- OpenSSH update
- Working Groups/Community update
- Crescendo preview 2
- SecretManagement 1.1 design change affecting extensions
- PowerShellGet v3 update
- Community Demos
- Q&A
- OpenSSH
- Originally planned to update to 8.1 in 20H1 (and then 20H2)
- Due to mixups, this was delayed until the last month, upon which we shipped an 8.1 WU update for all machines downlevel to 20H1
- 8.6 will be out as a GitHub release (beta) in the next few weeks
- Due to the validation length of 8.6, it will not ship into 21H2, but instead will show up in 22H1 (or the equivalent)
- Generally, the version of OpenSSH shipping in Windows is the only
supported version
- Installing "manually" from GitHub to downlevel is not a supported scenario
- The Azure Gallery does have a supported extension for Azure Windows VMs
or Arc-enabled servers
- Currently on 7.7 but will be updating soon
- Working Groups / Community update
- Working Groups are sub-committees around specific issue labels in the PowerShell/PowerShell
- Some of the feedback
- PowerShell/PowerShell#14603
- #274
- Module compatibility
- Lots of feedback around M365 module compatibility with PowerShell 7
- Highly engaged and making progress
- Crescendo preview.2
- Released last week, now with command elevation!
- Flexibile enough to elevate on both Windows and Linux (
Start-Processandsudo) - Some issues with elevation on Windows
- Next preview: plan to make improvements to output handling
- SecretManagement 1.1 design change for vault extensions
- Vault extensions get registered with SecretManagement as implementations for retreiving and setting secrets in a vault
- Today, these extension modules are loaded into the same session in which the user is executing
- This design prevents vault extensions from operating in Constrained Language Mode (CLM)
- Code Integrity (CI) policy is an application control policy that locks down a machine
- Essentially runs "trusted" scripts/modules in full language mode vs. CLM
- SecretManagement is designed to run in CLM but cannot today beause of how it loades extension modules today
- Going forward, vault extensions will get loaded into fresh sessions via new runspaces
- This change breaks extension modules like KeePass in how they unlock the vault
- Unlocking can be done interactively (e.g. prompt for password), but it also needs to work in non-interactive (e.g. CI/CD) scenarios
- Original issue (here)[PowerShell/SecretStore#64], but conversation will continue in SecretManagement
- PowerShellGet 3.0 update
- Despite lack of a major preview update, a ton of work has gone into PSGetv3 within the last month
- Particularly getting into code review for
Find-Module - Are also looking into issues and PRs across the board coming in from community
- Keep playing with PSGetv3 and filing issues!
- Not a firm date on next release, but would love to ship in June
- Microsoft/Community demos
- Updates to Guest Configuration cmdlets (Michelle Yang)