New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add changelog and version bump for SecureDrop 2.8.0-rc1 #7128
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
|
@@ -2,7 +2,52 @@ | |||||
|
||||||
## 2.8.0~rc1 | ||||||
|
||||||
### Web applications | ||||||
* Updated strings based on translator feedback (#7057) | ||||||
* Improved redwood stream performance and testing (#7070) | ||||||
* Dependency changes: | ||||||
* openssl rust crate from 0.10.57 to 0.10.60 (#7083) | ||||||
* cryptography from 41.0.3 to 41.0.7 (#7086) | ||||||
* rustix rust crate from 0.38.18 to 0.38.21 (#7114) | ||||||
|
||||||
### Operations | ||||||
* Updated copyright strings to reference 2024 (#7099) | ||||||
* Removed deprecated mitigation for CVE-2019-3462 (#7053) | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 👍 |
||||||
* Improved logic for installing admin tool apt dependencies in Tails (#7088) | ||||||
* Added support for Tails 6 to admin tools (#7116) | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Do you want to list the various dependency updates that went into this? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We could - I've defaulted to listing updates with a specific PR but an exhaustive list wouldn't be hard to generate. |
||||||
|
||||||
### CI | ||||||
* Updated CI to verify that the demo container builds and runs (#7052) | ||||||
* Updated GCE CI machine type to c2-standard-8 (#7087) | ||||||
* Moved various CI jobs to Github Actions (#6969) | ||||||
* Fixed cargo-vet binary caching (#7065) | ||||||
* Upgraded to cargo-vet 0.9.0 (#7101) | ||||||
* Enabled dependabot for Github Actions (#7102) | ||||||
* Dependabot updates (#7105, #7104, #7108) | ||||||
* Fixed broken apt caches in staging-test-with-rebase job (#7110) | ||||||
|
||||||
### Development | ||||||
* Updated packaging logic to exclude config.py (#7014) | ||||||
* Fixed broken link in contributing.md (#7028) | ||||||
* Added option to specific git remote for backport script (#7044) | ||||||
* Updated functional tests to run under Selenium 4 (#7100) | ||||||
* Updated docker run parameters to only pass -it if a tty is available (#7098) | ||||||
* Updated rust toolchain in CI and Dockerfiles to 1.74.1 (#7091) | ||||||
* Decreased cargo audit error threshold (#7083) | ||||||
* Fixed hot reload functionality in dev environment (#7120) | ||||||
* Dependency changes: | ||||||
* MarkupSafe from 2.0.2 to 2.1.2 (#7006) | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. MarkupSafe and jinja2 are prod dependencies that should probably be in the above section? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yup, will add them for the next revision. |
||||||
* Selenium from 3.141.0 to 4.16.0 (#7100) | ||||||
* tbselenium from 0.5.2 to 0.8.1 (#7100) | ||||||
* jinja2 from 3.0.2 to 3.1.3 (#7107, #7109) | ||||||
* peewee from 3.15.0 to 3.17.1 (#7112) | ||||||
* diffoscope from 236 to 256 (#7125) | ||||||
* Updated ignored safety alerts: | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think this is that useful in the changelog, or just fold it into one line? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Maybe - I think since we're having to add so many ignores lately there's value in making that explicit (either in the case where it highlights their triviality or where we silenced one that we shouldn't). |
||||||
* Safety 61893 - CVE-2023-45803 (#7085) | ||||||
* Safety 62019 - CVE-2023-46136 (#7085) | ||||||
* Safety 63066 (#7100) | ||||||
* Safety 63227 (#7100) | ||||||
* Safety 65647 (#7122) | ||||||
|
||||||
## 2.7.0 | ||||||
|
||||||
|
@@ -12,10 +57,11 @@ | |||||
* Update French diceware wordlist (#6936) | ||||||
* Replace pretty-bad-protocol dependency with vendored version (#6836, #6907) | ||||||
* Import Markup and escape from markupsafe (#6964) | ||||||
* Update wordlist to remove potentially confusing or offensive terms (#7008, #7021) | ||||||
* Update wordlist to remove potentially confusing or offensive terms (#7024, #7021) | ||||||
* Validate the submission key,disable Journalist and Source Interfaces if a weak key is found (#7059) | ||||||
* Dependency changes: | ||||||
* Update cryptography from 41.0.1 to 41.0.3 (#6940) | ||||||
* Upgrade sequioa-openpgpg from 1.16.1 to 1.17.0 (#7041) | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Always finding new ways to typo sequoia. |
||||||
|
||||||
### Operations | ||||||
|
||||||
|
@@ -48,7 +94,8 @@ | |||||
* Remove hypothesis dependency (#6893) | ||||||
* Update certifi from 2022.12.7 to 2023.7.22 (#6900) | ||||||
* Update pillow from 9.3.0 to 10.0.1 (#6959) | ||||||
* Update markupsafe from 2.0.1 to 2.1.2 (#7014) | ||||||
* Update markupsafe from 2.0.1 to 2.1.2 (#7006) | ||||||
* Miscellaneous changes (#7008) | ||||||
|
||||||
## 2.6.1 | ||||||
|
||||||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the more important one is dba0af6, which upgraded is-terminal so that it no longer depends on rustix (which is now a dev-dep only).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍