## Major Version Change Starting with this release, Chef Workstation is switching to a date-based versioning scheme. The major number represents the year, the minor number represents the month, and the patch number represents the build number. For example, `20.6.111` would refer to the June 2020 release at build number 111. We decided to switch to a date-based version because Chef Workstation is a collection of tools meant to be used by humans and not machines. Dates are easier to relate and reference, whereas SemVer makes it easier to convey API changes and backward-incompatible changes. The Chef Workstation team introduced feature flags as a way of introducing new functionality or breaking changes alongside bundled tool updates. The Chef Workstation team will document feature flags in the release notes and Chef Workstation App tool. This change gives us the ability to change human-centric tools more rapidly than strict adherence to SemVer allowed us to. We will not break major tool flows (except in the scope of a feature flag), but rather we want users to always stay up-to-date on the latest release and consume iterative updates to their tooling. ## Breaking Changes ### chef-sugar removal With the introduction of chef-utils in Chef Infra Client 15, we now ship nearly 100 of the most important helpers from chef-sugar directly in Chef Infra Client. Including these helpers is the right thing to do for users and makes them easier to maintain. Now that this functionality is included, users no longer need to install the chef-sugar gem or use the chef-sugar cookbook, so we removed them from Chef Workstation. ## Security Updates ### OpenSSL OpenSSL was updated from 1.0.2u to 1.0.2v with the following message: > *) Implemented coordinate blinding for the generic implementations of both binary and prime elliptic curves to avoid leaking bits of the scalar and, potentially, bug attacks. A group of security researchers and cryptographers from academia and industry, listed below, reported a successful cache timing attack in OpenSSL 1.0.2u against specific prime and binary curves whose order or field length is close to a word boundary. They also provided the fix. This attack does not fit the OpenSSL threat model and so no CVE is assigned, but a fix is implemented nonetheless. [Diego F. Aranha, Akira Takahashi, Mehdi Tibouchi, Yuval Yarom] ### Rake Rake was updated from 12.3.2 to 13.0.1 to resolve [CVE-2020-8130](https://github.com/advisories/GHSA-jppv-gw3r-w3q8). ## Upgrade Lab Chef Upgrade Lab is a new process guide for upgrading nodes from legacy Chef Infra Client 12 to current Chef Infra Client 16 using a powerful set of new tools. ### Upgrade Lab Guide The [Upgrade Lab Guide](https://docs.chef.io/workstation/upgrade_lab/) teaches users how to leverage the new tools in Chef Workstation to upgrade their older Chef Infra installations to the latest version. Users will learn how to query their existing infrastructure to identify a single node to upgrade, capture the state of that node to a local development workstation, iterate locally on cookbook changes to support the latest version of Chef Infra Client, deploy the updated cookbook to a new Chef Infra Server instance, and finally upgrade the installed version of Chef Infra Client on the node. ### The new `report` command Use the new `chef report` command to analyze a Chef Infra Server and quickly get insight into which nodes and cookbooks are best suited for upgrading. The `chef report nodes` command lists all nodes on the server and describes which cookbooks are used by each node. The `chef report cookbooks` command lists cookbooks and the nodes that consume them, and can even analyse the cookbooks using `cookstyle` to look for potential upgrade issues in the recipes! ### The new `capture` command `chef capture` is a powerful interactive CLI experience that analyzes a single node on the Chef Infra Server, then helps you locate the cookbooks it consumes, downloads the node data, and even creates a local Test Kitchen configuration. This enables you to start upgrading your cookbooks while running Chef Infra Client in a local virtual machine for rapid development. ### VSCode Integration As you iterate on your cookbooks, you can make your changes directly in Visual Studio Code assisted by the Chef Infra Extension. It provides code completion and integration with cookstyle, including auto-correction of recipe code issues. ## Updated Components ### Chef Infra Client 16 Chef Infra Client has been updated to Chef 16. This release adds tons of new features and improvements, including these highlights: * Cookbook authors can now [write](https://docs.chef.io/release_notes/#yaml-recipes) simple recipes in YAML. * New resources for setting the client to run on an interval using native system schedulers. * New `windows_security_policy` and `windows_user_privlidge` resources. * Resource partials allow you to define reusable portions of code that can be included in multiple custom resources. * Built-in support for Chef Vault, so no need to depend on the `chef-vault` cookbook or gem. * Improved performance on Windows systems. See the [Chef Infra Client 16 Release Notes](https://docs.chef.io/release_notes/#whats-new-in-160) for details on all the great new features and improvements, as well as breaking changes. ### Chef executables `chef-run` and `chef` have been updated to add support for YAML-based recipes introduced in Chef Infra Client 16. Users can specify a YAML recipe in the same way that they would normally specify a ruby recipe (`chef run target chef_repo/recipes/my_recipe.yml`, `chef install`, etc.). `chef generate cookbook` has also been updated to use the latest CentOS and Ubuntu releases in Test Kitchen and ChefSpec configuration files. ### Cookstyle 6.7 Cookstyle has been updated from 6.3.4 to 6.7.3. This new release includes 8 new Chef Infra cookbook cops as well as an updated RuboCop engine, which includes a large number of autocorrection improvements and bug fixes. It also enables a `ChefModernize/FoodcriticComments`, encouraging users to migrate off Foodcritic and includes improved Chef Infra Client version documentation for each cop. ### Chef InSpec Chef InSpec has been updated from 4.18.111 to 4.19.0. This new release allows you to develop your own Chef InSpec Reporter plugin and determine how Chef InSpec will report result data. Additionally, the `inspec archive` command packs your profile into a `tar.gz` file that includes the profile in JSON form as the `inspec.json` file. Use this JSON file to programmatically examine the profile without needing to load it into Chef InSpec. ### Kitchen Hyper-V The Kitchen Hyper-V driver has updated from 0.5.3 to 0.5.4, which resolves failures from getting the default VM Switch if there were spaces in the name. Thanks [@kdoores](http://github.com/kdoores) for this improvement. ### Kitchen DigitalOcean The Kitchen DigitalOcean driver has updated from 0.10.6 to 0.11.0. This release adds slugs for Ubuntu 20.04 / RHEL 8 / Fedora 31 support, and adds support for VPCs. Thanks [@zmaupin](https://github.com/zmaupin), [@tolland](https://github.com/tolland), and [@gregf](https://github.com/gregf) for these improvements. ### Ruby 2.7 Chef Workstation's Ruby installation has been updated from Ruby 2.6 to Ruby 2.7.1, which includes many features available for use in resources and libraries. See https://medium.com/rubyinside/whats-new-in-ruby-2-7-79c98b265502 for details on many of the new features. ## Windows 10 Our Windows 10 Chef Workstation packages now receive an additional layer of testing to ensure that they function as expected. ## Updates to Homebrew Cask We moved Chef Workstation out of our custom tap and into the [core](https://github.com/Homebrew/homebrew-cask/pull/81618) Homebrew casks. If you use Homebrew to keep your Chef Workstation version updated, you will need to run the following: ``` brew update brew cask reinstall chef-workstation ``` The `reinstall` command removes chef-workstation if it was installed from our custom tap (previously installed with `brew cask install chef/chef/chef-workstation`), and installs it from the list of core Homebrew casks.