## Smaller Package and Install Size We trimmed unnecessary installation files, greatly reducing the sizes of both Chef Infra Client packages and on disk installations. MacOS/Linux/FreeBSD packages are ~50% smaller and Windows are ~12% smaller. Chef Infra Client 13 is now smaller than a legacy Chef Infra Client 10 package. ## macOS Mojave (10.14) Chef Infra Client is now tested against macOS Mojave and packages are now available at downloads.chef.io. ## SUSE Linux Enterprise Server 15 - Ohai now properly detects SLES 15 - The Chef package will no longer remove symlinks to chef-client and ohai when upgrading on SLES 15 ## Updated Chef-Vault Updating chef-vault to 3.4.2 resolved multiple bugs. ## Faster Windows Installations Improved Windows installation speed by skipping unnecessary steps when Windows Installer 5.0 or later is available. ## Ohai 13.12 ### macOS Improvements - sysctl commands have been modified to gather only the bare minimum required data, which prevents sysctl hanging in some scenarios - Extra data has been removed from the system_profile plugin, reducing the amount of data stored on the chef-server for each node ## New Deprecations ### system_profile Ohai plugin removal The `system_profile` plugin will be removed from Chef Infra Client/Ohai 15 in April, 2019. This plugin incorrectly returns data on modern Mac systems. Further, the hardware plugin returns the same data in a more readily consumable format. Removing this plugin reduces the speed of the Ohai return by ~3 seconds and also greatly reduces the node object size on the Chef Infra Server ### ohai_name property in ohai resource The ``ohai`` resource's unused ``ohai_name`` property has been deprecated. This will be removed in Chef Infra Client 15.0. ## Security Updates ### Ruby 2.4.5 Ruby has been updated to from 2.4.4 to 2.4.5 to resolve multiple CVEs as well as bugs: - [CVE-2018-16396](https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/) - [CVE-2018-16395](https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/)