause** (more permissive)
 - **External dependencies**: Only recommend libraries compatible with these licenses
 - **PR reviews**: Always verify any new dependencies or suggested libraries are license-compatible
 - **When in doubt**: Ask about licensing compatibility rather than assuming
 **This is non-negotiable** - licensing violations can create serious legal issues for the project.
 ## Quick Reference
 Most commonly used commands and patterns:
 ```bash
 # Testing
 ansible-test sanity -v --docker default                   # Run all sanity tests
 ansible-test sanity -v --docker default --test <test>     # Run specific sanity test
 ansible-test units -v --docker default                    # Run unit tests
 ansible-test integration -v --docker ubuntu2404           # Run integration tests
 # PR Review and CI
 gh pr view <number>                                       # Get PR details
 gh pr view <number> --comments                            # Check for ansibot CI failures
 gh pr checks <number>                                     # Get Azure Pipelines URLs
 gh pr checkout <number>                                   # Switch to PR branch
 gh pr diff <number>                                       # See all changes
 ```
 **Container Selection:**
 - Sanity/Unit tests: `--docker default`
 - Integration tests: `--docker ubuntu2204`, `--docker ubuntu2404`, etc. (NOT default/base)
 **Critical Reminders:**
 - **Licensing**: See [Licensing Requirements](#️-critical-licensing-requirements) - GPLv3/BSD-2-Clause only
 ## Development Environment Setup
 Ansible development typically uses an editable install after forking and cloning:
 ```bash
 # After forking and cloning the repository
 pip install -e .
 ```
 **Note:** ansible-core and all CLIs (including ansible-test) require a POSIX OS. On Windows, use WSL (Windows Subsystem for Linux).
 ## Testing and CI
 ### Basic Testing Commands
 ```bash
 # Run sanity tests - these are linting/static analysis (pylint, mypy, pep8, etc.)
 ansible-test sanity -v --docker default
 # List available sanity tests
 ansible-test sanity --list-tests
 # Run specific sanity tests
 ansible-test sanity -v --docker default --test pep8 --test pylint
 # Run sanity on specific files (paths relative to repo root)
 ansible-test sanity -v --docker default lib/ansible/modules/command.py
 # Run unit tests (recommended with Docker)
 ansible-test units -v --docker default
 # Run specific unit test (paths relative to repo root, targets in test/units/)
 ansible-test units -v --docker default test/units/modules/test_command.py
 # Run integration tests (choose appropriate container - NOT base/default)
 ansible-test integration -v --docker ubuntu2404
 # Run specific integration target (directory name in test/integration/targets/)
 ansible-test integration -v --docker ubuntu2404 setup_remote_tmp_dir
 # Run with coverage
 ansible-test units -v --docker default --coverage
 # Alternative: use --venv if Docker/Podman unavailable (less reliable for units/integration)
 ansible-test sanity -v --venv
 ```
 Available Docker containers for testing can be found in `./test/lib/ansible_test/_data/completion/docker.txt`.
 The `base` and `default` containers are for sanity/unit tests only. For integration tests, use distro-specific
 containers, depending on the modules being tested.
 **Test isolation options:**
 - `--docker` (supports Docker or Podman) - preferred for reliable, isolated testing
 - `--venv` - fallback when containers unavailable, but unit tests may be unreliable due to host environment differences
 ### Helping Developers with CI Failures
 When developers submit PRs and encounter CI failures, use these approaches to help diagnose and resolve issues:
 **1. Check for ansibot comments:**
 ```bash
 # Get all PR comments to find ansibot CI failure reports
 gh pr view <number> --comments
 ```
 Look for comments from `ansibot` that contain:
 - Test failure details with specific error messages
 - File paths and line numbers for failures
 - Links to sanity test documentation (e.g., `[explain](https://docs.ansible.com/...`)
 **2. Get CI check status and URLs:**
 ```bash
 # See all CI check results with Azure Pipelines URLs
 gh pr checks <number>
 ```
 This shows:
 - Overall CI status (pass/fail) with timing
 - Direct links to Azure DevOps build results
 - Individual job results (Sanity Test 1/2, Docker tests, Units, etc.)
 **3. Common CI failure patterns:**
 - **Sanity failures**: Usually have specific fixes (trailing whitespace, import errors, etc.)
 - **Integration test failures**: May require platform-specific containers or test adjustments
 - **Unit test failures**: Often indicate actual code issues that need debugging
 **4. CI failure analysis workflow:**
 1. Check ansibot comments first for immediate error details
 2. Use `gh pr checks <number>` to get Azure Pipelines URLs for detailed logs
 3. Focus on failed jobs (marked as `fail`) and examine their specific error output
 4. For sanity test failures, the error messages usually indicate exactly what needs to be fixed
 5. For test failures, run the same tests locally using `ansible-test` to reproduce and debug
 ## PR Review Guidelines
 ### PR Review Checklist
 Use this checklist for EVERY PR review:
 ```text
 □ Created TodoWrite list for review steps
 □ Step 1: Get PR details with gh pr view <number>
 □ Step 2: Get PR diff with gh pr diff <number>
 □ Step 3: Check required components (changelog, tests)
 □ Step 4: Checkout PR branch with gh pr checkout <number>
 □ Step 5: Review existing feedback with gh pr view <number> --comments
 □ Step 6: Verify all issues addressed
 □ Step 7: Call out any unresolved feedback
 □ Mark each TodoWrite item as completed when done
 ```
 When assisting with PR reviews, verify:
 ### Required Components
 - Changelog fragment exists in `changelogs/fragments/`
 - Appropriate tests are included and cover the changed code
  - Unit tests should be pytest style, and functional rather than tightly coupled to mocking
  - Integration tests required for almost all plugin changes (tests the public API)
  - Tests should exercise the actual changed code, not just add random coverage
 ### Review Process
 Follow these steps in order for thorough PR reviews:
 1. **Get PR details**: Use `gh pr view <number>` to understand the PR scope and description
 2. **Get PR diff**: Use `gh pr diff <number>` to see all changes
 3. **Check required components FIRST**:
   - Verify changelog fragment exists and uses correct section (check `changelogs/config.yaml` for valid sections)
   - Verify tests exist and specifically cover the changed code paths
 4. **Checkout PR branch**: Use `gh pr checkout <number>` to examine code holistically with changes applied
 5. **Review existing feedback**: Use `gh pr view <number> --comments` to see all comments and previous review feedback
 6. **Verify all issues addressed**: Ensure all bot failures, reviewer requests, and discussion points are resolved
 7. **Call out any unresolved review feedback**: Explicitly mention any discussions or requests that remain unaddressed
 ### Common Review Issues to Check
 - **Changelog section errors**: Verify changelog uses valid section from `changelogs/config.yaml`. Fragment structure follows sections defined there.
 - **Test scope**: Ensure tests exercise the actual changed code, not just add random coverage.
  Integration tests required for almost all plugin changes (tests the public API).
  Tests should be functional rather than tightly coupled to mocking.
 ### Review Task Management
 - Use TodoWrite tool to track review steps for complex PRs
 - Mark tasks as in_progress when actively working on them
 - Complete tasks immediately after finishing each step
 - This provides visibility to users about review progress
 ### Review Tools
 - `gh pr view <number>` - Get PR details and description
 - `gh pr view <number> --comments` - See all comments and review feedback
 - `gh pr diff <number>` - Get complete diff of changes
 - `gh pr checkout <number>` - Switch to PR branch for holistic examination
 - `Read` tool - Examine specific changed files in detail
 - `Grep` tool - Search for related code patterns or test coverage (uses ripgrep/rg)
 ## Development Guidelines
 ### Code Style Notes
 - Line limit is 160 characters (not 80)
 - E402 (module level import not at top) is ignored
 - In `lib/ansible/modules/`, imports must come after DOCUMENTATION, EXAMPLES, and RETURN definitions
 - Don't add obvious comments about code
 - Use native type hints with `from __future__ import annotations` (converts to strings at runtime)
 - Don't document module parameters in docstrings - migrate to type hints instead
 - **No trailing whitespace**: Always clean up trailing spaces on lines, especially when editing existing files
 ### Python Version Support
 - Controller code: support range defined in `pyproject.toml`
 - Modules/module_utils: minimum version in `lib/ansible/module_utils/basic.py` (`_PY_MIN`) up to max from `pyproject.toml`
 - Modules support a wider Python version range than controller code
 ### Dependencies and Imports
 - Prefer Python stdlib over external dependencies
 - Use existing code from within the Ansible project
 - `lib/ansible/modules/` can only import from `lib/ansible/module_utils/` (modules are packaged for remote execution)
 - `lib/ansible/module_utils/` cannot import from outside itself
 ## Documentation Standards
 ### Module and Plugin Documentation
 - Modules and plugins require DOCUMENTATION, EXAMPLES, and RETURN blocks as static YAML string variables
 - These blocks cannot be dynamically generated - they are parsed via AST/token parsing
 - Alternative: "sidecar" documentation as `.yml` files with same stem name adjacent to plugin files
 - All modules should have a `main()` function and `if __name__ == '__main__':` block
 - Use `version_added` fields in documentation following existing version format patterns
 ### Changelog Requirements
 - Changes require entries in `changelogs/fragments/` as YAML files
 - Create a new fragment file per PR (never reuse existing fragments to avoid merge conflicts)
 - Fragment structure follows sections defined in `changelogs/config.yaml` under the `sections` key
 - Naming: `{issue_number}-{short-description}.yml` or `{component}-{description}.yml` if no issue
 - Format: `- {component} - {description} ({optional URL to GH issue})`
 - Content supports Sphinx markup (use double backticks for code references)
 ## Repository Management
 ### Plugin Development
 - New plugins should go into collections, not ansible-core
 - ansible-core rarely accepts new plugins; core team makes these decisions
 ### Branch and Release Management
 - All PRs target the `devel` branch
 - Use GitHub templates when creating issues/PRs (`.github/ISSUE_TEMPLATE/` and `.github/PULL_REQUEST_TEMPLATE/`)
 - For issues: fill out the `component` field with project root relative file path
 - For PRs: adjust the issue type in the template as listed in `.github/PULL_REQUEST_TEMPLATE/PULL_REQUEST_TEMPLATE.md`
 - Validate issues are fixed in `devel` before reporting against stable releases
 - Bug fixes: backported to latest stable only
 - Critical bug fixes: backported to latest and previous stable
 - Security issues: contact security@ansible.com privately, not via GitHub
 ### Backwards Compatibility
 - Backwards compatibility is prioritized over most other concerns
 - Deprecation cycle: 4 releases (deprecation + 2 releases + removal)
 - Use `Display.deprecated` or `AnsibleModule.deprecate` with version from `lib/ansible/release.py` plus 3
 - Example: deprecating in 2.19 means removal in 2.22
 ## Code Structure Reference
 ### Core Structure
 - `lib/ansible/` - Main Ansible library code
  - `cli/` - Command-line interface implementations (ansible, ansible-playbook, etc.)
  - `executor/` - Task execution engine and strategies (includes PowerShell support in `powershell/`)
  - `inventory/` - Inventory management and parsing
  - `modules/` - Core modules (built-in automation modules)
  - `module_utils/` - Shared utilities for modules (includes C# in `csharp/` and PowerShell in `powershell/`)
  - `plugins/` - Plugin framework (filters, tests, lookups, etc.)
  - `vars/` - Variable management
  - `config/` - Configuration handling
  - `collections/` - Ansible Collections framework
 ### Key Components
 - **CLI Layer**: Entry points in `lib/ansible/cli/` handle command parsing and dispatch
 - **Executor**: `lib/ansible/executor/` contains the core execution engine that runs tasks and plays
 - **Module System**: Modules in `lib/ansible/modules/` are the units of work; they're executed remotely
 - **Plugin Architecture**: `lib/ansible/plugins/` provides extensibility through filters, tests, lookups, etc.
 - **Inventory**: `lib/ansible/inventory/` manages host and group definitions
 - **Collections**: Modern packaging format for distributing Ansible content
 ### Testing Infrastructure
 - `test/units/` - Unit tests mirroring the lib structure
 - `test/integration/` - Integration tests organized by target (named after plugin/functionality being tested)
  - Some targets have `context/controller` or `context/target` in their `aliases` file when not easily inferable
  - Only modules run on target hosts; all other plugins execute locally in the ansible process
 - `test/lib/` - Test utilities and frameworks
 - `ansible-test` - Unified testing tool for all test types
 For CI failure debugging, see [Helping Developers with CI Failures](#helping-developers-with-ci-failures).
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -1,3 +0,0 @@
 - @AGENTS.md
 - @~/.claude/ansible.md
 - @CLAUDE.local.md
--- a/changelogs/CHANGELOG-v2.19.rst
+++ b/changelogs/CHANGELOG-v2.19.rst
@ -0,0 +1,350 @@
 ==================================================================
 ansible-core 2.19 "What Is and What Should Never Be" Release Notes
 ==================================================================
 .. contents:: Topics
 v2.19.0b2
 =========
 Release Summary
 ---------------
 | Release Date: 2025-04-24
 | `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
 Minor Changes
 -------------
 - comment filter - Improve the error message shown when an invalid ``style`` argument is provided.
 Bugfixes
 --------
 - Remove use of `required` parameter in `get_bin_path` which has been deprecated.
 - ansible-doc - fix indentation for first line of descriptions of suboptions and sub-return values (https://github.com/ansible/ansible/pull/84690).
 - ansible-doc - fix line wrapping for first line of description of options and return values (https://github.com/ansible/ansible/pull/84690).
 v2.19.0b1
 =========
 Release Summary
 ---------------
 | Release Date: 2025-04-14
 | `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
 Major Changes
 -------------
 - Jinja plugins - Jinja builtin filter and test plugins are now accessible via their fully-qualified names ``ansible.builtin.{name}``.
 - Task Execution / Forks - Forks no longer inherit stdio from the parent ``ansible-playbook`` process. ``stdout``, ``stderr``, and ``stdin`` within a worker are detached from the terminal, and non-functional. All needs to access stdio from a fork for controller side plugins requires use of ``Display``.
 - ansible-test - Packages beneath ``module_utils`` can now contain ``__init__.py`` files.
 - variables - The type system underlying Ansible's variable storage has been significantly overhauled and formalized. Attempts to store unsupported Python object types in variables will now result in an error.
 - variables - To support new Ansible features, many variable objects are now represented by subclasses of their respective native Python types. In most cases, they behave indistinguishably from their original types, but some Python libraries do not handle builtin object subclasses properly. Custom plugins that interact with such libraries may require changes to convert and pass the native types.
 Minor Changes
 -------------
 - Added a -vvvvv log message indicating when a host fails to produce output within the timeout period.
 - AnsibleModule.uri - Add option ``multipart_encoding`` for ``form-multipart`` files in body to change default base64 encoding for files
 - INVENTORY_IGNORE_EXTS config, removed ``ini`` from the default list, inventory scripts using a corresponding .ini configuration are rare now and inventory.ini files are more common. Those that need to ignore the ini files for inventory scripts can still add it to configuration.
 - Jinja plugins - Plugins can declare support for undefined values.
 - Jinja2 version 3.1.0 or later is now required on the controller.
 - Move ``follow_redirects`` parameter to module_utils so external modules can reuse it.
 - PlayIterator - do not return tasks from already executed roles so specific strategy plugins do not have to do the filtering of such tasks themselves
 - SSH Escalation-related -vvv log messages now include the associated host information.
 - Windows - Add support for Windows Server 2025 to Ansible and as an ``ansible-test`` remote target - https://github.com/ansible/ansible/issues/84229
 - Windows - refactor the async implementation to better handle errors during bootstrapping and avoid WMI when possible.
 - ``ansible-galaxy collection install`` — the collection dependency resolver now prints out conflicts it hits during dependency resolution when it's taking too long and it ends up backtracking a lot. It also displays suggestions on how to help it compute the result more quickly.
 - ansible, ansible-console, ansible-pull - add --flush-cache option (https://github.com/ansible/ansible/issues/83749).
 - ansible-galaxy - Add support for Keycloak service accounts
 - ansible-galaxy - support ``resolvelib >= 0.5.3, < 2.0.0`` (https://github.com/ansible/ansible/issues/84217).
 - ansible-test - Added a macOS 15.3 remote VM, replacing 14.3.
 - ansible-test - Automatically retry HTTP GET/PUT/DELETE requests on exceptions.
 - ansible-test - Default to Python 3.13 in the ``base`` and ``default`` containers.
 - ansible-test - Disable the ``deprecated-`` prefixed ``pylint`` rules as their results vary by Python version.
 - ansible-test - Disable the ``pep8`` sanity test rules ``E701`` and ``E704`` to improve compatibility with ``black``.
 - ansible-test - Improve container runtime probe error handling. When unexpected probe output is encountered, an error with more useful debugging information is provided.
 - ansible-test - Replace container Alpine 3.20 with 3.21.
 - ansible-test - Replace container Fedora 40 with 41.
 - ansible-test - Replace remote Alpine 3.20 with 3.21.
 - ansible-test - Replace remote Fedora 40 with 41.
 - ansible-test - Replace remote FreeBSD 13.3 with 13.5.
 - ansible-test - Replace remote FreeBSD 14.1 with 14.2.
 - ansible-test - Replace remote RHEL 9.4 with 9.5.
 - ansible-test - Show a more user-friendly error message when a ``runme.sh`` script is not executable.
 - ansible-test - The ``yamllint`` sanity test now enforces string values for the ``!vault`` tag.
 - ansible-test - Update ``nios-test-container`` to version 7.0.0.
 - ansible-test - Update ``pylint`` sanity test to use version 3.3.1.
 - ansible-test - Update distro containers to remove unnecessary pakages (apache2, subversion, ruby).
 - ansible-test - Update sanity test requirements to latest available versions.
 - ansible-test - Update the HTTP test container.
 - ansible-test - Update the PyPI test container.
 - ansible-test - Update the ``base`` and ``default`` containers.
 - ansible-test - Update the utility container.
 - ansible-test - Use Python's ``urllib`` instead of ``curl`` for HTTP requests.
 - ansible-test - When detection of the current container network fails, a warning is now issued and execution continues. This simplifies usage in cases where the current container cannot be inspected, such as when running in GitHub Codespaces.
 - ansible-test acme test container - bump `version to 2.3.0 <https://github.com/ansible/acme-test-container/releases/tag/2.3.0>`__ to include newer versions of Pebble, dependencies, and runtimes. This adds support for ACME profiles, ``dns-account-01`` support, and some smaller improvements (https://github.com/ansible/ansible/pull/84547).
 - apt_key module - add notes to docs and errors to point at the CLI tool deprecation by Debian and alternatives
 - apt_repository module - add notes to errors to point at the CLI tool deprecation by Debian and alternatives
 - become plugins get new property 'pipelining' to show support or lack there of for the feature.
 - callback plugins - add has_option() to CallbackBase to match other functions overloaded from AnsiblePlugin
 - callback plugins - fix get_options() for CallbackBase
 - copy - fix sanity test failures (https://github.com/ansible/ansible/pull/83643).
 - copy - parameter ``local_follow`` was incorrectly documented as having default value ``True`` (https://github.com/ansible/ansible/pull/83643).
 - cron - Provide additional error information while writing cron file (https://github.com/ansible/ansible/issues/83223).
 - csvfile - let the config system do the typecasting (https://github.com/ansible/ansible/pull/82263).
 - display - Deduplication of warning and error messages considers the full content of the message (including source and traceback contexts, if enabled). This may result in fewer messages being omitted.
 - display - The ``collection_name`` arg to ``Display.deprecated`` no longer has any effect. Information about the calling plugin is automatically captured by the display infrastructure, included in the displayed messages, and made available to callbacks.
 - distribution - Added openSUSE MicroOS to Suse OS family (#84685).
 - dnf5, apt - add ``auto_install_module_deps`` option (https://github.com/ansible/ansible/issues/84206)
 - docs - add collection name in message from which the module is being deprecated (https://github.com/ansible/ansible/issues/84116).
 - env lookup - The error message generated for a missing environment variable when ``default`` is an undefined value (e.g. ``undef('something')``) will contain the hint from that undefined value, except when the undefined value is the default of ``undef()`` with no arguments. Previously, any existing undefined hint would be ignored.
 - file - enable file module to disable diff_mode (https://github.com/ansible/ansible/issues/80817).
 - file - make code more readable and simple.
 - filter - add support for URL-safe encoding and decoding in b64encode and b64decode (https://github.com/ansible/ansible/issues/84147).
 - find - add a checksum_algorithm parameter to specify which type of checksum the module will return
 - from_json filter - The filter accepts a ``profile`` argument, which defaults to ``tagless``.
 - handlers - Templated handler names with syntax errors, or that resolve to ``omit`` are now skipped like handlers with undefined variables in their name.
 - improved error message for yaml parsing errors in plugin documentation
 - local connection plugin - A new ``become_strip_preamble`` config option (default True) was added; disable to preserve diagnostic ``become`` output in task results.
 - local connection plugin - A new ``become_success_timeout`` operation-wide timeout config (default 10s) was added for ``become``.
 - local connection plugin - When a ``become`` plugin's ``prompt`` value is a non-string after the ``check_password_prompt`` callback has completed, no prompt stripping will occur on stderr.
 - lookup_template - add an option to trim blocks while templating (https://github.com/ansible/ansible/issues/75962).
 - module - set ipv4 and ipv6 rules simultaneously in iptables module (https://github.com/ansible/ansible/issues/84404).
 - module_utils - Add ``NoReturn`` type annotations to functions which never return.
 - modules - PowerShell modules can now receive ``datetime.date``, ``datetime.time`` and ``datetime.datetime`` values as ISO 8601 strings.
 - modules - PowerShell modules can now receive strings sourced from inline vault-encrypted strings.
 - modules - The ``collection_name`` arg to Python module-side ``deprecate`` methods no longer has any effect. Information about the calling module is automatically captured by the warning infrastructure and included in the module result.
 - modules - Unhandled exceptions during Python module execution are now returned as structured data from the target. This allows the new traceback handling to be applied to exceptions raised on targets.
 - pipelining logic has mostly moved to connection plugins so they can decide/override settings.
 - plugin error handling - When raising exceptions in an exception handler, be sure to use ``raise ... from`` as appropriate. This supersedes the use of the ``AnsibleError`` arg ``orig_exc`` to represent the cause. Specifying ``orig_exc`` as the cause is still permitted. Failure to use ``raise ... from`` when ``orig_exc`` is set will result in a warning. Additionally, if the two cause exceptions do not match, a warning will be issued.
 - removed harcoding of su plugin as it now works with pipelining.
 - runtime-metadata sanity test - improve validation of ``action_groups`` (https://github.com/ansible/ansible/pull/83965).
 - service_facts module got freebsd support added.
 - ssh connection plugin - Support ``SSH_ASKPASS`` mechanism to provide passwords, making it the default, but still offering an explicit choice to use ``sshpass`` (https://github.com/ansible/ansible/pull/83936)
 - ssh connection plugin now overrides pipelining when a tty is requested.
 - ssh-agent - ``ansible``, ``ansible-playbook`` and ``ansible-console`` are capable of spawning or reusing an ssh-agent, allowing plugins to interact with the ssh-agent. Additionally a pure python ssh-agent client has been added, enabling easy interaction with the agent. The ssh connection plugin contains new functionality via ``ansible_ssh_private_key`` and ``ansible_ssh_private_key_passphrase``, for loading an SSH private key into the agent from a variable.
 - templating - Access to an undefined variable from inside a lookup, filter, or test (which raises MarkerError) no longer ends processing of the current template. The triggering undefined value is returned as the result of the offending plugin invocation, and the template continues to execute.
 - templating - Embedding ``range()`` values in containers such as lists will result in an error on use. Previously the value would be converted to a string representing the range parameters, such as ``range(0, 3)``.
 - templating - Handling of omitted values is now a first-class feature of the template engine, and is usable in all Ansible Jinja template contexts. Any template that resolves to ``omit`` is automatically removed from its parent container during templating.
 - templating - Template evaluation is lazier than in previous versions. Template expressions which resolve only portions of a data structure no longer result in the entire structure being templated.
 - templating - Templating errors now provide more information about both the location and context of the error, especially for deeply-nested and/or indirected templating scenarios.
 - templating - Unified ``omit`` behavior now requires that plugins calling ``Templar.template()`` handle cases where the entire template result is omitted, by catching the ``AnsibleValueOmittedError`` that is raised. Previously, this condition caused a randomly-generated string marker to appear in the template result.
 - templating - Variables of type ``set`` and ``tuple`` are now converted to ``list`` when exiting the final pass of templating.
 - to_json / to_nice_json filters - The filters accept a ``profile`` argument, which defaults to ``tagless``.
 - troubleshooting - Tracebacks can be collected and displayed for most errors, warnings, and deprecation warnings (including those generated by modules). Tracebacks are no longer enabled with ``-vvv``; the behavior is directly configurable via the ``DISPLAY_TRACEBACK`` config option. Module tracebacks passed to ``fail_json`` via the ``exception`` kwarg will not be included in the task result unless error tracebacks are configured.
 - undef jinja function - The ``undef`` jinja function now raises an error if a non-string hint is given. Attempting to use an undefined hint also results in an error, ensuring incorrect use of the function can be distinguished from the function's normal behavior.
 - validate-modules sanity test - make sure that ``module`` and ``plugin`` ``seealso`` entries use FQCNs (https://github.com/ansible/ansible/pull/84325).
 - vault - improved vault filter documentation by adding missing example content for dump_template_data.j2, refining examples for clarity, and ensuring variable consistency (https://github.com/ansible/ansible/issues/83583).
 - warnings - All warnings (including deprecation warnings) issued during a task's execution are now accessible via the ``warnings`` and ``deprecations`` keys on the task result.
 - when the ``dict`` lookup is given a non-dict argument, show the value of the argument and its type in the error message.
 - windows - add hard minimum limit for PowerShell to 5.1. Ansible dropped support for older versions of PowerShell in the 2.16 release but this reqirement is now enforced at runtime.
 - windows - refactor windows exec runner to improve efficiency and add better error reporting on failures.
 - winrm - Remove need for pexpect on macOS hosts when using ``kinit`` to retrieve the Kerberos TGT. By default the code will now only use the builtin ``subprocess`` library which should handle issues with select and a high fd count and also simplify the code.
 Breaking Changes / Porting Guide
 --------------------------------
 - Support for the ``toml`` library has been removed from TOML inventory parsing and dumping. Use ``tomli`` for parsing on Python 3.10. Python 3.11 and later have built-in support for parsing. Use ``tomli-w`` to support outputting inventory in TOML format.
 - assert - The ``quiet`` argument must be a commonly-accepted boolean value. Previously, unrecognized values were silently treated as False.
 - callback plugins - The structure of the ``exception``, ``warnings`` and ``deprecations`` values visible to callbacks has changed. Callbacks that inspect or serialize these values may require special handling.
 - conditionals - Conditional expressions that result in non-boolean values are now an error by default. Such results often indicate unintentional use of templates where they are not supported, resulting in a conditional that is always true. When this option is enabled, conditional expressions which are a literal ``None`` or empty string will evaluate as true, for backwards compatibility. The error can be temporarily changed to a deprecation warning by enabling the ``ALLOW_BROKEN_CONDITIONALS`` config option.
 - first_found lookup - When specifying ``files`` or ``paths`` as a templated list containing undefined values, the undefined list elements will be discarded with a warning. Previously, the entire list would be discarded without any warning.
 - internals - The ``AnsibleLoader`` and ``AnsibleDumper`` classes for working with YAML are now factory functions and cannot be extended.
 - internals - The ``ansible.utils.native_jinja`` Python module has been removed.
 - inventory - Invalid variable names provided by inventories result in an inventory parse failure. This behavior is now consistent with other variable name usages throughout Ansible.
 - lookup plugins - Lookup plugins called as `with_(lookup)` will no longer have the `_subdir` attribute set.
 - lookup plugins - ``terms`` will always be passed to ``run`` as the first positional arg, where previously it was sometimes passed as a keyword arg when using ``with_`` syntax.
 - loops - Omit placeholders no longer leak between loop item templating and task templating. Previously, ``omit`` placeholders could remain embedded in loop items after templating and be used as an ``omit`` for task templating. Now, values resolving to ``omit`` are dropped immediately when loop items are templated. To turn missing values into an ``omit`` for task templating, use ``| default(omit)``. This solution is backwards compatible with previous versions of ansible-core.
 - modules - Ansible modules using ``sys.excepthook`` must use a standard ``try/except`` instead.
 - plugins - Any plugin that sources or creates templates must properly tag them as trusted.
 - plugins - Custom Jinja plugins that accept undefined top-level arguments must opt in to receiving them.
 - plugins - Custom Jinja plugins that use ``environment.getitem`` to retrieve undefined values will now trigger a ``MarkerError`` exception. This exception must be handled to allow the plugin to return a ``Marker``, or the plugin must opt-in to accepting ``Marker`` values.
 - public API - The ``ansible.vars.fact_cache.FactCache`` wrapper has been removed.
 - serialization of ``omit`` sentinel - Serialization of variables containing ``omit`` sentinels (e.g., by the ``to_json`` and ``to_yaml`` filters or ``ansible-inventory``) will fail if the variable has not completed templating. Previously, serialization succeeded with placeholder strings emitted in the serialized output.
 - set_fact - The string values "yes", "no", "true" and "false" were previously converted (ignoring case) to boolean values when not using Jinja2 native mode. Since Jinja2 native mode is always used, this conversion no longer occurs. When boolean values are required, native boolean syntax should be used where variables are defined, such as in YAML. When native boolean syntax is not an option, the ``bool`` filter can be used to parse string values into booleans.
 - template lookup - The ``convert_data`` option is deprecated and no longer has any effect. Use the ``from_json`` filter on the lookup result instead.
 - templating - Access to ``_`` prefixed attributes and methods, and methods with known side effects, is no longer permitted. In cases where a matching mapping key is present, the associated value will be returned instead of an error. This increases template environment isolation and ensures more consistent behavior between the ``.`` and ``[]`` operators.
 - templating - Conditionals and lookups which use embedded inline templates in Jinja string constants now display a warning. These templates should be converted to their expression equivalent.
 - templating - Many Jinja plugins (filters, lookups, tests) and methods previously silently ignored undefined inputs, which often masked subtle errors. Passing an undefined argument to a Jinja plugin or method that does not declare undefined support now results in an undefined value.
 - templating - Templates are always rendered in Jinja2 native mode. As a result, non-string values are no longer automatically converted to strings.
 - templating - Templates resulting in ``None`` are no longer automatically converted to an empty string.
 - templating - Templates with embedded inline templates that were not contained within a Jinja string constant now result in an error, as support for multi-pass templating was removed for security reasons. In most cases, such templates can be easily rewritten to avoid the use of embedded inline templates.
 - templating - The ``allow_unsafe_lookups`` option no longer has any effect. Lookup plugins are responsible for tagging strings containing templates to allow evaluation as a template.
 - templating - The result of the ``range()`` global function cannot be returned from a template- it should always be passed to a filter (e.g., ``random``). Previously, range objects returned from an intermediate template were always converted to a list, which is inconsistent with inline consumption of range objects.
 - templating - ``#jinja2:`` overrides in templates with invalid override names or types are now templating errors.
 Deprecated Features
 -------------------
 - CLI - The ``--inventory-file`` option alias is deprecated. Use the ``-i`` or ``--inventory`` option instead.
 - Stategy Plugins - Use of strategy plugins not provided in ``ansible.builtin`` are deprecated and do not carry any backwards compatibility guarantees going forward. A future release will remove the ability to use external strategy plugins. No alternative for third party strategy plugins is currently planned.
 - ``ansible.module_utils.compat.datetime`` - The datetime compatibility shims are now deprecated. They are scheduled to be removed in ``ansible-core`` v2.21. This includes ``UTC``, ``utcfromtimestamp()`` and ``utcnow`` importable from said module (https://github.com/ansible/ansible/pull/81874).
 - bool filter - Support for coercing unrecognized input values (including None) has been deprecated. Consult the filter documentation for acceptable values, or consider use of the ``truthy`` and ``falsy`` tests.
 - cache plugins - The `ansible.plugins.cache.base` Python module is deprecated. Use `ansible.plugins.cache` instead.
 - callback plugins - The `v2_on_any` callback method is deprecated. Use specific callback methods instead.
 - callback plugins - The v1 callback API (callback methods not prefixed with `v2_`) is deprecated. Use `v2_` prefixed methods instead.
 - conditionals - Conditionals using Jinja templating delimiters (e.g., ``{{``, ``{%``) should be rewritten as expressions without delimiters, unless the entire conditional value is a single template that resolves to a trusted string expression. This is useful for dynamic indirection of conditional expressions, but is limited to trusted literal string expressions.
 - config - The ``ACTION_WARNINGS`` config has no effect. It previously disabled command warnings, which have since been removed.
 - config - The ``DEFAULT_JINJA2_NATIVE`` option has no effect. Jinja2 native mode is now the default and only option.
 - config - The ``DEFAULT_NULL_REPRESENTATION`` option has no effect. Null values are no longer automatically converted to another value during templating of single variable references.
 - display - The ``Display.get_deprecation_message`` method has been deprecated. Call ``Display.deprecated`` to display a deprecation message, or call it with ``removed=True`` to raise an ``AnsibleError``.
 - file loading - Loading text files with ``DataLoader`` containing data that cannot be decoded under the expected encoding is deprecated. In most cases the encoding must be UTF-8, although some plugins allow choosing a different encoding. Previously, invalid data was silently wrapped in Unicode surrogate escape sequences, often resulting in later errors or other data corruption.
 - first_found lookup - Splitting of file paths on ``,;:`` is deprecated. Pass a list of paths instead. The ``split`` method on strings can be used to split variables into a list as needed.
 - interpreter discovery - The ``auto_legacy`` and ``auto_legacy_silent`` options for ``INTERPRETER_PYTHON`` are deprecated. Use ``auto`` or ``auto_silent`` options instead, as they have the same effect.
 - oneline callback - The ``oneline`` callback and its associated ad-hoc CLI args (``-o``, ``--one-line``) are deprecated.
 - paramiko - The paramiko connection plugin has been deprecated with planned removal in 2.21.
 - playbook variables - The ``play_hosts`` variable has been deprecated, use ``ansible_play_batch`` instead.
 - plugin error handling - The ``AnsibleError`` constructor arg ``suppress_extended_error`` is deprecated. Using ``suppress_extended_error=True`` has the same effect as ``show_content=False``.
 - plugins - The ``listify_lookup_plugin_terms`` function is obsolete and in most cases no longer needed.
 - template lookup - The jinja2_native option is no longer used in the Ansible Core code base. Jinja2 native mode is now the default and only option.
 - templating - Support for enabling Jinja2 extensions (not plugins) has been deprecated.
 - templating - The ``ansible_managed`` variable available for certain templating scenarios, such as the ``template`` action and ``template`` lookup has been deprecated. Define and use a custom variable instead of relying on ``ansible_managed``.
 - templating - The ``disable_lookups`` option has no effect, since plugins must be updated to apply trust before any templating can be performed.
 - to_yaml/to_nice_yaml filters - Implicit YAML dumping of vaulted value ciphertext is deprecated. Set `dump_vault_tags` to explicitly specify the desired behavior.
 - tree callback - The ``tree`` callback and its associated ad-hoc CLI args (``-t``, ``--tree``) are deprecated.
 Removed Features (previously deprecated)
 ----------------------------------------
 - Remove deprecated plural form of collection path (https://github.com/ansible/ansible/pull/84156).
 - Removed deprecated STRING_CONVERSION_ACTION (https://github.com/ansible/ansible/issues/84220).
 - encrypt - passing unsupported passlib hashtype now raises AnsibleFilterError.
 - manager - remove deprecated include_delegate_to parameter from get_vars API.
 - modules - Modules returning non-UTF8 strings now result in an error. The ``MODULE_STRICT_UTF8_RESPONSE`` setting can be used to disable this check.
 - removed deprecated pycompat24 and compat.importlib.
 - selector - remove deprecated compat.selector related files (https://github.com/ansible/ansible/pull/84155).
 - windows - removed common module functions ``ConvertFrom-AnsibleJson``, ``Format-AnsibleException`` from Windows modules as they are not used and add uneeded complexity to the code.
 Security Fixes
 --------------
 - include_vars action - Ensure that result masking is correctly requested when vault-encrypted files are read. (CVE-2024-8775)
 - task result processing - Ensure that action-sourced result masking (``_ansible_no_log=True``) is preserved. (CVE-2024-8775)
 - templating - Ansible's template engine no longer processes Jinja templates in strings unless they are marked as coming from a trusted source. Untrusted strings containing Jinja template markers are ignored with a warning. Examples of trusted sources include playbooks, vars files, and many inventory sources. Examples of untrusted sources include module results and facts. Plugins which have not been updated to preserve trust while manipulating strings may inadvertently cause them to lose their trusted status.
 - templating - Changes to conditional expression handling removed numerous instances of insecure multi-pass templating (which could result in execution of untrusted template expressions).
 - user action won't allow ssh-keygen, chown and chmod to run on existing ssh public key file, avoiding traversal on existing symlinks (CVE-2024-9902).
 Bugfixes
 --------
 - Ansible will now also warn when reserved keywords are set via a module (set_fact, include_vars, etc).
 - Ansible.Basic - Fix ``required_if`` check when the option value to check is unset or set to null.
 - Correctly return ``False`` when using the ``filter`` and ``test`` Jinja tests on plugin names which are not filters or tests, respectively. (resolves issue https://github.com/ansible/ansible/issues/82084)
 - Do not run implicit ``flush_handlers`` meta tasks when the whole play is excluded from the run due to tags specified.
 - Errors now preserve stacked error messages even when YAML is involved.
 - Fix a display.debug statement with the wrong param in _get_diff_data() method
 - Fix disabling SSL verification when installing collections and roles from git repositories. If ``--ignore-certs`` isn't provided, the value for the ``GALAXY_IGNORE_CERTS`` configuration option will be used (https://github.com/ansible/ansible/issues/83326).
 - Fix ipv6 pattern bug in lib/ansible/parsing/utils/addresses.py (https://github.com/ansible/ansible/issues/84237)
 - Fix returning 'unreachable' for the overall task result. This prevents false positives when a looped task has unignored unreachable items (https://github.com/ansible/ansible/issues/84019).
 - Implicit ``meta: flush_handlers`` tasks now have a parent block to prevent potential tracebacks when calling methods like ``get_play()`` on them internally.
 - Improve performance on large inventories by reducing the number of implicit meta tasks.
 - Jinja plugins - Errors raised will always be derived from ``AnsibleTemplatePluginError``.
 - Optimize the way tasks from within ``include_tasks``/``include_role`` are inserted into the play.
 - Time out waiting on become is an unreachable error (https://github.com/ansible/ansible/issues/84468)
 - Use consistent multiprocessing context for action write locks
 - Use the requested error message in the ansible.module_utils.facts.timeout timeout function instead of hardcoding one.
 - Windows - add support for running on system where WDAC is in audit mode with ``Dynamic Code Security`` enabled.
 - YAML parsing - The `!unsafe` tag no longer coerces non-string scalars to strings.
 - ``ansible-galaxy`` — the collection dependency resolver now treats version specifiers starting with ``!=`` as unpinned.
 - ``package``/``dnf`` action plugins - provide the reason behind the failure to gather the ``ansible_pkg_mgr`` fact to identify the package backend
 - action plugins - Action plugins that raise unhandled exceptions no longer terminate playbook loops. Previously, exceptions raised by an action plugin caused abnormal loop termination and loss of loop iteration results.
 - ansible-config - format galaxy server configs while dumping in JSON format (https://github.com/ansible/ansible/issues/84840).
 - ansible-doc - If none of the files in files exists, path will be undefined and a direct reference will throw an UnboundLocalError (https://github.com/ansible/ansible/pull/84464).
 - ansible-galaxy - Small adjustments to URL building for ``download_url`` and relative redirects.
 - ansible-pull change detection will now work independently of callback or result format settings.
 - ansible-test - Enable the ``sys.unraisablehook`` work-around for the ``pylint`` sanity test on Python 3.11. Previously the work-around was only enabled for Python 3.12 and later. However, the same issue has been discovered on Python 3.11.
 - ansible-test - Ensure CA certificates are installed on managed FreeBSD instances.
 - ansible-test - Fix support for PowerShell module_util imports with the ``-Optional`` flag.
 - ansible-test - Fix support for detecting PowerShell modules importing module utils with the newer ``#AnsibleRequires`` format.
 - ansible-test - Fix traceback that occurs after an interactive command fails.
 - ansible-test - Fix up coverage reporting to properly translate the temporary path of integration test modules to the expected static test module path.
 - ansible-test - Fixed traceback when handling certain YAML errors in the ``yamllint`` sanity test.
 - ansible-test - Managed macOS instances now use the ``sudo_chdir`` option for the ``sudo`` become plugin to avoid permission errors when dropping privileges.
 - ansible-vault will now correctly handle `--prompt`, previously it would issue an error about stdin if no 2nd argument was passed
 - ansible_uptime_second - added ansible_uptime_seconds fact support for AIX (https://github.com/ansible/ansible/pull/84321).
 - apt_key module - prevent tests from running when apt-key was removed
 - base.yml - deprecated libvirt_lxc_noseclabel config.
 - build - Pin ``wheel`` in ``pyproject.toml`` to ensure compatibility with supported ``setuptools`` versions.
 - config - various fixes to config lookup plugin (https://github.com/ansible/ansible/pull/84398).
 - copy - refactor copy module for simplicity.
 - copy action now prevents user from setting internal options.
 - debconf - set empty password values (https://github.com/ansible/ansible/issues/83214).
 - debug - hide loop vars in debug var display (https://github.com/ansible/ansible/issues/65856).
 - default callback - Error context is now shown for failing tasks that use the ``debug`` action.
 - display - The ``Display.deprecated`` method once again properly handles the ``removed=True`` argument (https://github.com/ansible/ansible/issues/82358).
 - distro - add support for Linux Mint Debian Edition (LMDE) (https://github.com/ansible/ansible/issues/84934).
 - distro - detect Debian as os_family for LMDE 6 (https://github.com/ansible/ansible/issues/84934).
 - dnf5 - Handle forwarded exceptions from dnf5-5.2.13 where a generic ``RuntimeError`` was previously raised
 - dnf5 - fix ``is_installed`` check for packages that are not installed but listed as provided by an installed package (https://github.com/ansible/ansible/issues/84578)
 - dnf5 - fix installing a package using ``state=latest`` when a binary of the same name as the package is already installed (https://github.com/ansible/ansible/issues/84259)
 - dnf5 - fix traceback when ``enable_plugins``/``disable_plugins`` is used on ``python3-libdnf5`` versions that do not support this functionality
 - dnf5 - libdnf5 - use ``conf.pkg_gpgcheck`` instead of deprecated ``conf.gpgcheck`` which is used only as a fallback
 - dnf5 - matching on a binary can be achieved only by specifying a full path (https://github.com/ansible/ansible/issues/84334)
 - facts - gather pagesize and calculate respective values depending upon architecture (https://github.com/ansible/ansible/issues/84773).
 - facts - skip if distribution file path is directory, instead of raising error (https://github.com/ansible/ansible/issues/84006).
 - find - skip ENOENT error code while recursively enumerating files. find module will now be tolerant to race conditions that remove files or directories from the target it is currently inspecting. (https://github.com/ansible/ansible/issues/84873).
 - first_found lookup - Corrected return value documentation to reflect None (not empty string) for no files found.
 - gather_facts action now defaults to `ansible.legacy.setup` if `smart` was set, no network OS was found and no other alias for `setup` was present.
 - gather_facts action will now issues errors and warnings as appropriate if a network OS is detected but no facts modules are defined for it.
 - gather_facts action, will now add setup when 'smart' appears with other modules in the FACTS_MODULES setting (#84750).
 - get_url - add support for BSD-style checksum digest file (https://github.com/ansible/ansible/issues/84476).
 - get_url - fix honoring ``filename`` from the ``content-disposition`` header even when the type is ``inline`` (https://github.com/ansible/ansible/issues/83690)
 - host_group_vars - fixed defining the 'key' variable if the get_vars method is called with cache=False (https://github.com/ansible/ansible/issues/84384)
 - include_vars - fix including previously undefined hash variables with hash_behaviour merge (https://github.com/ansible/ansible/issues/84295).
 - iptables - Allows the wait paramater to be used with iptables chain creation (https://github.com/ansible/ansible/issues/84490)
 - linear strategy - fix executing ``end_role`` meta tasks for each host, instead of handling these as implicit run_once tasks (https://github.com/ansible/ansible/issues/84660).
 - local connection plugin - Become timeout errors now include all received data. Previously, the most recently-received data was discarded.
 - local connection plugin - Ensure ``become`` success validation always occurs, even when an active plugin does not set ``prompt``.
 - local connection plugin - Fixed cases where the internal ``BECOME-SUCCESS`` message appeared in task output.
 - local connection plugin - Fixed hang or spurious failure when data arrived concurrently on stdout and stderr during a successful ``become`` operation validation.
 - local connection plugin - Fixed hang when a become plugin expects a prompt but a password was not provided.
 - local connection plugin - Fixed hang when an active become plugin incorrectly signals lack of prompt.
 - local connection plugin - Fixed hang when an internal become read timeout expired before the password prompt was written.
 - local connection plugin - Fixed hang when only one of stdout or stderr was closed by the ``become_exe`` subprocess.
 - local connection plugin - Fixed long timeout/hang for ``become`` plugins that repeat their prompt on failure (e.g., ``sudo``, some ``su`` implementations).
 - local connection plugin - Fixed silent ignore of ``become`` failures and loss of task output when data arrived concurrently on stdout and stderr during ``become`` operation validation.
 - local connection plugin - Fixed task output header truncation when post-become data arrived before ``become`` operation validation had completed.
 - lookup plugins - The ``terms`` arg to the ``run`` method is now always a list. Previously, there were cases where a non-list could be received.
 - module arg templating - When using a templated raw task arg and a templated ``args`` keyword, args are now merged. Previously use of templated raw task args silently ignored all values from the templated ``args`` keyword.
 - module defaults - Module defaults are no longer templated unless they are used by a task that does not override them. Previously, all module defaults for all modules were templated for every task.
 - module respawn - limit to supported Python versions
 - omitting task args - Use of omit for task args now properly falls back to args of lower precedence, such as module defaults. Previously an omitted value would obliterate values of lower precedence.
 - package_facts module when using 'auto' will return the first package manager found that provides an output, instead of just the first one, as this can be foreign and not have any packages.
 - psrp - Improve stderr parsing when running raw commands that emit error records or stderr lines.
 - regex_search filter - Corrected return value documentation to reflect None (not empty string) for no match.
 - respawn - use copy of env variables to update existing PYTHONPATH value (https://github.com/ansible/ansible/issues/84954).
 - runas become - Fix up become logic to still get the SYSTEM token with the most privileges when running as SYSTEM.
 - sequence lookup - sequence query/lookups without positional arguments now return a valid list if their kwargs comprise a valid sequence expression (https://github.com/ansible/ansible/issues/82921).
 - service_facts - skip lines which does not contain service names in openrc output (https://github.com/ansible/ansible/issues/84512).
 - ssh - Improve the logic for parsing CLIXML data in stderr when working with Windows host. This fixes issues when the raw stderr contains invalid UTF-8 byte sequences and improves embedded CLIXML sequences.
 - ssh - Raise exception when sshpass returns error code (https://github.com/ansible/ansible/issues/58133).
 - ssh - connection options were incorrectly templated during ``reset_connection`` tasks (https://github.com/ansible/ansible/pull/84238).
 - stability - Fixed silent process failure on unhandled IOError/OSError under ``linear`` strategy.
 - su become plugin - Ensure generated regex from ``prompt_l10n`` config values is properly escaped.
 - su become plugin - Ensure that password prompts are correctly detected in the presence of leading output. Previously, this case resulted in a timeout or hang.
 - su become plugin - Ensure that trailing colon is expected on all ``prompt_l10n`` config values.
 - sudo become plugin - The `sudo_chdir` config option allows the current directory to be set to the specified value before executing sudo to avoid permission errors when dropping privileges.
 - sunos - remove hard coding of virtinfo command in facts gathering code (https://github.com/ansible/ansible/pull/84357).
 - to_yaml/to_nice_yaml filters - Eliminated possibility of keyword arg collisions with internally-set defaults.
 - unarchive - Clamp timestamps from beyond y2038 to representible values when unpacking zip files on platforms that use 32-bit time_t (e.g. Debian i386).
 - uri - Form location correctly when the server returns a relative redirect (https://github.com/ansible/ansible/issues/84540)
 - uri - Handle HTTP exceptions raised while reading the content (https://github.com/ansible/ansible/issues/83794).
 - uri - mark ``url`` as required (https://github.com/ansible/ansible/pull/83642).
 - user - Create Buildroot subclass as alias to Busybox (https://github.com/ansible/ansible/issues/83665).
 - user - Set timeout for passphrase interaction.
 - user - Update prompt for SSH key passphrase (https://github.com/ansible/ansible/issues/84484).
 - user - Use higher precedence HOME_MODE as UMASK for path provided (https://github.com/ansible/ansible/pull/84482).
 - user action will now require O(force) to overwrite the public part of an ssh key when generating ssh keys, as was already the case for the private part.
 - user module now avoids changing ownership of files symlinked in provided home dir skeleton
 - vars lookup - The ``default`` substitution only applies when trying to look up a variable which is not defined. If the variable is defined, but templates to an undefined value, the ``default`` substitution will not apply. Use the ``default`` filter to coerce those values instead.
 - wait_for_connection - a warning was displayed if any hosts used a local connection (https://github.com/ansible/ansible/issues/84419)
 Known Issues
 ------------
 - templating - Any string value starting with ``#jinja2:`` which is templated will always be interpreted as Jinja2 configuration overrides. To include this literal value at the start of a string, a space or other character must precede it.
 - variables - Tagged values cannot be used for dictionary keys in many circumstances.
 - variables - The values ``None``, ``True`` and ``False`` cannot be tagged because they are singletons. Attempts to apply tags to these values will be silently ignored.
--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
@ -1,2 +1,810 @@
-ancestor: 2.20.0
+ancestor: 2.18.0
-releases: {}
+releases:
  2.19.0b1:
    changes:
      breaking_changes:
      - Support for the ``toml`` library has been removed from TOML inventory parsing
        and dumping. Use ``tomli`` for parsing on Python 3.10. Python 3.11 and later
        have built-in support for parsing. Use ``tomli-w`` to support outputting inventory
        in TOML format.
      - assert - The ``quiet`` argument must be a commonly-accepted boolean value.
        Previously, unrecognized values were silently treated as False.
      - callback plugins - The structure of the ``exception``, ``warnings`` and ``deprecations``
        values visible to callbacks has changed. Callbacks that inspect or serialize
        these values may require special handling.
      - conditionals - Conditional expressions that result in non-boolean values are
        now an error by default. Such results often indicate unintentional use of
        templates where they are not supported, resulting in a conditional that is
        always true. When this option is enabled, conditional expressions which are
        a literal ``None`` or empty string will evaluate as true, for backwards compatibility.
        The error can be temporarily changed to a deprecation warning by enabling
        the ``ALLOW_BROKEN_CONDITIONALS`` config option.
      - first_found lookup - When specifying ``files`` or ``paths`` as a templated
        list containing undefined values, the undefined list elements will be discarded
        with a warning. Previously, the entire list would be discarded without any
        warning.
      - internals - The ``AnsibleLoader`` and ``AnsibleDumper`` classes for working
        with YAML are now factory functions and cannot be extended.
      - internals - The ``ansible.utils.native_jinja`` Python module has been removed.
      - inventory - Invalid variable names provided by inventories result in an inventory
        parse failure. This behavior is now consistent with other variable name usages
        throughout Ansible.
      - lookup plugins - Lookup plugins called as `with_(lookup)` will no longer have
        the `_subdir` attribute set.
      - lookup plugins - ``terms`` will always be passed to ``run`` as the first positional
        arg, where previously it was sometimes passed as a keyword arg when using
        ``with_`` syntax.
      - loops - Omit placeholders no longer leak between loop item templating and
        task templating. Previously, ``omit`` placeholders could remain embedded in
        loop items after templating and be used as an ``omit`` for task templating.
        Now, values resolving to ``omit`` are dropped immediately when loop items
        are templated. To turn missing values into an ``omit`` for task templating,
        use ``| default(omit)``. This solution is backwards compatible with previous
        versions of ansible-core.
      - modules - Ansible modules using ``sys.excepthook`` must use a standard ``try/except``
        instead.
      - plugins - Any plugin that sources or creates templates must properly tag them
        as trusted.
      - plugins - Custom Jinja plugins that accept undefined top-level arguments must
        opt in to receiving them.
      - plugins - Custom Jinja plugins that use ``environment.getitem`` to retrieve
        undefined values will now trigger a ``MarkerError`` exception. This exception
        must be handled to allow the plugin to return a ``Marker``, or the plugin
        must opt-in to accepting ``Marker`` values.
      - public API - The ``ansible.vars.fact_cache.FactCache`` wrapper has been removed.
      - serialization of ``omit`` sentinel - Serialization of variables containing
        ``omit`` sentinels (e.g., by the ``to_json`` and ``to_yaml`` filters or ``ansible-inventory``)
        will fail if the variable has not completed templating. Previously, serialization
        succeeded with placeholder strings emitted in the serialized output.
      - set_fact - The string values "yes", "no", "true" and "false" were previously
        converted (ignoring case) to boolean values when not using Jinja2 native mode.
        Since Jinja2 native mode is always used, this conversion no longer occurs.
        When boolean values are required, native boolean syntax should be used where
        variables are defined, such as in YAML. When native boolean syntax is not
        an option, the ``bool`` filter can be used to parse string values into booleans.
      - template lookup - The ``convert_data`` option is deprecated and no longer
        has any effect. Use the ``from_json`` filter on the lookup result instead.
      - templating - Access to ``_`` prefixed attributes and methods, and methods
        with known side effects, is no longer permitted. In cases where a matching
        mapping key is present, the associated value will be returned instead of an
        error. This increases template environment isolation and ensures more consistent
        behavior between the ``.`` and ``[]`` operators.
      - templating - Conditionals and lookups which use embedded inline templates
        in Jinja string constants now display a warning. These templates should be
        converted to their expression equivalent.
      - templating - Many Jinja plugins (filters, lookups, tests) and methods previously
        silently ignored undefined inputs, which often masked subtle errors. Passing
        an undefined argument to a Jinja plugin or method that does not declare undefined
        support now results in an undefined value.
      - templating - Templates are always rendered in Jinja2 native mode. As a result,
        non-string values are no longer automatically converted to strings.
      - templating - Templates resulting in ``None`` are no longer automatically converted
        to an empty string.
      - templating - Templates with embedded inline templates that were not contained
        within a Jinja string constant now result in an error, as support for multi-pass
        templating was removed for security reasons. In most cases, such templates
        can be easily rewritten to avoid the use of embedded inline templates.
      - templating - The ``allow_unsafe_lookups`` option no longer has any effect.
        Lookup plugins are responsible for tagging strings containing templates to
        allow evaluation as a template.
      - templating - The result of the ``range()`` global function cannot be returned
        from a template- it should always be passed to a filter (e.g., ``random``).
        Previously, range objects returned from an intermediate template were always
        converted to a list, which is inconsistent with inline consumption of range
        objects.
      - templating - ``#jinja2:`` overrides in templates with invalid override names
        or types are now templating errors.
      bugfixes:
      - Ansible will now also warn when reserved keywords are set via a module (set_fact,
        include_vars, etc).
      - Ansible.Basic - Fix ``required_if`` check when the option value to check is
        unset or set to null.
      - Correctly return ``False`` when using the ``filter`` and ``test`` Jinja tests
        on plugin names which are not filters or tests, respectively. (resolves issue
        https://github.com/ansible/ansible/issues/82084)
      - Do not run implicit ``flush_handlers`` meta tasks when the whole play is excluded
        from the run due to tags specified.
      - Errors now preserve stacked error messages even when YAML is involved.
      - Fix a display.debug statement with the wrong param in _get_diff_data() method
      - Fix disabling SSL verification when installing collections and roles from
        git repositories. If ``--ignore-certs`` isn't provided, the value for the
        ``GALAXY_IGNORE_CERTS`` configuration option will be used (https://github.com/ansible/ansible/issues/83326).
      - Fix ipv6 pattern bug in lib/ansible/parsing/utils/addresses.py (https://github.com/ansible/ansible/issues/84237)
      - Fix returning 'unreachable' for the overall task result. This prevents false
        positives when a looped task has unignored unreachable items (https://github.com/ansible/ansible/issues/84019).
      - 'Implicit ``meta: flush_handlers`` tasks now have a parent block to prevent
        potential tracebacks when calling methods like ``get_play()`` on them internally.'
      - Improve performance on large inventories by reducing the number of implicit
        meta tasks.
      - Jinja plugins - Errors raised will always be derived from ``AnsibleTemplatePluginError``.
      - Optimize the way tasks from within ``include_tasks``/``include_role`` are
        inserted into the play.
      - Time out waiting on become is an unreachable error (https://github.com/ansible/ansible/issues/84468)
      - Use consistent multiprocessing context for action write locks
      - Use the requested error message in the ansible.module_utils.facts.timeout
        timeout function instead of hardcoding one.
      - Windows - add support for running on system where WDAC is in audit mode with
        ``Dynamic Code Security`` enabled.
      - YAML parsing - The `!unsafe` tag no longer coerces non-string scalars to strings.
      - "``ansible-galaxy`` \u2014 the collection dependency resolver now treats version
        specifiers starting with ``!=`` as unpinned."
      - '``package``/``dnf`` action plugins - provide the reason behind the failure
        to gather the ``ansible_pkg_mgr`` fact to identify the package backend'
      - action plugins - Action plugins that raise unhandled exceptions no longer
        terminate playbook loops. Previously, exceptions raised by an action plugin
        caused abnormal loop termination and loss of loop iteration results.
      - ansible-config - format galaxy server configs while dumping in JSON format
        (https://github.com/ansible/ansible/issues/84840).
      - ansible-doc - If none of the files in files exists, path will be undefined
        and a direct reference will throw an UnboundLocalError (https://github.com/ansible/ansible/pull/84464).
      - ansible-galaxy - Small adjustments to URL building for ``download_url`` and
        relative redirects.
      - ansible-pull change detection will now work independently of callback or result
        format settings.
      - ansible-test - Enable the ``sys.unraisablehook`` work-around for the ``pylint``
        sanity test on Python 3.11. Previously the work-around was only enabled for
        Python 3.12 and later. However, the same issue has been discovered on Python
        3.11.
      - ansible-test - Ensure CA certificates are installed on managed FreeBSD instances.
      - ansible-test - Fix support for PowerShell module_util imports with the ``-Optional``
        flag.
      - ansible-test - Fix support for detecting PowerShell modules importing module
        utils with the newer ``#AnsibleRequires`` format.
      - ansible-test - Fix traceback that occurs after an interactive command fails.
      - ansible-test - Fix up coverage reporting to properly translate the temporary
        path of integration test modules to the expected static test module path.
      - ansible-test - Fixed traceback when handling certain YAML errors in the ``yamllint``
        sanity test.
      - ansible-test - Managed macOS instances now use the ``sudo_chdir`` option for
        the ``sudo`` become plugin to avoid permission errors when dropping privileges.
      - ansible-vault will now correctly handle `--prompt`, previously it would issue
        an error about stdin if no 2nd argument was passed
      - ansible_uptime_second - added ansible_uptime_seconds fact support for AIX
        (https://github.com/ansible/ansible/pull/84321).
      - apt_key module - prevent tests from running when apt-key was removed
      - base.yml - deprecated libvirt_lxc_noseclabel config.
      - build - Pin ``wheel`` in ``pyproject.toml`` to ensure compatibility with supported
        ``setuptools`` versions.
      - config - various fixes to config lookup plugin (https://github.com/ansible/ansible/pull/84398).
      - copy - refactor copy module for simplicity.
      - copy action now prevents user from setting internal options.
      - debconf - set empty password values (https://github.com/ansible/ansible/issues/83214).
      - debug - hide loop vars in debug var display (https://github.com/ansible/ansible/issues/65856).
      - default callback - Error context is now shown for failing tasks that use the
        ``debug`` action.
      - display - The ``Display.deprecated`` method once again properly handles the
        ``removed=True`` argument (https://github.com/ansible/ansible/issues/82358).
      - distro - add support for Linux Mint Debian Edition (LMDE) (https://github.com/ansible/ansible/issues/84934).
      - distro - detect Debian as os_family for LMDE 6 (https://github.com/ansible/ansible/issues/84934).
      - dnf5 - Handle forwarded exceptions from dnf5-5.2.13 where a generic ``RuntimeError``
        was previously raised
      - dnf5 - fix ``is_installed`` check for packages that are not installed but
        listed as provided by an installed package (https://github.com/ansible/ansible/issues/84578)
      - dnf5 - fix installing a package using ``state=latest`` when a binary of the
        same name as the package is already installed (https://github.com/ansible/ansible/issues/84259)
      - dnf5 - fix traceback when ``enable_plugins``/``disable_plugins`` is used on
        ``python3-libdnf5`` versions that do not support this functionality
      - dnf5 - libdnf5 - use ``conf.pkg_gpgcheck`` instead of deprecated ``conf.gpgcheck``
        which is used only as a fallback
      - dnf5 - matching on a binary can be achieved only by specifying a full path
        (https://github.com/ansible/ansible/issues/84334)
      - facts - gather pagesize and calculate respective values depending upon architecture
        (https://github.com/ansible/ansible/issues/84773).
      - facts - skip if distribution file path is directory, instead of raising error
        (https://github.com/ansible/ansible/issues/84006).
      - find - skip ENOENT error code while recursively enumerating files. find module
        will now be tolerant to race conditions that remove files or directories from
        the target it is currently inspecting. (https://github.com/ansible/ansible/issues/84873).
      - first_found lookup - Corrected return value documentation to reflect None
        (not empty string) for no files found.
      - gather_facts action now defaults to `ansible.legacy.setup` if `smart` was
        set, no network OS was found and no other alias for `setup` was present.
      - gather_facts action will now issues errors and warnings as appropriate if
        a network OS is detected but no facts modules are defined for it.
      - gather_facts action, will now add setup when 'smart' appears with other modules
        in the FACTS_MODULES setting (#84750).
      - get_url - add support for BSD-style checksum digest file (https://github.com/ansible/ansible/issues/84476).
      - get_url - fix honoring ``filename`` from the ``content-disposition`` header
        even when the type is ``inline`` (https://github.com/ansible/ansible/issues/83690)
      - host_group_vars - fixed defining the 'key' variable if the get_vars method
        is called with cache=False (https://github.com/ansible/ansible/issues/84384)
      - include_vars - fix including previously undefined hash variables with hash_behaviour
        merge (https://github.com/ansible/ansible/issues/84295).
      - iptables - Allows the wait paramater to be used with iptables chain creation
        (https://github.com/ansible/ansible/issues/84490)
      - linear strategy - fix executing ``end_role`` meta tasks for each host, instead
        of handling these as implicit run_once tasks (https://github.com/ansible/ansible/issues/84660).
      - local connection plugin - Become timeout errors now include all received data.
        Previously, the most recently-received data was discarded.
      - local connection plugin - Ensure ``become`` success validation always occurs,
        even when an active plugin does not set ``prompt``.
      - local connection plugin - Fixed cases where the internal ``BECOME-SUCCESS``
        message appeared in task output.
      - local connection plugin - Fixed hang or spurious failure when data arrived
        concurrently on stdout and stderr during a successful ``become`` operation
        validation.
      - local connection plugin - Fixed hang when a become plugin expects a prompt
        but a password was not provided.
      - local connection plugin - Fixed hang when an active become plugin incorrectly
        signals lack of prompt.
      - local connection plugin - Fixed hang when an internal become read timeout
        expired before the password prompt was written.
      - local connection plugin - Fixed hang when only one of stdout or stderr was
        closed by the ``become_exe`` subprocess.
      - local connection plugin - Fixed long timeout/hang for ``become`` plugins that
        repeat their prompt on failure (e.g., ``sudo``, some ``su`` implementations).
      - local connection plugin - Fixed silent ignore of ``become`` failures and loss
        of task output when data arrived concurrently on stdout and stderr during
        ``become`` operation validation.
      - local connection plugin - Fixed task output header truncation when post-become
        data arrived before ``become`` operation validation had completed.
      - lookup plugins - The ``terms`` arg to the ``run`` method is now always a list.
        Previously, there were cases where a non-list could be received.
      - module arg templating - When using a templated raw task arg and a templated
        ``args`` keyword, args are now merged. Previously use of templated raw task
        args silently ignored all values from the templated ``args`` keyword.
      - module defaults - Module defaults are no longer templated unless they are
        used by a task that does not override them. Previously, all module defaults
        for all modules were templated for every task.
      - module respawn - limit to supported Python versions
      - omitting task args - Use of omit for task args now properly falls back to
        args of lower precedence, such as module defaults. Previously an omitted value
        would obliterate values of lower precedence.
      - package_facts module when using 'auto' will return the first package manager
        found that provides an output, instead of just the first one, as this can
        be foreign and not have any packages.
      - psrp - Improve stderr parsing when running raw commands that emit error records
        or stderr lines.
      - regex_search filter - Corrected return value documentation to reflect None
        (not empty string) for no match.
      - respawn - use copy of env variables to update existing PYTHONPATH value (https://github.com/ansible/ansible/issues/84954).
      - runas become - Fix up become logic to still get the SYSTEM token with the
        most privileges when running as SYSTEM.
      - sequence lookup - sequence query/lookups without positional arguments now
        return a valid list if their kwargs comprise a valid sequence expression (https://github.com/ansible/ansible/issues/82921).
      - service_facts - skip lines which does not contain service names in openrc
        output (https://github.com/ansible/ansible/issues/84512).
      - ssh - Improve the logic for parsing CLIXML data in stderr when working with
        Windows host. This fixes issues when the raw stderr contains invalid UTF-8
        byte sequences and improves embedded CLIXML sequences.
      - ssh - Raise exception when sshpass returns error code (https://github.com/ansible/ansible/issues/58133).
      - ssh - connection options were incorrectly templated during ``reset_connection``
        tasks (https://github.com/ansible/ansible/pull/84238).
      - stability - Fixed silent process failure on unhandled IOError/OSError under
        ``linear`` strategy.
      - su become plugin - Ensure generated regex from ``prompt_l10n`` config values
        is properly escaped.
      - su become plugin - Ensure that password prompts are correctly detected in
        the presence of leading output. Previously, this case resulted in a timeout
        or hang.
      - su become plugin - Ensure that trailing colon is expected on all ``prompt_l10n``
        config values.
      - sudo become plugin - The `sudo_chdir` config option allows the current directory
        to be set to the specified value before executing sudo to avoid permission
        errors when dropping privileges.
      - sunos - remove hard coding of virtinfo command in facts gathering code (https://github.com/ansible/ansible/pull/84357).
      - to_yaml/to_nice_yaml filters - Eliminated possibility of keyword arg collisions
        with internally-set defaults.
      - unarchive - Clamp timestamps from beyond y2038 to representible values when
        unpacking zip files on platforms that use 32-bit time_t (e.g. Debian i386).
      - uri - Form location correctly when the server returns a relative redirect
        (https://github.com/ansible/ansible/issues/84540)
      - uri - Handle HTTP exceptions raised while reading the content (https://github.com/ansible/ansible/issues/83794).
      - uri - mark ``url`` as required (https://github.com/ansible/ansible/pull/83642).
      - user - Create Buildroot subclass as alias to Busybox (https://github.com/ansible/ansible/issues/83665).
      - user - Set timeout for passphrase interaction.
      - user - Update prompt for SSH key passphrase (https://github.com/ansible/ansible/issues/84484).
      - user - Use higher precedence HOME_MODE as UMASK for path provided (https://github.com/ansible/ansible/pull/84482).
      - user action will now require O(force) to overwrite the public part of an ssh
        key when generating ssh keys, as was already the case for the private part.
      - user module now avoids changing ownership of files symlinked in provided home
        dir skeleton
      - vars lookup - The ``default`` substitution only applies when trying to look
        up a variable which is not defined. If the variable is defined, but templates
        to an undefined value, the ``default`` substitution will not apply. Use the
        ``default`` filter to coerce those values instead.
      - wait_for_connection - a warning was displayed if any hosts used a local connection
        (https://github.com/ansible/ansible/issues/84419)
      deprecated_features:
      - CLI - The ``--inventory-file`` option alias is deprecated. Use the ``-i``
        or ``--inventory`` option instead.
      - Stategy Plugins - Use of strategy plugins not provided in ``ansible.builtin``
        are deprecated and do not carry any backwards compatibility guarantees going
        forward. A future release will remove the ability to use external strategy
        plugins. No alternative for third party strategy plugins is currently planned.
      - '``ansible.module_utils.compat.datetime`` - The datetime compatibility shims
        are now deprecated. They are scheduled to be removed in ``ansible-core`` v2.21.
        This includes ``UTC``, ``utcfromtimestamp()`` and ``utcnow`` importable from
        said module (https://github.com/ansible/ansible/pull/81874).'
      - bool filter - Support for coercing unrecognized input values (including None)
        has been deprecated. Consult the filter documentation for acceptable values,
        or consider use of the ``truthy`` and ``falsy`` tests.
      - cache plugins - The `ansible.plugins.cache.base` Python module is deprecated.
        Use `ansible.plugins.cache` instead.
      - callback plugins - The `v2_on_any` callback method is deprecated. Use specific
        callback methods instead.
      - callback plugins - The v1 callback API (callback methods not prefixed with
        `v2_`) is deprecated. Use `v2_` prefixed methods instead.
      - conditionals - Conditionals using Jinja templating delimiters (e.g., ``{{``,
        ``{%``) should be rewritten as expressions without delimiters, unless the
        entire conditional value is a single template that resolves to a trusted string
        expression. This is useful for dynamic indirection of conditional expressions,
        but is limited to trusted literal string expressions.
      - config - The ``ACTION_WARNINGS`` config has no effect. It previously disabled
        command warnings, which have since been removed.
      - config - The ``DEFAULT_JINJA2_NATIVE`` option has no effect. Jinja2 native
        mode is now the default and only option.
      - config - The ``DEFAULT_NULL_REPRESENTATION`` option has no effect. Null values
        are no longer automatically converted to another value during templating of
        single variable references.
      - display - The ``Display.get_deprecation_message`` method has been deprecated.
        Call ``Display.deprecated`` to display a deprecation message, or call it with
        ``removed=True`` to raise an ``AnsibleError``.
      - file loading - Loading text files with ``DataLoader`` containing data that
        cannot be decoded under the expected encoding is deprecated. In most cases
        the encoding must be UTF-8, although some plugins allow choosing a different
        encoding. Previously, invalid data was silently wrapped in Unicode surrogate
        escape sequences, often resulting in later errors or other data corruption.
      - first_found lookup - Splitting of file paths on ``,;:`` is deprecated. Pass
        a list of paths instead. The ``split`` method on strings can be used to split
        variables into a list as needed.
      - interpreter discovery - The ``auto_legacy`` and ``auto_legacy_silent`` options
        for ``INTERPRETER_PYTHON`` are deprecated. Use ``auto`` or ``auto_silent``
        options instead, as they have the same effect.
      - oneline callback - The ``oneline`` callback and its associated ad-hoc CLI
        args (``-o``, ``--one-line``) are deprecated.
      - paramiko - The paramiko connection plugin has been deprecated with planned
        removal in 2.21.
      - playbook variables - The ``play_hosts`` variable has been deprecated, use
        ``ansible_play_batch`` instead.
      - plugin error handling - The ``AnsibleError`` constructor arg ``suppress_extended_error``
        is deprecated. Using ``suppress_extended_error=True`` has the same effect
        as ``show_content=False``.
      - plugins - The ``listify_lookup_plugin_terms`` function is obsolete and in
        most cases no longer needed.
      - template lookup - The jinja2_native option is no longer used in the Ansible
        Core code base. Jinja2 native mode is now the default and only option.
      - templating - Support for enabling Jinja2 extensions (not plugins) has been
        deprecated.
      - templating - The ``ansible_managed`` variable available for certain templating
        scenarios, such as the ``template`` action and ``template`` lookup has been
        deprecated. Define and use a custom variable instead of relying on ``ansible_managed``.
      - templating - The ``disable_lookups`` option has no effect, since plugins must
        be updated to apply trust before any templating can be performed.
      - to_yaml/to_nice_yaml filters - Implicit YAML dumping of vaulted value ciphertext
        is deprecated. Set `dump_vault_tags` to explicitly specify the desired behavior.
      - tree callback - The ``tree`` callback and its associated ad-hoc CLI args (``-t``,
        ``--tree``) are deprecated.
      known_issues:
      - templating - Any string value starting with ``#jinja2:`` which is templated
        will always be interpreted as Jinja2 configuration overrides. To include this
        literal value at the start of a string, a space or other character must precede
        it.
      - variables - Tagged values cannot be used for dictionary keys in many circumstances.
      - variables - The values ``None``, ``True`` and ``False`` cannot be tagged because
        they are singletons. Attempts to apply tags to these values will be silently
        ignored.
      major_changes:
      - Jinja plugins - Jinja builtin filter and test plugins are now accessible via
        their fully-qualified names ``ansible.builtin.{name}``.
      - Task Execution / Forks - Forks no longer inherit stdio from the parent ``ansible-playbook``
        process. ``stdout``, ``stderr``, and ``stdin`` within a worker are detached
        from the terminal, and non-functional. All needs to access stdio from a fork
        for controller side plugins requires use of ``Display``.
      - ansible-test - Packages beneath ``module_utils`` can now contain ``__init__.py``
        files.
      - variables - The type system underlying Ansible's variable storage has been
        significantly overhauled and formalized. Attempts to store unsupported Python
        object types in variables will now result in an error.
      - variables - To support new Ansible features, many variable objects are now
        represented by subclasses of their respective native Python types. In most
        cases, they behave indistinguishably from their original types, but some Python
        libraries do not handle builtin object subclasses properly. Custom plugins
        that interact with such libraries may require changes to convert and pass
        the native types.
      minor_changes:
      - Added a -vvvvv log message indicating when a host fails to produce output
        within the timeout period.
      - AnsibleModule.uri - Add option ``multipart_encoding`` for ``form-multipart``
        files in body to change default base64 encoding for files
      - INVENTORY_IGNORE_EXTS config, removed ``ini`` from the default list, inventory
        scripts using a corresponding .ini configuration are rare now and inventory.ini
        files are more common. Those that need to ignore the ini files for inventory
        scripts can still add it to configuration.
      - Jinja plugins - Plugins can declare support for undefined values.
      - Jinja2 version 3.1.0 or later is now required on the controller.
      - Move ``follow_redirects`` parameter to module_utils so external modules can
        reuse it.
      - PlayIterator - do not return tasks from already executed roles so specific
        strategy plugins do not have to do the filtering of such tasks themselves
      - SSH Escalation-related -vvv log messages now include the associated host information.
      - Windows - Add support for Windows Server 2025 to Ansible and as an ``ansible-test``
        remote target - https://github.com/ansible/ansible/issues/84229
      - Windows - refactor the async implementation to better handle errors during
        bootstrapping and avoid WMI when possible.
      - "``ansible-galaxy collection install`` \u2014 the collection dependency resolver
        now prints out conflicts it hits during dependency resolution when it's taking
        too long and it ends up backtracking a lot. It also displays suggestions on
        how to help it compute the result more quickly."
      - 'ansible, ansible-console, ansible-pull - add --flush-cache option (https://github.com/ansible/ansible/issues/83749).
        '
      - ansible-galaxy - Add support for Keycloak service accounts
      - ansible-galaxy - support ``resolvelib >= 0.5.3, < 2.0.0`` (https://github.com/ansible/ansible/issues/84217).
      - ansible-test - Added a macOS 15.3 remote VM, replacing 14.3.
      - ansible-test - Automatically retry HTTP GET/PUT/DELETE requests on exceptions.
      - ansible-test - Default to Python 3.13 in the ``base`` and ``default`` containers.
      - ansible-test - Disable the ``deprecated-`` prefixed ``pylint`` rules as their
        results vary by Python version.
      - ansible-test - Disable the ``pep8`` sanity test rules ``E701`` and ``E704``
        to improve compatibility with ``black``.
      - ansible-test - Improve container runtime probe error handling. When unexpected
        probe output is encountered, an error with more useful debugging information
        is provided.
      - ansible-test - Replace container Alpine 3.20 with 3.21.
      - ansible-test - Replace container Fedora 40 with 41.
      - ansible-test - Replace remote Alpine 3.20 with 3.21.
      - ansible-test - Replace remote Fedora 40 with 41.
      - ansible-test - Replace remote FreeBSD 13.3 with 13.5.
      - ansible-test - Replace remote FreeBSD 14.1 with 14.2.
      - ansible-test - Replace remote RHEL 9.4 with 9.5.
      - ansible-test - Show a more user-friendly error message when a ``runme.sh``
        script is not executable.
      - ansible-test - The ``yamllint`` sanity test now enforces string values for
        the ``!vault`` tag.
      - ansible-test - Update ``nios-test-container`` to version 7.0.0.
      - ansible-test - Update ``pylint`` sanity test to use version 3.3.1.
      - ansible-test - Update distro containers to remove unnecessary pakages (apache2,
        subversion, ruby).
      - ansible-test - Update sanity test requirements to latest available versions.
      - ansible-test - Update the HTTP test container.
      - ansible-test - Update the PyPI test container.
      - ansible-test - Update the ``base`` and ``default`` containers.
      - ansible-test - Update the utility container.
      - ansible-test - Use Python's ``urllib`` instead of ``curl`` for HTTP requests.
      - ansible-test - When detection of the current container network fails, a warning
        is now issued and execution continues. This simplifies usage in cases where
        the current container cannot be inspected, such as when running in GitHub
        Codespaces.
      - ansible-test acme test container - bump `version to 2.3.0 <https://github.com/ansible/acme-test-container/releases/tag/2.3.0>`__
        to include newer versions of Pebble, dependencies, and runtimes. This adds
        support for ACME profiles, ``dns-account-01`` support, and some smaller improvements
        (https://github.com/ansible/ansible/pull/84547).
      - apt_key module - add notes to docs and errors to point at the CLI tool deprecation
        by Debian and alternatives
      - apt_repository module - add notes to errors to point at the CLI tool deprecation
        by Debian and alternatives
      - become plugins get new property 'pipelining' to show support or lack there
        of for the feature.
      - callback plugins - add has_option() to CallbackBase to match other functions
        overloaded from AnsiblePlugin
      - callback plugins - fix get_options() for CallbackBase
      - copy - fix sanity test failures (https://github.com/ansible/ansible/pull/83643).
      - copy - parameter ``local_follow`` was incorrectly documented as having default
        value ``True`` (https://github.com/ansible/ansible/pull/83643).
      - cron - Provide additional error information while writing cron file (https://github.com/ansible/ansible/issues/83223).
      - csvfile - let the config system do the typecasting (https://github.com/ansible/ansible/pull/82263).
      - display - Deduplication of warning and error messages considers the full content
        of the message (including source and traceback contexts, if enabled). This
        may result in fewer messages being omitted.
      - display - The ``collection_name`` arg to ``Display.deprecated`` no longer
        has any effect. Information about the calling plugin is automatically captured
        by the display infrastructure, included in the displayed messages, and made
        available to callbacks.
      - distribution - Added openSUSE MicroOS to Suse OS family (#84685).
      - dnf5, apt - add ``auto_install_module_deps`` option (https://github.com/ansible/ansible/issues/84206)
      - docs - add collection name in message from which the module is being deprecated
        (https://github.com/ansible/ansible/issues/84116).
      - env lookup - The error message generated for a missing environment variable
        when ``default`` is an undefined value (e.g. ``undef('something')``) will
        contain the hint from that undefined value, except when the undefined value
        is the default of ``undef()`` with no arguments. Previously, any existing
        undefined hint would be ignored.
      - file - enable file module to disable diff_mode (https://github.com/ansible/ansible/issues/80817).
      - file - make code more readable and simple.
      - filter - add support for URL-safe encoding and decoding in b64encode and b64decode
        (https://github.com/ansible/ansible/issues/84147).
      - find - add a checksum_algorithm parameter to specify which type of checksum
        the module will return
      - from_json filter - The filter accepts a ``profile`` argument, which defaults
        to ``tagless``.
      - handlers - Templated handler names with syntax errors, or that resolve to
        ``omit`` are now skipped like handlers with undefined variables in their name.
      - improved error message for yaml parsing errors in plugin documentation
      - local connection plugin - A new ``become_strip_preamble`` config option (default
        True) was added; disable to preserve diagnostic ``become`` output in task
        results.
      - local connection plugin - A new ``become_success_timeout`` operation-wide
        timeout config (default 10s) was added for ``become``.
      - local connection plugin - When a ``become`` plugin's ``prompt`` value is a
        non-string after the ``check_password_prompt`` callback has completed, no
        prompt stripping will occur on stderr.
      - lookup_template - add an option to trim blocks while templating (https://github.com/ansible/ansible/issues/75962).
      - module - set ipv4 and ipv6 rules simultaneously in iptables module (https://github.com/ansible/ansible/issues/84404).
      - module_utils - Add ``NoReturn`` type annotations to functions which never
        return.
      - modules - PowerShell modules can now receive ``datetime.date``, ``datetime.time``
        and ``datetime.datetime`` values as ISO 8601 strings.
      - modules - PowerShell modules can now receive strings sourced from inline vault-encrypted
        strings.
      - modules - The ``collection_name`` arg to Python module-side ``deprecate``
        methods no longer has any effect. Information about the calling module is
        automatically captured by the warning infrastructure and included in the module
        result.
      - modules - Unhandled exceptions during Python module execution are now returned
        as structured data from the target. This allows the new traceback handling
        to be applied to exceptions raised on targets.
      - pipelining logic has mostly moved to connection plugins so they can decide/override
        settings.
      - plugin error handling - When raising exceptions in an exception handler, be
        sure to use ``raise ... from`` as appropriate. This supersedes the use of
        the ``AnsibleError`` arg ``orig_exc`` to represent the cause. Specifying ``orig_exc``
        as the cause is still permitted. Failure to use ``raise ... from`` when ``orig_exc``
        is set will result in a warning. Additionally, if the two cause exceptions
        do not match, a warning will be issued.
      - removed harcoding of su plugin as it now works with pipelining.
      - runtime-metadata sanity test - improve validation of ``action_groups`` (https://github.com/ansible/ansible/pull/83965).
      - service_facts module got freebsd support added.
      - ssh connection plugin - Support ``SSH_ASKPASS`` mechanism to provide passwords,
        making it the default, but still offering an explicit choice to use ``sshpass``
        (https://github.com/ansible/ansible/pull/83936)
      - ssh connection plugin now overrides pipelining when a tty is requested.
      - ssh-agent - ``ansible``, ``ansible-playbook`` and ``ansible-console`` are
        capable of spawning or reusing an ssh-agent, allowing plugins to interact
        with the ssh-agent. Additionally a pure python ssh-agent client has been added,
        enabling easy interaction with the agent. The ssh connection plugin contains
        new functionality via ``ansible_ssh_private_key`` and ``ansible_ssh_private_key_passphrase``,
        for loading an SSH private key into the agent from a variable.
      - templating - Access to an undefined variable from inside a lookup, filter,
        or test (which raises MarkerError) no longer ends processing of the current
        template. The triggering undefined value is returned as the result of the
        offending plugin invocation, and the template continues to execute.
      - templating - Embedding ``range()`` values in containers such as lists will
        result in an error on use. Previously the value would be converted to a string
        representing the range parameters, such as ``range(0, 3)``.
      - templating - Handling of omitted values is now a first-class feature of the
        template engine, and is usable in all Ansible Jinja template contexts. Any
        template that resolves to ``omit`` is automatically removed from its parent
        container during templating.
      - templating - Template evaluation is lazier than in previous versions. Template
        expressions which resolve only portions of a data structure no longer result
        in the entire structure being templated.
      - templating - Templating errors now provide more information about both the
        location and context of the error, especially for deeply-nested and/or indirected
        templating scenarios.
      - templating - Unified ``omit`` behavior now requires that plugins calling ``Templar.template()``
        handle cases where the entire template result is omitted, by catching the
        ``AnsibleValueOmittedError`` that is raised. Previously, this condition caused
        a randomly-generated string marker to appear in the template result.
      - templating - Variables of type ``set`` and ``tuple`` are now converted to
        ``list`` when exiting the final pass of templating.
      - to_json / to_nice_json filters - The filters accept a ``profile`` argument,
        which defaults to ``tagless``.
      - troubleshooting - Tracebacks can be collected and displayed for most errors,
        warnings, and deprecation warnings (including those generated by modules).
        Tracebacks are no longer enabled with ``-vvv``; the behavior is directly configurable
        via the ``DISPLAY_TRACEBACK`` config option. Module tracebacks passed to ``fail_json``
        via the ``exception`` kwarg will not be included in the task result unless
        error tracebacks are configured.
      - undef jinja function - The ``undef`` jinja function now raises an error if
        a non-string hint is given. Attempting to use an undefined hint also results
        in an error, ensuring incorrect use of the function can be distinguished from
        the function's normal behavior.
      - validate-modules sanity test - make sure that ``module`` and ``plugin`` ``seealso``
        entries use FQCNs (https://github.com/ansible/ansible/pull/84325).
      - vault - improved vault filter documentation by adding missing example content
        for dump_template_data.j2, refining examples for clarity, and ensuring variable
        consistency (https://github.com/ansible/ansible/issues/83583).
      - warnings - All warnings (including deprecation warnings) issued during a task's
        execution are now accessible via the ``warnings`` and ``deprecations`` keys
        on the task result.
      - when the ``dict`` lookup is given a non-dict argument, show the value of the
        argument and its type in the error message.
      - windows - add hard minimum limit for PowerShell to 5.1. Ansible dropped support
        for older versions of PowerShell in the 2.16 release but this reqirement is
        now enforced at runtime.
      - windows - refactor windows exec runner to improve efficiency and add better
        error reporting on failures.
      - winrm - Remove need for pexpect on macOS hosts when using ``kinit`` to retrieve
        the Kerberos TGT. By default the code will now only use the builtin ``subprocess``
        library which should handle issues with select and a high fd count and also
        simplify the code.
      release_summary: '| Release Date: 2025-04-14
        | `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
        '
      removed_features:
      - Remove deprecated plural form of collection path (https://github.com/ansible/ansible/pull/84156).
      - Removed deprecated STRING_CONVERSION_ACTION (https://github.com/ansible/ansible/issues/84220).
      - encrypt - passing unsupported passlib hashtype now raises AnsibleFilterError.
      - manager - remove deprecated include_delegate_to parameter from get_vars API.
      - modules - Modules returning non-UTF8 strings now result in an error. The ``MODULE_STRICT_UTF8_RESPONSE``
        setting can be used to disable this check.
      - removed deprecated pycompat24 and compat.importlib.
      - selector - remove deprecated compat.selector related files (https://github.com/ansible/ansible/pull/84155).
      - windows - removed common module functions ``ConvertFrom-AnsibleJson``, ``Format-AnsibleException``
        from Windows modules as they are not used and add uneeded complexity to the
        code.
      security_fixes:
      - include_vars action - Ensure that result masking is correctly requested when
        vault-encrypted files are read. (CVE-2024-8775)
      - task result processing - Ensure that action-sourced result masking (``_ansible_no_log=True``)
        is preserved. (CVE-2024-8775)
      - templating - Ansible's template engine no longer processes Jinja templates
        in strings unless they are marked as coming from a trusted source. Untrusted
        strings containing Jinja template markers are ignored with a warning. Examples
        of trusted sources include playbooks, vars files, and many inventory sources.
        Examples of untrusted sources include module results and facts. Plugins which
        have not been updated to preserve trust while manipulating strings may inadvertently
        cause them to lose their trusted status.
      - templating - Changes to conditional expression handling removed numerous instances
        of insecure multi-pass templating (which could result in execution of untrusted
        template expressions).
      - user action won't allow ssh-keygen, chown and chmod to run on existing ssh
        public key file, avoiding traversal on existing symlinks (CVE-2024-9902).
    codename: What Is and What Should Never Be
    fragments:
    - 2.19.0b1_summary.yaml
    - 81709-ansible-galaxy-slow-resolution-hints.yml
    - 81812-ansible-galaxy-negative-spec-is-pinned.yml
    - 81874-deprecate-datetime-compat.yml
    - 83642-fix-sanity-ignore-for-uri.yml
    - 83643-fix-sanity-ignore-for-copy.yml
    - 83690-get_url-content-disposition-filename.yml
    - 83700-enable-file-disable-diff.yml
    - 83757-deprecate-paramiko.yml
    - 83936-ssh-askpass.yml
    - 83965-action-groups-schema.yml
    - 84008-additional-logging.yml
    - 84019-ignore_unreachable-loop.yml
    - 84149-add-flush-cache-for-adhoc-commands.yml
    - 84206-dnf5-apt-auto-install-module-deps.yml
    - 84213-ansible-galaxy-url-building.yml
    - 84229-windows-server-2025.yml
    - 84238-fix-reset_connection-ssh_executable-templated.yml
    - 84259-dnf5-latest-fix.yml
    - 84321-added-ansible_uptime_seconds_aix.yml
    - 84325-validate-modules-seealso-fqcn.yml
    - 84334-dnf5-consolidate-settings.yml
    - 84384-fix-undefined-key-host-group-vars.yml
    - 84419-fix-wait_for_connection-warning.yml
    - 84468-timeout_become_unreachable.yml
    - 84473-dict-lookup-type-error-message.yml
    - 84490-allow-iptables-chain-creation-with-wait.yml
    - 84496-CallbackBase-get_options.yml
    - 84540-uri-relative-redirect.yml
    - 84547-acme-test-container.yml
    - 84578-dnf5-is_installed-provides.yml
    - 84660-fix-meta-end_role-linear-strategy.yml
    - 84685-add-opensuse-microos.yml
    - 84705-error-message-malformed-plugin-documentation.yml
    - 84725-deprecate-strategy-plugins.yml
    - Ansible.Basic-required_if-null.yml
    - ansible-galaxy-keycloak-service-accounts.yml
    - ansible-test-added-macos-15.3.yml
    - ansible-test-containers.yml
    - ansible-test-coverage-test-files.yml
    - ansible-test-curl.yml
    - ansible-test-fix-command-traceback.yml
    - ansible-test-freebsd-nss.yml
    - ansible-test-network-detection.yml
    - ansible-test-nios-container.yml
    - ansible-test-no-exec-script.yml
    - ansible-test-probe-error-handling.yml
    - ansible-test-pylint-fix.yml
    - ansible-test-remotes.yml
    - ansible-test-update.yml
    - apt_key_bye.yml
    - become-runas-system-deux.yml
    - buildroot.yml
    - compat_removal.yml
    - config.yml
    - config_dump.yml
    - copy_validate_input.yml
    - cron_err.yml
    - csvfile-col.yml
    - cve-2024-8775.yml
    - darwin_pagesize.yml
    - debconf_empty_password.yml
    - deprecated.yml
    - distro_LMDE_6.yml
    - dnf5-exception-forwarding.yml
    - dnf5-plugins-compat.yml
    - dnf5-remove-usage-deprecated-option.yml
    - feature-uri-add-option-multipart-encoding.yml
    - file_simplify.yml
    - find-checksum.yml
    - find_enoent.yml
    - fix-ansible-galaxy-ignore-certs.yml
    - fix-cli-doc-path_undefined.yaml
    - fix-display-bug-in-action-plugin.yml
    - fix-include_vars-merge-hash.yml
    - fix-ipv6-pattern.yml
    - fix-is-filter-is-test.yml
    - fix-lookup-sequence-keyword-args-only.yml
    - fix-module-utils-facts-timeout.yml
    - fix_errors.yml
    - follow_redirects_url.yml
    - gather_facts_netos_fixes.yml
    - gather_facts_smart_fix.yml
    - get_url_bsd_style_digest.yml
    - hide-loop-vars-debug-vars.yml
    - implicit_flush_handlers_parents.yml
    - include_delegate_to.yml
    - interpreter-discovery-auto-legacy.yml
    - jinja-version.yml
    - libvirt_lxc.yml
    - local-become-fixes.yml
    - lookup_config.yml
    - macos-correct-lock.yml
    - no-inherit-stdio.yml
    - no-return.yml
    - openrc-status.yml
    - os_family.yml
    - package-dnf-action-plugins-facts-fail-msg.yml
    - package_facts_fix.yml
    - passlib.yml
    - pin-wheel.yml
    - pipelining_refactor.yml
    - playiterator-add_tasks-optimize.yml
    - ps-import-sanity.yml
    - pull_changed_fix.yml
    - remove_ini_ignored_dir.yml
    - reserved_module_chekc.yml
    - respawn-min-python.yml
    - respawn_os_env.yml
    - selector_removal.yml
    - service_facts_fbsd.yml
    - set_ipv4_and_ipv6_simultaneously.yml
    - simplify-copy-module.yml
    - skip-handlers-tagged-play.yml
    - skip-implicit-flush_handlers-no-notify.yml
    - skip-role-task-iterator.yml
    - ssh-agent.yml
    - ssh-clixml.yml
    - ssh_raise_exception.yml
    - string_conversion.yml
    - sunos_virtinfo.yml
    - templates_types_datatagging.yml
    - toml-library-support-dropped.yml
    - trim_blocks.yml
    - unarchive_timestamp_t32.yaml
    - update-resolvelib-lt-2_0_0.yml
    - uri_httpexception.yml
    - url_safe_b64_encode_decode.yml
    - user_action_fix.yml
    - user_module.yml
    - user_passphrase.yml
    - user_ssh_fix.yml
    - v2.19.0-initial-commit.yaml
    - vault_cli_fix.yml
    - vault_docs_fix.yaml
    - win-async-refactor.yml
    - win-wdac-audit.yml
    - windows-exec.yml
    - winrm-kinit-pexpect.yml
    release_date: '2025-04-14'
  2.19.0b2:
    changes:
      bugfixes:
      - Remove use of `required` parameter in `get_bin_path` which has been deprecated.
      - ansible-doc - fix indentation for first line of descriptions of suboptions
        and sub-return values (https://github.com/ansible/ansible/pull/84690).
      - ansible-doc - fix line wrapping for first line of description of options and
        return values (https://github.com/ansible/ansible/pull/84690).
      minor_changes:
      - comment filter - Improve the error message shown when an invalid ``style``
        argument is provided.
      release_summary: '| Release Date: 2025-04-24
        | `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
        '
    codename: What Is and What Should Never Be
    fragments:
    - 2.19.0b2_summary.yaml
    - 84690-ansible-doc-indent-wrapping.yml
    - comment_fail.yml
    - get_bin_path-remove-use-of-deprecated-param.yml
    release_date: '2025-04-23'
--- a/changelogs/fragments/2.19.0b1_summary.yaml
+++ b/changelogs/fragments/2.19.0b1_summary.yaml
@ -0,0 +1,3 @@
 release_summary: |
   | Release Date: 2025-04-14
   | `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
--- a/changelogs/fragments/2.19.0b2_summary.yaml
+++ b/changelogs/fragments/2.19.0b2_summary.yaml
@ -0,0 +1,3 @@
 release_summary: |
   | Release Date: 2025-04-24
   | `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
--- a/changelogs/fragments/81709-ansible-galaxy-slow-resolution-hints.yml
+++ b/changelogs/fragments/81709-ansible-galaxy-slow-resolution-hints.yml
@ -0,0 +1,10 @@
 ---
 minor_changes:
 - >-
  ``ansible-galaxy collection install`` — the collection dependency resolver
  now prints out conflicts it hits during dependency resolution when it's
  taking too long and it ends up backtracking a lot. It also displays
  suggestions on how to help it compute the result more quickly.
 ...
--- a/changelogs/fragments/81812-ansible-galaxy-negative-spec-is-pinned.yml
+++ b/changelogs/fragments/81812-ansible-galaxy-negative-spec-is-pinned.yml
@ -0,0 +1,8 @@
 ---
 bugfixes:
 - >-
  ``ansible-galaxy`` — the collection dependency resolver now treats
  version specifiers starting with ``!=`` as unpinned.
 ...
--- a/changelogs/fragments/81874-deprecate-datetime-compat.yml
+++ b/changelogs/fragments/81874-deprecate-datetime-compat.yml
@ -0,0 +1,11 @@
 ---
 deprecated_features:
 - >-
  ``ansible.module_utils.compat.datetime`` - The datetime compatibility
  shims are now deprecated. They are scheduled to be removed in
  ``ansible-core`` v2.21. This includes ``UTC``, ``utcfromtimestamp()``
  and ``utcnow`` importable from said module
  (https://github.com/ansible/ansible/pull/81874).
 ...
--- a/changelogs/fragments/83642-fix-sanity-ignore-for-uri.yml
+++ b/changelogs/fragments/83642-fix-sanity-ignore-for-uri.yml
@ -0,0 +1,2 @@
 bugfixes:
  - uri - mark ``url`` as required (https://github.com/ansible/ansible/pull/83642).
--- a/changelogs/fragments/83643-fix-sanity-ignore-for-copy.yml
+++ b/changelogs/fragments/83643-fix-sanity-ignore-for-copy.yml
@ -0,0 +1,3 @@
 minor_changes:
  - copy - parameter ``local_follow`` was incorrectly documented as having default value ``True`` (https://github.com/ansible/ansible/pull/83643).
  - copy - fix sanity test failures (https://github.com/ansible/ansible/pull/83643).
--- a/changelogs/fragments/83690-get_url-content-disposition-filename.yml
+++ b/changelogs/fragments/83690-get_url-content-disposition-filename.yml
@ -0,0 +1,2 @@
 bugfixes:
  - get_url - fix honoring ``filename`` from the ``content-disposition`` header even when the type is ``inline`` (https://github.com/ansible/ansible/issues/83690)
--- a/changelogs/fragments/83700-enable-file-disable-diff.yml
+++ b/changelogs/fragments/83700-enable-file-disable-diff.yml
@ -0,0 +1,2 @@
 minor_changes:
  - file - enable file module to disable diff_mode (https://github.com/ansible/ansible/issues/80817).
--- a/changelogs/fragments/83757-deprecate-paramiko.yml
+++ b/changelogs/fragments/83757-deprecate-paramiko.yml
@ -0,0 +1,2 @@
 deprecated_features:
 - paramiko - The paramiko connection plugin has been deprecated with planned removal in 2.21.
--- a/changelogs/fragments/83936-ssh-askpass.yml
+++ b/changelogs/fragments/83936-ssh-askpass.yml
@ -0,0 +1,3 @@
 minor_changes:
 - ssh connection plugin - Support ``SSH_ASKPASS`` mechanism to provide passwords, making it the default, but still offering an explicit choice to use ``sshpass``
  (https://github.com/ansible/ansible/pull/83936)
--- a/changelogs/fragments/83965-action-groups-schema.yml
+++ b/changelogs/fragments/83965-action-groups-schema.yml
@ -0,0 +1,2 @@
 minor_changes:
  - "runtime-metadata sanity test - improve validation of ``action_groups`` (https://github.com/ansible/ansible/pull/83965)."
--- a/changelogs/fragments/84008-additional-logging.yml
+++ b/changelogs/fragments/84008-additional-logging.yml
@ -0,0 +1,3 @@
 minor_changes:
  - Added a -vvvvv log message indicating when a host fails to produce output within the timeout period.
  - SSH Escalation-related -vvv log messages now include the associated host information.
--- a/changelogs/fragments/84019-ignore_unreachable-loop.yml
+++ b/changelogs/fragments/84019-ignore_unreachable-loop.yml
@ -0,0 +1,2 @@
 bugfixes:
  - Fix returning 'unreachable' for the overall task result. This prevents false positives when a looped task has unignored unreachable items (https://github.com/ansible/ansible/issues/84019).
--- a/changelogs/fragments/84149-add-flush-cache-for-adhoc-commands.yml
+++ b/changelogs/fragments/84149-add-flush-cache-for-adhoc-commands.yml
@ -0,0 +1,3 @@
 minor_changes:
 - >
  ansible, ansible-console, ansible-pull - add --flush-cache option (https://github.com/ansible/ansible/issues/83749).
--- a/changelogs/fragments/84206-dnf5-apt-auto-install-module-deps.yml
+++ b/changelogs/fragments/84206-dnf5-apt-auto-install-module-deps.yml
@ -0,0 +1,2 @@
 minor_changes:
  - dnf5, apt - add ``auto_install_module_deps`` option (https://github.com/ansible/ansible/issues/84206)
--- a/changelogs/fragments/84213-ansible-galaxy-url-building.yml
+++ b/changelogs/fragments/84213-ansible-galaxy-url-building.yml
@ -0,0 +1,2 @@
 bugfixes:
 - ansible-galaxy - Small adjustments to URL building for ``download_url`` and relative redirects.
--- a/changelogs/fragments/84229-windows-server-2025.yml
+++ b/changelogs/fragments/84229-windows-server-2025.yml
@ -0,0 +1,4 @@
 minor_changes:
  - >-
    Windows - Add support for Windows Server 2025 to Ansible and as an ``ansible-test``
    remote target - https://github.com/ansible/ansible/issues/84229
--- a/changelogs/fragments/84238-fix-reset_connection-ssh_executable-templated.yml
+++ b/changelogs/fragments/84238-fix-reset_connection-ssh_executable-templated.yml
@ -0,0 +1,2 @@
 bugfixes:
  - ssh - connection options were incorrectly templated during ``reset_connection`` tasks (https://github.com/ansible/ansible/pull/84238).
--- a/changelogs/fragments/84259-dnf5-latest-fix.yml
+++ b/changelogs/fragments/84259-dnf5-latest-fix.yml
@ -0,0 +1,2 @@
 bugfixes:
  - "dnf5 - fix installing a package using ``state=latest`` when a binary of the same name as the package is already installed (https://github.com/ansible/ansible/issues/84259)"
--- a/changelogs/fragments/84321-added-ansible_uptime_seconds_aix.yml
+++ b/changelogs/fragments/84321-added-ansible_uptime_seconds_aix.yml
@ -0,0 +1,2 @@
 bugfixes:
  - ansible_uptime_second - added ansible_uptime_seconds fact support for AIX (https://github.com/ansible/ansible/pull/84321).
--- a/changelogs/fragments/84325-validate-modules-seealso-fqcn.yml
+++ b/changelogs/fragments/84325-validate-modules-seealso-fqcn.yml
@ -0,0 +1,2 @@
 minor_changes:
  - "validate-modules sanity test - make sure that ``module`` and ``plugin`` ``seealso`` entries use FQCNs (https://github.com/ansible/ansible/pull/84325)."
--- a/changelogs/fragments/84334-dnf5-consolidate-settings.yml
+++ b/changelogs/fragments/84334-dnf5-consolidate-settings.yml
@ -0,0 +1,2 @@
 bugfixes:
  - dnf5 - matching on a binary can be achieved only by specifying a full path (https://github.com/ansible/ansible/issues/84334)
--- a/changelogs/fragments/84384-fix-undefined-key-host-group-vars.yml
+++ b/changelogs/fragments/84384-fix-undefined-key-host-group-vars.yml
@ -0,0 +1,4 @@
 # Filename: changelogs/fragments/84384-fix-undefined-key-host-group-vars.yml
 bugfixes:
  - host_group_vars - fixed defining the 'key' variable if the get_vars method is called with cache=False (https://github.com/ansible/ansible/issues/84384)
--- a/changelogs/fragments/84419-fix-wait_for_connection-warning.yml
+++ b/changelogs/fragments/84419-fix-wait_for_connection-warning.yml
@ -0,0 +1,2 @@
 bugfixes:
  - wait_for_connection - a warning was displayed if any hosts used a local connection (https://github.com/ansible/ansible/issues/84419)
--- a/changelogs/fragments/84468-timeout_become_unreachable.yml
+++ b/changelogs/fragments/84468-timeout_become_unreachable.yml
@ -0,0 +1,2 @@
 bugfixes:
  - Time out waiting on become is an unreachable error (https://github.com/ansible/ansible/issues/84468)
--- a/changelogs/fragments/84473-dict-lookup-type-error-message.yml
+++ b/changelogs/fragments/84473-dict-lookup-type-error-message.yml
@ -0,0 +1,2 @@
 minor_changes:
  - when the ``dict`` lookup is given a non-dict argument, show the value of the argument and its type in the error message.
--- a/changelogs/fragments/84490-allow-iptables-chain-creation-with-wait.yml
+++ b/changelogs/fragments/84490-allow-iptables-chain-creation-with-wait.yml
@ -0,0 +1,2 @@
 bugfixes:
  - iptables - Allows the wait paramater to be used with iptables chain creation (https://github.com/ansible/ansible/issues/84490)
--- a/changelogs/fragments/84496-CallbackBase-get_options.yml
+++ b/changelogs/fragments/84496-CallbackBase-get_options.yml
@ -0,0 +1,4 @@
 ---
 minor_changes:
  - callback plugins - add has_option() to CallbackBase to match other functions overloaded from AnsiblePlugin
  - callback plugins - fix get_options() for CallbackBase
--- a/changelogs/fragments/84540-uri-relative-redirect.yml
+++ b/changelogs/fragments/84540-uri-relative-redirect.yml
@ -0,0 +1,3 @@
 ---
 bugfixes:
  - uri - Form location correctly when the server returns a relative redirect (https://github.com/ansible/ansible/issues/84540)
--- a/changelogs/fragments/84547-acme-test-container.yml
+++ b/changelogs/fragments/84547-acme-test-container.yml
@ -0,0 +1,4 @@
 minor_changes:
  - "ansible-test acme test container - bump `version to 2.3.0 <https://github.com/ansible/acme-test-container/releases/tag/2.3.0>`__
     to include newer versions of Pebble, dependencies, and runtimes. This adds support for ACME profiles, ``dns-account-01`` support,
     and some smaller improvements (https://github.com/ansible/ansible/pull/84547)."
--- a/changelogs/fragments/84578-dnf5-is_installed-provides.yml
+++ b/changelogs/fragments/84578-dnf5-is_installed-provides.yml
@ -0,0 +1,2 @@
 bugfixes:
  - "dnf5 - fix ``is_installed`` check for packages that are not installed but listed as provided by an installed package (https://github.com/ansible/ansible/issues/84578)"
--- a/changelogs/fragments/84660-fix-meta-end_role-linear-strategy.yml
+++ b/changelogs/fragments/84660-fix-meta-end_role-linear-strategy.yml
@ -0,0 +1,2 @@
 bugfixes:
  - linear strategy - fix executing ``end_role`` meta tasks for each host, instead of handling these as implicit run_once tasks (https://github.com/ansible/ansible/issues/84660).
--- a/changelogs/fragments/84685-add-opensuse-microos.yml
+++ b/changelogs/fragments/84685-add-opensuse-microos.yml
@ -0,0 +1,3 @@
 ---
 minor_changes:
  - distribution - Added openSUSE MicroOS to Suse OS family (#84685).
--- a/changelogs/fragments/84690-ansible-doc-indent-wrapping.yml
+++ b/changelogs/fragments/84690-ansible-doc-indent-wrapping.yml
@ -0,0 +1,3 @@
 bugfixes:
  - "ansible-doc - fix indentation for first line of descriptions of suboptions and sub-return values (https://github.com/ansible/ansible/pull/84690)."
  - "ansible-doc - fix line wrapping for first line of description of options and return values (https://github.com/ansible/ansible/pull/84690)."
--- a/changelogs/fragments/84705-error-message-malformed-plugin-documentation.yml
+++ b/changelogs/fragments/84705-error-message-malformed-plugin-documentation.yml
@ -0,0 +1,2 @@
 minor_changes:
  - improved error message for yaml parsing errors in plugin documentation
--- a/changelogs/fragments/84725-deprecate-strategy-plugins.yml
+++ b/changelogs/fragments/84725-deprecate-strategy-plugins.yml
@ -0,0 +1,2 @@
 deprecated_features:
 - Stategy Plugins - Use of strategy plugins not provided in ``ansible.builtin`` are deprecated and do not carry any backwards compatibility guarantees going forward. A future release will remove the ability to use external strategy plugins. No alternative for third party strategy plugins is currently planned.
--- a/changelogs/fragments/85193-runtime-metadata.yml
+++ b/changelogs/fragments/85193-runtime-metadata.yml
@ -1,2 +0,0 @@
 bugfixes:
  - ansible-test - The runtime-metadata sanity test now ignores pre-release and build identifiers in collection versions. This prevents errors if a tombstone version is ``X.0.0``, while the collection's version is ``X.0.0-prerelease`` (https://github.com/ansible/ansible/issues/85193)."
--- a/changelogs/fragments/85254-apt-version-comparison-bugfix.yaml
+++ b/changelogs/fragments/85254-apt-version-comparison-bugfix.yaml
@ -1,2 +0,0 @@
 bugfixes:
  - apt - Stop the >= operator from being ignored for packages that are not already installed (https://github.com/ansible/ansible/pull/85254)
--- a/changelogs/fragments/85259-fix-human_to_bytes.yml
+++ b/changelogs/fragments/85259-fix-human_to_bytes.yml
@ -1,2 +0,0 @@
 bugfixes:
  - "Fix ``AnsibleModule.human_to_bytes()``, which was never adjusted after the standalone ``human_to_bytes()`` got a new parameter ``default_unit`` (https://github.com/ansible/ansible/pull/85259)."
--- a/changelogs/fragments/85623-fix-pip-check-mode-vcs.yml
+++ b/changelogs/fragments/85623-fix-pip-check-mode-vcs.yml
@ -1,5 +0,0 @@
 bugfixes:
  - >-
    ``ansible.builtin.pip`` - Running the built-in pip module with ``check_mode`` and packages coming from VCS URLs, archives, or local filepaths now correctly outputs the ``changed`` status of the task.
    Previously, it was always reported as changed due to improper package name resolution. 
    (https://github.com/ansible/ansible/pull/85623)
--- a/changelogs/fragments/85767-ansible-virtualization-freebsd.yml
+++ b/changelogs/fragments/85767-ansible-virtualization-freebsd.yml
@ -1,2 +0,0 @@
 bugfixes:
  - ansible_virtualization_role and ansible_virtualization_type facts - fix the detection of vms running inside FreeBSD Bhyve hypervisor and detection of jails  (https://github.com/ansible/ansible/pull/85767)
--- a/changelogs/fragments/85918-handle-missing-results.yml
+++ b/changelogs/fragments/85918-handle-missing-results.yml
@ -1,6 +0,0 @@
 ---
 bugfixes:
  - galaxy - previously, some corrupted cache files could cause Ansible Galaxy to fail
    with a traceback. This has been corrected to display a clear error message explaining
    how to resolve the problem. 
    (https://github.com/ansible/ansible/issues/85918)
--- a/changelogs/fragments/85966-psrp-readtimeout.yml
+++ b/changelogs/fragments/85966-psrp-readtimeout.yml
@ -1,2 +0,0 @@
 bugfixes:
  - psrp - ReadTimeout exceptions now mark host as unreachable instead of fatal (https://github.com/ansible/ansible/issues/85966)
--- a/changelogs/fragments/85997-basic-py-deprecations.yml
+++ b/changelogs/fragments/85997-basic-py-deprecations.yml
@ -1,2 +0,0 @@
 removed_features:
  - Removed deprecated ability to import ``datetime``, ``signal``, ``types``, ``chain``, ``repeat``, ``map`` and ``shlex_quote`` from ``ansible.module_utils.basic``.
--- a/changelogs/fragments/86003-remove-deprecated-handle_stats_and_callbacks.yml
+++ b/changelogs/fragments/86003-remove-deprecated-handle_stats_and_callbacks.yml
@ -1,2 +0,0 @@
 removed_features:
  - Removed deprecated ``handle_stats_and_callbacks`` parameter of the ``StrategyBase._load_included_file`` method. (https://github.com/ansible/ansible/issues/86003)
--- a/changelogs/fragments/86079-ansible-test-validate-modules-bad-return-keys.yml
+++ b/changelogs/fragments/86079-ansible-test-validate-modules-bad-return-keys.yml
@ -1,2 +0,0 @@
 minor_changes:
  - "ansible-test validate-modules sanity test - now reports bad return value keys that cannot be used with the dot notation in Jinja expressions (https://github.com/ansible/ansible/issues/86079)."
--- a/changelogs/fragments/86128-fix-script-decrypt-docs-mismatch.yml
+++ b/changelogs/fragments/86128-fix-script-decrypt-docs-mismatch.yml
@ -1,3 +0,0 @@
 ---
 minor_changes:
  - script - remove the currently unsupported ``decrypt`` argument from the module documentation (https://github.com/ansible/ansible/issues/86067).
--- a/changelogs/fragments/86147-fix-iptables-extension-handling.yml
+++ b/changelogs/fragments/86147-fix-iptables-extension-handling.yml
@ -1,6 +0,0 @@
 ---
 bugfixes:
  - >-
    iptables - The module can now detect when a extensions added with the module ``match`` argument have 
    been automatically imported by other module arguments such as ``uid_owner`` and prevents duplicate
    extension imports which previously caused an error (https://github.com/ansible/ansible/issues/84387). 
--- a/changelogs/fragments/Ansible.Basic-required_if-null.yml
+++ b/changelogs/fragments/Ansible.Basic-required_if-null.yml
@ -0,0 +1,3 @@
 bugfixes:
  - >-
    Ansible.Basic - Fix ``required_if`` check when the option value to check is unset or set to null.
--- a/changelogs/fragments/add-type-warning.yml
+++ b/changelogs/fragments/add-type-warning.yml
@ -1,5 +0,0 @@
 bugfixes:
  - >-
    Windows - ignore temporary file cleanup warning when using AnsibleModule to
    compile C# utils. This should reduce the number of warnings that can safely
    be ignored when running PowerShell modules - https://github.com/ansible/ansible/issues/85976
--- a/changelogs/fragments/ansiballz-wrapper-sitecustomize.yml
+++ b/changelogs/fragments/ansiballz-wrapper-sitecustomize.yml
@ -1,2 +0,0 @@
 bugfixes:
 - modules - fix AnsiballZ wrapper code escaping of sitecustomize
--- a/changelogs/fragments/ansible-galaxy-keycloak-service-accounts.yml
+++ b/changelogs/fragments/ansible-galaxy-keycloak-service-accounts.yml
@ -0,0 +1,2 @@
 minor_changes:
 - ansible-galaxy - Add support for Keycloak service accounts
--- a/changelogs/fragments/ansible-minimum-setuptools.yml
+++ b/changelogs/fragments/ansible-minimum-setuptools.yml
@ -1,2 +0,0 @@
 minor_changes:
  - The minimum required ``setuptools`` version is now ``77.0.3``, as it is needed for the new PEP 639 license format
--- a/changelogs/fragments/ansible-test-added-macos-15.3.yml
+++ b/changelogs/fragments/ansible-test-added-macos-15.3.yml
@ -0,0 +1,6 @@
 ---
 minor_changes:
 - ansible-test - Added a macOS 15.3 remote VM, replacing 14.3.
 ...
--- a/changelogs/fragments/ansible-test-containers.yml
+++ b/changelogs/fragments/ansible-test-containers.yml
@ -1,2 +1,7 @@
 minor_changes:
-  - ansible-test - Update base and default containers.
+  - ansible-test - Replace container Fedora 40 with 41.
  - ansible-test - Replace container Alpine 3.20 with 3.21.
  - ansible-test - Update distro containers to remove unnecessary pakages (apache2, subversion, ruby).
  - ansible-test - Update the HTTP test container.
  - ansible-test - Update the PyPI test container.
  - ansible-test - Update the utility container.
--- a/changelogs/fragments/ansible-test-coverage-test-files.yml
+++ b/changelogs/fragments/ansible-test-coverage-test-files.yml
@ -0,0 +1,4 @@
 bugfixes:
  - >-
    ansible-test - Fix up coverage reporting to properly translate the temporary path of integration test modules to
    the expected static test module path.
--- a/changelogs/fragments/ansible-test-curl.yml
+++ b/changelogs/fragments/ansible-test-curl.yml
@ -0,0 +1,3 @@
 minor_changes:
  - ansible-test - Use Python's ``urllib`` instead of ``curl`` for HTTP requests.
  - ansible-test - Automatically retry HTTP GET/PUT/DELETE requests on exceptions.
--- a/changelogs/fragments/ansible-test-docker-hostname.yml
+++ b/changelogs/fragments/ansible-test-docker-hostname.yml
@ -1,2 +0,0 @@
 bugfixes:
 - ansible-test - Fix docker hostname parsing
--- a/changelogs/fragments/ansible-test-fix-command-traceback.yml
+++ b/changelogs/fragments/ansible-test-fix-command-traceback.yml
@ -0,0 +1,2 @@
 bugfixes:
  - ansible-test - Fix traceback that occurs after an interactive command fails.
--- a/changelogs/fragments/ansible-test-freebsd-nss.yml
+++ b/changelogs/fragments/ansible-test-freebsd-nss.yml
@ -0,0 +1,2 @@
 bugfixes:
  - ansible-test - Ensure CA certificates are installed on managed FreeBSD instances.
--- a/changelogs/fragments/ansible-test-integration-coverage.yml
+++ b/changelogs/fragments/ansible-test-integration-coverage.yml
@ -1,2 +0,0 @@
 bugfixes:
  - ansible-test - Restore code coverage reporting for Python code residing in integration tests.
--- a/changelogs/fragments/ansible-test-inventory-json.yml
+++ b/changelogs/fragments/ansible-test-inventory-json.yml
@ -1,4 +0,0 @@
 minor_changes:
  - >-
    ansible-test - add ``.winrm`` and ``.networking`` as valid JSON/YAML inventory file extensions. This should not
    affect any public facing code as it is used internally for inventories generated by ``ansible-test``.
--- a/changelogs/fragments/ansible-test-network-detection.yml
+++ b/changelogs/fragments/ansible-test-network-detection.yml
@ -0,0 +1,3 @@
 minor_changes:
  - ansible-test - When detection of the current container network fails, a warning is now issued and execution continues.
    This simplifies usage in cases where the current container cannot be inspected, such as when running in GitHub Codespaces.
--- a/changelogs/fragments/ansible-test-nios-container.yml
+++ b/changelogs/fragments/ansible-test-nios-container.yml
@ -0,0 +1,2 @@
 minor_changes:
  - ansible-test - Update ``nios-test-container`` to version 7.0.0.
--- a/changelogs/fragments/ansible-test-no-exec-script.yml
+++ b/changelogs/fragments/ansible-test-no-exec-script.yml
@ -0,0 +1,2 @@
 minor_changes:
  - ansible-test - Show a more user-friendly error message when a ``runme.sh`` script is not executable.
--- a/changelogs/fragments/ansible-test-probe-error-handling.yml
+++ b/changelogs/fragments/ansible-test-probe-error-handling.yml
@ -0,0 +1,3 @@
 minor_changes:
  - ansible-test - Improve container runtime probe error handling.
    When unexpected probe output is encountered, an error with more useful debugging information is provided.
--- a/changelogs/fragments/ansible-test-pylint-fix.yml
+++ b/changelogs/fragments/ansible-test-pylint-fix.yml
@ -0,0 +1,4 @@
 bugfixes:
  - ansible-test - Enable the ``sys.unraisablehook`` work-around for the ``pylint`` sanity test on Python 3.11.
    Previously the work-around was only enabled for Python 3.12 and later.
    However, the same issue has been discovered on Python 3.11.
--- a/changelogs/fragments/ansible-test-pylint-update.yml
+++ b/changelogs/fragments/ansible-test-pylint-update.yml
@ -1,2 +0,0 @@
 minor_changes:
  - ansible-test - Update the pylint sanity test to pylint 4.0.2.
--- a/changelogs/fragments/ansible-test-pylint-urllib2.yml
+++ b/changelogs/fragments/ansible-test-pylint-urllib2.yml
@ -1,2 +0,0 @@
 minor_changes:
  - ansible-test - Remove pylint check for ``urllib2`` usage.
--- a/changelogs/fragments/ansible-test-remotes.yml
+++ b/changelogs/fragments/ansible-test-remotes.yml
@ -0,0 +1,6 @@
 minor_changes:
  - ansible-test - Replace remote FreeBSD 13.3 with 13.5.
  - ansible-test - Replace remote FreeBSD 14.1 with 14.2.
  - ansible-test - Replace remote Fedora 40 with 41.
  - ansible-test - Replace remote Alpine 3.20 with 3.21.
  - ansible-test - Replace remote RHEL 9.4 with 9.5.
--- a/changelogs/fragments/ansible-test-update.yml
+++ b/changelogs/fragments/ansible-test-update.yml
@ -0,0 +1,7 @@
 minor_changes:
  - ansible-test - Update ``pylint`` sanity test to use version 3.3.1.
  - ansible-test - Default to Python 3.13 in the ``base`` and ``default`` containers.
  - ansible-test - Disable the ``deprecated-`` prefixed ``pylint`` rules as their results vary by Python version.
  - ansible-test - Update the ``base`` and ``default`` containers.
  - ansible-test - Update sanity test requirements to latest available versions.
  - ansible-test - Disable the ``pep8`` sanity test rules ``E701`` and ``E704`` to improve compatibility with ``black``.
--- a/changelogs/fragments/apt_key_bye.yml
+++ b/changelogs/fragments/apt_key_bye.yml
@ -0,0 +1,5 @@
 minor_changes:
  - apt_key module - add notes to docs and errors to point at the CLI tool deprecation by Debian and alternatives
  - apt_repository module - add notes to errors to point at the CLI tool deprecation by Debian and alternatives
 bugfixes:
  - apt_key module - prevent tests from running when apt-key was removed
--- a/changelogs/fragments/auto_legacy.yml
+++ b/changelogs/fragments/auto_legacy.yml
@ -1,3 +0,0 @@
 ---
 removed_features:
    - interpreter_discovery - removed auto_legacy and auto_legacy_slient options (https://github.com/ansible/ansible/issues/85995).
--- a/changelogs/fragments/basic-py-deprecations.yml
+++ b/changelogs/fragments/basic-py-deprecations.yml
@ -1,4 +0,0 @@
 deprecated_features:
  - The ``get_platfrom()`` function from ``ansible.module_utils.basic`` is deprecated and will be removed in ansible-core 2.24. Use ``platform.system()`` from the Python standard library instead.
  - The ``load_platform_subclass()`` function from ``ansible.module_utils.basic`` is deprecated and will be removed in ansible-core 2.24. Use ``get_platform_subclass()`` from ``ansible.module_utils.common.sys_info`` instead.
  - The ``get_all_subclasses()`` function from ``ansible.module_utils.basic`` is deprecated and will be removed in ansible-core 2.24. Use ``get_all_subclasses()`` from ``ansible.module_utils.common._utils`` instead.
--- a/changelogs/fragments/basic_shlex_split.yml
+++ b/changelogs/fragments/basic_shlex_split.yml
@ -1,3 +0,0 @@
 ---
 bugfixes:
  - basic - fail in controlled manner when ``run_command()`` attempts to parse a command with broken syntax passed in as a string (https://github.com/ansible/ansible/issues/85719).
--- a/changelogs/fragments/become-runas-system-deux.yml
+++ b/changelogs/fragments/become-runas-system-deux.yml
@ -0,0 +1,3 @@
 bugfixes:
  - >-
    runas become - Fix up become logic to still get the SYSTEM token with the most privileges when running as SYSTEM.
--- a/changelogs/fragments/buildroot.yml
+++ b/changelogs/fragments/buildroot.yml
@ -0,0 +1,3 @@
 ---
 bugfixes:
  - user - Create Buildroot subclass as alias to Busybox (https://github.com/ansible/ansible/issues/83665).
--- a/changelogs/fragments/cache_avoid_path_keys.yml
+++ b/changelogs/fragments/cache_avoid_path_keys.yml
@ -1,2 +0,0 @@
 bugfixes:
  - cache plugins based on the BaseFileCache class will now sanitize keys to avoid names that could cause issues with the storage path
--- a/changelogs/fragments/comment_fail.yml
+++ b/changelogs/fragments/comment_fail.yml
@ -0,0 +1,3 @@
 ---
 minor_changes:
   - comment filter - Improve the error message shown when an invalid ``style`` argument is provided.
--- a/changelogs/fragments/compat_datetime.yml
+++ b/changelogs/fragments/compat_datetime.yml
@ -1,3 +0,0 @@
 ---
 removed_features:
    - compat.datetime - removed deprecated datetime compat APIs (https://github.com/ansible/ansible/issues/86000).
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Matt Clay	4e861fa9c8	New release v2.19.0b2 (#85040 ) * New release v2.19.0b2 * Revert setuptools version bump	7 months ago
Matt Davis	f898f9fec6	Implement TaskResult backward compatibility for callbacks (#85039 ) * Implement TaskResult backward compatibility for callbacks * general API cleanup * misc deprecations Co-authored-by: Matt Clay <matt@mystile.com> * fix v2_on_any deprecation exclusion for base --------- Co-authored-by: Matt Clay <matt@mystile.com> (cherry picked from commit `03181ac87b`)	7 months ago
Matt Davis	4714194672	restore parsing/utils/jsonify.py (#85032 ) (cherry picked from commit `2033993d89`)	7 months ago
Abhijeet Kasurde	ffbf121182	comment: raise an exception when an invalid option is provided (#84984 ) Co-authored-by: Matt Clay <matt@mystile.com> Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com> (cherry picked from commit `1daa8412d5`)	8 months ago
Brian Coca	89a4900b61	normalize error handler choices (#84998 ) use existing to avoid deprecation cycle normalize test too (cherry picked from commit `2cbb721f6f`)	8 months ago
Matt Clay	17d4fdd883	Increase galaxy test publish timeout (#85016 ) (cherry picked from commit `e6dc17cda4`)	8 months ago
Lee Garrett	7fc916361e	Fix test_range_templating on 32-bit architectures (#85007 ) * Fix test_range_templating on 32-bit architectures 32-bit archtectures like i386, armel, armhf will fail with the error ansible._internal._templating._errors.AnsibleTemplatePluginRuntimeError: The filter plugin 'ansible.builtin.random' failed: Python int too large to convert to C ssize_t So just pick sys.maxsize (2**31 - 1) so it works on 32 bit machines. --------- Co-authored-by: Lee Garrett <lgarrett@rocketjump.eu> Co-authored-by: Matt Clay <matt@mystile.com> (cherry picked from commit `5f6aef95ac`)	8 months ago
Matt Davis	82ea3addce	Miscellaneous fixes (#85012 ) * Add help_text to play_hosts deprecation * clean up TaskResult type handling (cherry picked from commit `1b6b910439`)	8 months ago
Matt Clay	98009c811b	Disable retries on ansible-galaxy-collection (#85013 ) (cherry picked from commit `f7d03474a5`)	8 months ago
Sloane Hertel	de7c454684	Remove unused local function _get_plugin_vars from vars manager (#85008 ) (cherry picked from commit `93e6f012cb`)	8 months ago
Matt Clay	80d5f05642	Miscellaneous DT fixes (#84991 ) * Use `_UNSET` instead of allowing `ellipsis` * Fix deprecation warning pre-check * Deprecation warnings from modules can now be disabled. * Deprecation warnings from modules get the "can be disabled" notice. * Include help text in pre-display fatal errors * Simplify lookup warning/debug messaging * Fix return type of `timedout` test plugin * Use `object` for `_UNSET` * Remove obsolete `convert_data` tests * Remove unnecessary template from test * Improve legacy YAML objects backward compat * Fix templar backward compat for None overrides (cherry picked from commit `6cc97447aa`)	8 months ago
Matt Clay	ec0d8f3278	Disable parallel publish in galaxy test (#85000 ) (cherry picked from commit `e094d48b1b`)	8 months ago
Abhijeet Kasurde	c21a817c47	filter_core integration test - remove Python 2.6 related dead code (#84985 ) Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com> (cherry picked from commit `500a4aba08`)	8 months ago
Martin Krizek	85cb2baf1f	get_bin_path('ssh-agent'): required is deprecated (#84995 ) (cherry picked from commit `4868effc71`)	8 months ago
Felix Fontein	2fcfad54b0	ansible-doc: fix indent and line wrapping for first line of (sub-)option and (sub-)return value descriptions (#84690 ) * Fix initial indent for descriptions of suboptions. * Fix line width for initial line of option descriptions. (cherry picked from commit `352d8ec33a`)	8 months ago
Matt Clay	6f95a618af	Convert DT issue template to pre-release template (#84982 ) (cherry picked from commit `9ddfe9db39`)	8 months ago
Matt Martz	19d9253ec9	Update Ansible release version to v2.19.0b1.post0. (#84988 )	8 months ago
Matt Martz	8d775ddced	New release v2.19.0b1 (#84979 )	8 months ago
		`@ -0,0 +1,2 @@`
							`bugfixes:`
							- uri - mark ``url`` as required (https://github.com/ansible/ansible/pull/83642).
		`@ -0,0 +1,2 @@`
							`bugfixes:`
							- get_url - fix honoring ``filename`` from the ``content-disposition`` header even when the type is ``inline`` (https://github.com/ansible/ansible/issues/83690)
		`@ -0,0 +1,2 @@`
							`minor_changes:`
							`- file - enable file module to disable diff_mode (https://github.com/ansible/ansible/issues/80817).`
		`@ -0,0 +1,2 @@`
							`deprecated_features:`
							`- paramiko - The paramiko connection plugin has been deprecated with planned removal in 2.21.`
		`@ -0,0 +1,2 @@`
							`minor_changes:`
							- "runtime-metadata sanity test - improve validation of ``action_groups`` (https://github.com/ansible/ansible/pull/83965)."
		`@ -0,0 +1,2 @@`
							`bugfixes:`
							`- Fix returning 'unreachable' for the overall task result. This prevents false positives when a looped task has unignored unreachable items (https://github.com/ansible/ansible/issues/84019).`
		`@ -0,0 +1,2 @@`
							`minor_changes:`
							- dnf5, apt - add ``auto_install_module_deps`` option (https://github.com/ansible/ansible/issues/84206)
		`@ -0,0 +1,2 @@`
							`bugfixes:`
							- ansible-galaxy - Small adjustments to URL building for ``download_url`` and relative redirects.
		`@ -0,0 +1,2 @@`
							`bugfixes:`
							- ssh - connection options were incorrectly templated during ``reset_connection`` tasks (https://github.com/ansible/ansible/pull/84238).