From f4bbe00322f4e983e73121d305e3855b9398b13f Mon Sep 17 00:00:00 2001 From: rugk Date: Sat, 23 Jul 2016 16:59:47 +0200 Subject: [PATCH 1/3] Download JQuery over HTTPS Otherwise anyone can MITM the connection and add rogue code there. --- bin/installDeps.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/installDeps.sh b/bin/installDeps.sh index ea6be38f..48a34905 100755 --- a/bin/installDeps.sh +++ b/bin/installDeps.sh @@ -95,7 +95,7 @@ if [ -f "src/static/js/jquery.js" ]; then fi if [ $DOWNLOAD_JQUERY = "true" ]; then - curl -lo src/static/js/jquery.js http://code.jquery.com/jquery-$NEEDED_VERSION.js || exit 1 + curl -lo src/static/js/jquery.js https://code.jquery.com/jquery-$NEEDED_VERSION.js || exit 1 fi #Remove all minified data to force node creating it new From 6dc808ad5483f616afcd64e5058ef0e69bb0c9bd Mon Sep 17 00:00:00 2001 From: Stefan Date: Fri, 23 Dec 2016 21:59:57 +0100 Subject: [PATCH 2/3] Release version 1.6.1 --- bin/createRelease.sh | 176 +++++++++++++++++++++++++++++++++++++++++++ src/package.json | 2 +- 2 files changed, 177 insertions(+), 1 deletion(-) create mode 100755 bin/createRelease.sh diff --git a/bin/createRelease.sh b/bin/createRelease.sh new file mode 100755 index 00000000..435ec346 --- /dev/null +++ b/bin/createRelease.sh @@ -0,0 +1,176 @@ +#!/bin/bash +# +# This script is used to publish a new release/version of etherpad on github +# +# Work that is done by this script: +# ETHER_REPO: +# - Add text to CHANGELOG.md +# - Replace version of etherpad in src/package.json +# - Create a release branch and push it to github +# - Merges this release branch into master branch +# - Creating the windows build and the docs +# ETHER_WEB_REPO: +# - Creating a new branch with the docs and the windows build +# - Replacing the version numbers in the index.html +# - Push this branch and merge it to master +# ETHER_REPO: +# - Create a new release on github + +ETHER_REPO="https://github.com/ether/etherpad-lite.git" +ETHER_WEB_REPO="https://github.com/ether/ether.github.com.git" +TMP_DIR="/tmp/" + +echo "WARNING: You can only run this script if your github api token is allowed to create and merge branches on $ETHER_REPO and $ETHER_WEB_REPO." +echo "This script automatically changes the version number in package.json and adds a text to CHANGELOG.md." +echo "When you use this script you should be in the branch that you want to release (develop probably) on latest version. Any changes that are currently not commited will be commited." +echo "-----" + +# get the latest version +LATEST_GIT_TAG=$(git tag | tail -n 1) + +# current environment +echo "Current environment: " +echo "- branch: $(git branch | grep '* ')" +echo "- last commit date: $(git show --quiet --pretty=format:%ad)" +echo "- current version: $LATEST_GIT_TAG" +echo "- temp dir: $TMP_DIR" + +# get new version number +# format: x.x.x +echo -n "Enter new version (x.x.x): " +read VERSION + +# get the message for the changelogs +read -p "Enter new changelog entries (press enter): " +tmp=$(mktemp) +"${EDITOR:-vi}" $tmp +changelogText=$(<$tmp) +echo "$changelogText" +rm $tmp + +if [ "$changelogText" != "" ]; then + changelogText="# $VERSION\n$changelogText" +fi + +# get the token for the github api +echo -n "Enter your github api token: " +read API_TOKEN + +function check_api_token { + echo "Checking if github api token is valid..." + CURL_RESPONSE=$(curl --silent -i https://api.github.com/user?access_token=$API_TOKEN | iconv -f utf8) + HTTP_STATUS=$(echo $CURL_RESPONSE | head -1 | sed -r 's/.* ([0-9]{3}) .*/\1/') + [[ $HTTP_STATUS != "200" ]] && echo "Aborting: Invalid github api token" && exit 1 +} + +function modify_files { + # Add changelog text to first line of CHANGELOG.md + sed -i "1s/^/${changelogText}\n/" CHANGELOG.md + # Replace version number of etherpad in package.json + sed -i -r "s/(\"version\"[ ]*: \").*(\")/\1$VERSION\2/" src/package.json +} + +function create_release_branch { + echo "Creating new release branch..." + git rev-parse --verify release/$VERSION 2>/dev/null + if [ $? == 0 ]; then + echo "Aborting: Release branch already present" + exit 1 + fi + git checkout -b release/$VERSION + [[ $? != 0 ]] && echo "Aborting: Error creating relase branch" && exit 1 + + echo "Commiting CHANGELOG.md and package.json" + git add CHANGELOG.md + git add src/package.json + git commit -m "Release version $VERSION" + + echo "Pushing release branch to github..." + git push -u $ETHER_REPO release/$VERSION + [[ $? != 0 ]] && echo "Aborting: Error pushing release branch to github" && exit 1 +} + +function merge_release_branch { + echo "Merging release to master branch on github..." + API_JSON=$(printf '{"base": "master","head": "release/%s","commit_message": "Merge new release into master branch!"}' $VERSION) + CURL_RESPONSE=$(curl --silent -i -N --data "$API_JSON" https://api.github.com/repos/ether/etherpad-lite/merges?access_token=$API_TOKEN | iconv -f utf8) + echo $CURL_RESPONSE + HTTP_STATUS=$(echo $CURL_RESPONSE | head -1 | sed -r 's/.* ([0-9]{3}) .*/\1/') + [[ $HTTP_STATUS != "200" ]] && echo "Aborting: Error merging release branch on github" && exit 1 +} + +function create_builds { + echo "Cloning etherpad-lite repo and ether.github.com repo..." + cd $TMP_DIR + rm -rf etherpad-lite ether.github.com + git clone $ETHER_REPO --branch master + git clone $ETHER_WEB_REPO + echo "Creating windows build..." + cd etherpad-lite + bin/buildForWindows.sh + [[ $? != 0 ]] && echo "Aborting: Error creating build for windows" && exit 1 + echo "Creating docs..." + make docs + [[ $? != 0 ]] && echo "Aborting: Error generating docs" && exit 1 +} + +function push_builds { + cd $TMP_DIR/etherpad-lite/ + echo "Copying windows build and docs to website repo..." + GIT_SHA=$(git rev-parse HEAD | cut -c1-10) + mv etherpad-lite-win.zip $TMP_DIR/ether.github.com/downloads/etherpad-lite-win-$VERSION-$GIT_SHA.zip + + mv out/doc $TMP_DIR/ether.github.com/doc/v$VERSION + + cd $TMP_DIR/ether.github.com/ + sed -i "s/etherpad-lite-win.*\.zip/etherpad-lite-win-$VERSION-$GIT_SHA.zip/" index.html + sed -i "s/$LATEST_GIT_TAG/$VERSION/g" index.html + git checkout -b release_$VERSION + [[ $? != 0 ]] && echo "Aborting: Error creating new release branch" && exit 1 + git add doc/ + git add downloads/ + git commit -a -m "Release version $VERSION" + git push -u $ETHER_WEB_REPO release_$VERSION + [[ $? != 0 ]] && echo "Aborting: Error pushing release branch to github" && exit 1 +} + +function merge_web_branch { + echo "Merging release to master branch on github..." + API_JSON=$(printf '{"base": "master","head": "release_%s","commit_message": "Release version %s"}' $VERSION $VERSION) + CURL_RESPONSE=$(curl --silent -i -N --data "$API_JSON" https://api.github.com/repos/ether/ether.github.com/merges?access_token=$API_TOKEN | iconv -f utf8) + echo $CURL_RESPONSE + HTTP_STATUS=$(echo $CURL_RESPONSE | head -1 | sed -r 's/.* ([0-9]{3}) .*/\1/') + [[ $HTTP_STATUS != "200" ]] && echo "Aborting: Error merging release branch" && exit 1 +} + +function publish_release { + echo -n "Do you want to publish a new release on github (y/n)? " + read PUBLISH_RELEASE + if [ $PUBLISH_RELEASE = "y" ]; then + # create a new release on github + API_JSON=$(printf '{"tag_name": "%s","target_commitish": "master","name": "Release %s","body": "%s","draft": false,"prerelease": false}' $VERSION $VERSION $changelogText) + CURL_RESPONSE=$(curl --silent -i -N --data "$API_JSON" https://api.github.com/repos/ether/etherpad-lite/releases?access_token=$API_TOKEN | iconv -f utf8) + HTTP_STATUS=$(echo $CURL_RESPONSE | head -1 | sed -r 's/.* ([0-9]{3}) .*/\1/') + [[ $HTTP_STATUS != "201" ]] && echo "Aborting: Error publishing release on github" && exit 1 + else + echo "No release published on github!" + fi +} + +function todo_notification { + echo "Release procedure was successful, but you have to do some steps manually:" + echo "- Update the wiki at https://github.com/ether/etherpad-lite/wiki" + echo "- Create a pull request on github to merge the master branch back to develop" + echo "- Announce the new release on the mailing list, blog.etherpad.org and Twitter" +} + +# call functions +check_api_token +modify_files +create_release_branch +merge_release_branch +create_builds +push_builds +merge_web_branch +publish_release +todo_notification diff --git a/src/package.json b/src/package.json index 73020b2d..ca86258f 100644 --- a/src/package.json +++ b/src/package.json @@ -55,6 +55,6 @@ "repository" : { "type" : "git", "url" : "http://github.com/ether/etherpad-lite.git" }, - "version" : "1.6.0", + "version" : "1.6.1", "license" : "Apache-2.0" } From 9f51432175c55deb4da54075351dc870a0b35808 Mon Sep 17 00:00:00 2001 From: Stefan Date: Fri, 23 Dec 2016 22:12:18 +0100 Subject: [PATCH 3/3] Update CHANGELOG.md --- CHANGELOG.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8ba311aa..b4120a3c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,32 @@ +#1.6.1 + * NEW: Hook aceRegisterNonScrollableEditEvents to register events that shouldn't scroll + * NEW: Added 'item' parameter to registerAceCommand Hook + * NEW: Added LibreJS support + * Fix: Crash on malformed export url + * Fix: Re-enable editor after user is reconnected to server + * Fix: minification + * Other: Added 'no-referrer' for all pads + * Other: Improved cookie security + * Other: Fixed compatibility with nodejs 7 + * Other: Updates + - socket.io to 1.6.0 + - express to 4.13.4 + - express-session to 1.13.0 + - clean-css to 3.4.12 + - uglify-js to 2.6.2 + - log4js to 0.6.35 + - cheerio to 0.20.0 + - ejs to 2.4.1 + - graceful-fs to 4.1.3 + - semver to 5.1.0 + - unorm to 1.4.1 + - jsonminify to 0.4.1 + - measured to 1.1.0 + - mocha to 2.4.5 + - supertest to 1.2.0 + - npm to 4.0.2 + - Node.js for Windows to 6.9.2 + # 1.6.0 * SECURITY: Fix a possible xss attack in iframe link * NEW: Add a aceSelectionChanged hook to allow plugins to react when the cursor location changes.