## New features - We added support for recipes in JSON format. This builds on earlier work that allows you to define recipes in YAML. This provides a low-code syntax for simple use cases. To write recipes in JSON, Chef resources and any user-defined parameters can be added as elements in a resources object, such as the example below: ```json { "resources": [ { "type": "package", "name": "httpd" }, { "type": "template", "name": "/var/www/html/index.html", "source": "index.html.erb" }, { "type": "service", "name": "httpd", "action": [ "enable", "start" ] } ] } ``` Thanks [dafyddcrosby](https://github.com/dafyddcrosby)! ([#15106](https://github.com/chef/chef/pull/15106)) ## Compliance Phase improvements - We updated the inspec-core and train-core gems. ([#15042](https://github.com/chef/chef/pull/15042)) ## Resource updates - We added the `environment` property to the `apt_package`, `dnf_package`, `dpkg_package`, `package`, `rpm_package`, and `yum_package` resources. This allows you to customize package installation using environment variables for packages that don’t use preseed files. For example: ```ruby apt_package "percona-xtradb-cluster-server" do environment({"PERCONA_TELEMETRY_DISABLE" => "1"}) end ``` Thanks [kristofvandam](https://github.com/kristofvandam)! ([#15091](https://github.com/chef/chef/pull/15091)) - We fixed an idempotency bug when dearmoring keys in the `apt_repository` resource. ([#15056](https://github.com/chef/chef/pull/15056)) - We fixed a bug with the `apt_repository` resource where it was erroneously accepting empty keys. ([#15043](https://github.com/chef/chef/pull/15043)) ## Bug fixes - We fixed a bug in the `irb` prompt that caused the cursor to jump. ([#15069](https://github.com/chef/chef/pull/15069)) - We fixed a bug where Chef Infra Client was not handling Ohai custom plug-ins correctly. The plug-in name would return an `Ohai::Exceptions::AttributeNotFound` error. ([#15115](https://github.com/chef/chef/pull/15115)) - We fixed the error `NoMethodError: undefined method 'present?' for nil:NilClass` when running `knife bootstrap`. ([#15108](https://github.com/chef/chef/pull/15108)) - We fixed a bug when loading custom CA certificates on Windows that led to the following SSL error: `error: certificate verify failed (self-signed certificate in certificate chain)`. This is due to updating OpenSSL to version 3.0.9 on Chef Infra Client 18.6.2, which broke how Infra Client finds CA certificate files on Windows. ([#15040](https://github.com/chef/chef/pull/15040)) ## Packaging - We now build packages for Ubuntu 24.04 on x86-64 and ARM64 platforms and no longer support packages for Ubuntu 16.04. ([#15062](https://github.com/chef/chef/pull/15062)) - We now build packages for Windows Server 2025 on x86_64 platforms. ([#15165](https://github.com/chef/chef/pull/15165)) ## Security - Chef Infra Client now supports the openssl Ruby gem version 3.3.0. ([#15147](https://github.com/chef/chef/pull/15147)) - We updated the uri Ruby gem to 1.0.3. ([#15131](https://github.com/chef/chef/pull/15131)) - We updated the rack gem in chef-zero because it was vulnerable to a CVE. ([#334](https://github.com/chef/chef-zero/pull/334)) - We updated the json gem to 2.13.2 ([7bc6001](https://github.com/chef/chef/commit/7bc60013646f47fb859e7d571de4d1b226efa07b)) - We updated the thor gem to 1.4.0 ([#15196](https://github.com/chef/chef/pull/15196) - We updated chef-zero to update dependencies and fix CVEs. ([#15117](https://github.com/chef/chef/pull/15117)) - We updated activesupport to fix a CVE. ([#15189](https://github.com/chef/chef/pull/15189)) - We updated chef-foundation to 3.2.32 to incorporate the following: - nokogiri gem updated to 1.18.9 - cgi gem bumped to 0.3.7 - libxml2 updated to 2.13.8 - libxslt updated to 1.1.43 - Removed rbs and typeprof bundled gems to reduce attack surface - Updated OpenSSL library and executables to 3.2.4 and OpenSSL FIPS to 3.1.2