## Bug Fixes - We've resolved an issue with knife bootstrap that prevented bootstrapping Windows nodes from a non-Windows workstation - Resources that set `ignore_failure` true will now report failures to Automate. ## Resource Updates ### chef_client_systemd_timer The `chef_client_systemd_timer` resource has been updated to prevent failures running the `:remove` action. ### openssl resource The various openssl_* resources were refactored to better report the changed state of the resource to Automate or other handlers. ### osx_profile The `osx_profile` resource has been refactored as a custom resource internally. This update also better reports the changed state of the resource to Automate or other handlers and no longer silently continues if the attempts to shellout fail. ### powershell_package_source The `powershell_package_source` resource no longer requires the `url` property to be set when using the `:unregister` action. Thanks for this fix [@kimbernator](https://github.com/kimbernator)! ### powershell_script The `powershell_script` resource has been refactored to better report the changed state of the resource to Automate or other handlers. ### windows_feature The `windows_feature` resource has been updated to allow installing features that have been removed if a source location is provided. Thanks for reporting this [@stefanwb](https://github.com/stefanwb)! ### windows_font The `windows_font` resource will no longer fail on newer releases of Windows if a font is already installed. Thanks for reporting this [@bmiller08](https://github.com/bmiller08)! ### windows_workgroup The `windows_workgroup` resource has been updated to treat the `password` property as a sensitive property. The value of the `password` property will no longer be shown in logs or handlers. ## Security ### CA Root Certificates The included `cacerts` bundle in Chef Infra Client has been updated to the 7-22-2020 release. This new release removes 4 legacy root certificates and adds 4 additional root certificates. ### Reduced Dependencies We've audited the included dependencies that we ship with Chef Infra Client to reduce the 3rd party code we ship. We've removed many of the embedded binaries that shipped with the client in the past, but were not directly used. We've also reduced the feature set built into many of the libraries that we depend on, and removed several Ruby gem dependencies that were no longer necessary. This reduces the future potential for CVEs in the product and reduces package size at the same time.