|
| 1 | +# PowerShell Community Call - May 20, 2021 |
| 2 | + |
| 3 | +## Agenda |
| 4 | + |
| 5 | +* OpenSSH update |
| 6 | +* Working Groups/Community update |
| 7 | +* Crescendo preview 2 |
| 8 | +* SecretManagement 1.1 design change affecting extensions |
| 9 | +* PowerShellGet v3 update |
| 10 | +* Community Demos |
| 11 | +* Q&A |
| 12 | + |
| 13 | +## Notes |
| 14 | + |
| 15 | +* OpenSSH |
| 16 | + * Originally planned to update to 8.1 in 20H1 (and then 20H2) |
| 17 | + * Due to mixups, this was delayed until the last month, upon which |
| 18 | + we shipped an 8.1 WU update for all machines downlevel to 20H1 |
| 19 | + * 8.6 will be out as a GitHub release (beta) in the next few weeks |
| 20 | + * Due to the validation length of 8.6, it will not ship into 21H2, |
| 21 | + but instead will show up in 22H1 (or the equivalent) |
| 22 | + * Generally, the version of OpenSSH shipping in Windows is the only |
| 23 | + supported version |
| 24 | + * Installing "manually" from GitHub to downlevel is not a supported |
| 25 | + scenario |
| 26 | + * The Azure Gallery does have a supported extension for Azure Windows VMs |
| 27 | + or Arc-enabled servers |
| 28 | + * Currently on 7.7 but will be updating soon |
| 29 | +* Working Groups / Community update |
| 30 | + * Working Groups are sub-committees around specific [issue labels](https://github.com/powershell/powershell/labels) |
| 31 | + in the PowerShell/PowerShell |
| 32 | + * Some of the feedback |
| 33 | + * https://github.com/PowerShell/PowerShell/pull/14603 |
| 34 | + * https://github.com/PowerShell/PowerShell-RFC/pull/274 |
| 35 | +* Module compatibility |
| 36 | + * Lots of feedback around M365 module compatibility with PowerShell 7 |
| 37 | + * Highly engaged and making progress |
| 38 | +* Crescendo preview.2 |
| 39 | + * Released last week, now with command elevation! |
| 40 | + * Flexibile enough to elevate on both Windows and Linux (`Start-Process` and `sudo`) |
| 41 | + * Some issues with [elevation on Windows](https://github.com/PowerShell/Crescendo/issues/81) |
| 42 | + * Next preview: plan to make improvements to output handling |
| 43 | +* SecretManagement 1.1 design change for vault extensions |
| 44 | + * Vault extensions get registered with SecretManagement as implementations |
| 45 | + for retreiving and setting secrets in a vault |
| 46 | + * Today, these extension modules are loaded into the same session in which |
| 47 | + the user is executing |
| 48 | + * This design prevents vault extensions from operating in Constrained Language Mode (CLM) |
| 49 | + * Code Integrity (CI) policy is an application control policy that locks down a machine |
| 50 | + * Essentially runs "trusted" scripts/modules in full language mode vs. CLM |
| 51 | + * SecretManagement is designed to run in CLM but cannot today beause of how it loades |
| 52 | + extension modules today |
| 53 | + * Going forward, vault extensions will get loaded into fresh sessions via new runspaces |
| 54 | + * This change breaks extension modules like KeePass in how they unlock the vault |
| 55 | + * Unlocking can be done interactively (e.g. prompt for password), |
| 56 | + but it also needs to work in non-interactive (e.g. CI/CD) scenarios |
| 57 | + * Original issue (here)[https://github.com/PowerShell/SecretStore/issues/64], |
| 58 | + but conversation will continue [in SecretManagement](https://github.com/PowerShell/SecretManagement/issues/144) |
| 59 | +* PowerShellGet 3.0 update |
| 60 | + * Despite lack of a major preview update, a ton of work has gone into |
| 61 | + PSGetv3 within the last month |
| 62 | + * Particularly getting into code review for `Find-Module` |
| 63 | + * Are also looking into issues and PRs across the board coming in from community |
| 64 | + * Keep playing with PSGetv3 and filing issues! |
| 65 | + * Not a firm date on next release, but would love to ship in June |
| 66 | +* Microsoft/Community demos |
| 67 | + * Updates to Guest Configuration cmdlets (Michelle Yang) |
0 commit comments