Skip to content

Commit

Permalink
Release 1.6.4
Browse files Browse the repository at this point in the history 
- Changed dependency declarations to version ranges
- Bumped Guava dependency to version [24.1.1,30) in response to
  CVE-2018-10237
  • Loading branch information
@emlun
emlun committed Jun 25, 2020
2 parents 74ff8c6 + 2363f07 commit a32f39b
Show file tree
Hide file tree
Showing 9 changed files with 65 additions and 269 deletions.
8 changes: 8 additions & 0 deletions .github/dependabot.yml
View file
@@ -0,0 +1,8 @@
# See https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "gradle"
directory: "/"
schedule:
interval: "daily"
6 changes: 6 additions & 0 deletions NEWS
View file
@@ -1,3 +1,9 @@
== Version 1.6.4 ==

- Changed dependency declarations to version ranges
- Bumped Guava dependency to version [24.1.1,30) in response to CVE-2018-10237


== Version 1.6.3 ==

webauthn-server-attestation:
Expand Down
65 changes: 35 additions & 30 deletions build.gradle
View file
Expand Up @@ -3,13 +3,13 @@ buildscript {
mavenCentral()
}
dependencies {
classpath 'com.cinnober.gradle:semver-git:2.4.0'
classpath 'com.cinnober.gradle:semver-git:2.5.0'
}
}
plugins {
id 'com.github.kt3k.coveralls' version '2.8.4'
id 'io.codearte.nexus-staging' version '0.9.0'
id 'io.franzbecker.gradle-lombok' version '3.1.0'
id 'com.github.kt3k.coveralls' version '2.10.1'
id 'io.codearte.nexus-staging' version '0.21.2'
id 'io.franzbecker.gradle-lombok' version '4.0.0'
}

import io.franzbecker.gradle.lombok.LombokPlugin
Expand Down Expand Up @@ -49,39 +49,44 @@ allprojects {
}

Map<String, String> dependencyVersions = [
'ch.qos.logback:logback-classic:1.2.3',
'com.augustcellars.cose:cose-java:1.0.0',
'com.fasterxml.jackson.core:jackson-databind:2.11.0',
'com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.11.0',
'com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.11.0',
'com.google.guava:guava:19.0',
'com.upokecenter:cbor:4.0.1',
'javax.activation:activation:1.1.1',
'javax.ws.rs:javax.ws.rs-api:2.1',
'javax.xml.bind:jaxb-api:2.3.0',
'junit:junit:4.12',
'org.apache.httpcomponents:httpclient:4.5.2',
'org.bouncycastle:bcpkix-jdk15on:1.62',
'org.bouncycastle:bcprov-jdk15on:1.62',
'org.eclipse.jetty:jetty-server:9.4.9.v20180320',
'org.eclipse.jetty:jetty-servlet:9.4.9.v20180320',
'org.glassfish.jersey.containers:jersey-container-servlet-core:2.26',
'org.glassfish.jersey.containers:jersey-container-servlet:2.26',
'org.glassfish.jersey.inject:jersey-hk2:2.26',
'org.mockito:mockito-core:2.27.0',
'org.scala-lang:scala-library:2.13.1',
'org.scalacheck:scalacheck_2.13:1.14.0',
'org.scalatest:scalatest_2.13:3.0.8',
'org.slf4j:slf4j-api:1.7.25',
'ch.qos.logback:logback-classic:[1.2.3,2)',
'com.augustcellars.cose:cose-java:[1.0.0,2)',
'com.fasterxml.jackson.core:jackson-databind:[2.11.0,3)',
'com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:[2.11.0,3)',
'com.fasterxml.jackson.datatype:jackson-datatype-jdk8:[2.11.0,3)',
'com.google.guava:guava:[24.1.1,30)',
'com.upokecenter:cbor:[4.0.1,5)',
'javax.activation:activation:[1.1.1,2)',
'javax.ws.rs:javax.ws.rs-api:[2.1,3)',
'javax.xml.bind:jaxb-api:[2.3.0,3)',
'junit:junit:[4.12,5)',
'org.apache.httpcomponents:httpclient:[4.5.2,5)',
'org.bouncycastle:bcpkix-jdk15on:[1.62,2)',
'org.bouncycastle:bcprov-jdk15on:[1.62,2)',
'org.eclipse.jetty:jetty-server:[9.4.9.v20180320,10)',
'org.eclipse.jetty:jetty-servlet:[9.4.9.v20180320,10)',
'org.glassfish.jersey.containers:jersey-container-servlet-core:[2.26,3)',
'org.glassfish.jersey.containers:jersey-container-servlet:[2.26,3)',
'org.glassfish.jersey.inject:jersey-hk2:[2.26,3)',
'org.mockito:mockito-core:[2.27.0,3)',
'org.scala-lang:scala-library:[2.13.1,3)',
'org.scalacheck:scalacheck_2.13:[1.14.0,2)',
'org.scalatest:scalatest_2.13:[3.0.8,3.1)',
'org.slf4j:slf4j-api:[1.7.25,2)',
].collectEntries { [(it.split(':')[0..1].join(':')): it] }
rootProject.ext.addVersion = { dep -> dependencyVersions[dep] }

subprojects {
apply plugin: LombokPlugin

lombok {
version '1.18.8'
sha256 = '0396952823579b316a0fe85cbd871bbb3508143c2bcbd985dd7800e806cb24fc'
version '1.18.10'
sha256 = '2836e954823bfcbad45e78c18896e3d01058e6f643749810c608b7005ee7b2fa'
}
tasks.withType(AbstractCompile) {
if (tasks.findByName('verifyLombok')) {
dependsOn tasks.verifyLombok
}
}

repositories {
Expand Down
20 changes: 16 additions & 4 deletions doc/releasing.md
View file
Expand Up @@ -28,13 +28,19 @@ Release candidate versions
$ ./gradlew publish closeAndReleaseRepository
```

6. Push to GitHub:
6. Wait for the artifacts to become downloadable at
https://repo1.maven.org/maven2/com/yubico/webauthn-server-core/1.4.0/ . This
is needed for one of the GitHub Actions release workflows and usually takes
less than 30 minutes (long before the artifacts become searchable on the
main Maven Central website).

7. Push to GitHub:

```
$ git push origin master 1.4.0-RC1
```

7. Make GitHub release.
8. Make GitHub release.

- Use the new tag as the release tag
- Check the pre-release checkbox
Expand Down Expand Up @@ -106,13 +112,19 @@ Release versions
$ ./gradlew publish closeAndReleaseRepository
```

9. Push to GitHub:
9. Wait for the artifacts to become downloadable at
https://repo1.maven.org/maven2/com/yubico/webauthn-server-core/1.4.0/ . This
is needed for one of the GitHub Actions release workflows and usually takes
less than 30 minutes (long before the artifacts become searchable on the
main Maven Central website).

10. Push to GitHub:

```
$ git push origin master 1.4.0
```

10. Make GitHub release.
11. Make GitHub release.

- Use the new tag as the release tag
- Copy the release notes from `NEWS` into the GitHub release notes; reformat
Expand Down
24 changes: 0 additions & 24 deletions webauthn-server-demo/build.gradle
View file
Expand Up @@ -3,14 +3,8 @@ plugins {
id 'war'
id 'application'
id 'scala'
id 'com.bmuschko.docker-remote-api' version '3.6.1'
}

import com.bmuschko.gradle.docker.tasks.image.DockerBuildImage

project.ext.dockerGroup = 'yubico'
project.ext.dockerName = project.name

description = 'WebAuthn demo'

configurations {
Expand Down Expand Up @@ -76,21 +70,3 @@ mainClassName = 'demo.webauthn.EmbeddedServer'
}
}
}

task dockerPrepare(type: Sync) {
from file('docker')
from file('keystore.jks')
from(war.outputs) {
rename ~/${war.baseName}.*\.${war.extension}/, "${war.baseName}.${war.extension}"
}
into file("${project.buildDir}/docker")
}

task dockerBuild(type: DockerBuildImage) {
inputs.files dockerPrepare.outputs.files
inputDir = dockerPrepare.destinationDir
tags = [
"${project.dockerGroup}/${project.dockerName}:${project.version}",
"${project.dockerGroup}/${project.dockerName}:latest",
]
}
20 changes: 0 additions & 20 deletions webauthn-server-demo/deploy.sh
View file

This file was deleted.

7 changes: 0 additions & 7 deletions webauthn-server-demo/docker/Dockerfile
View file

This file was deleted.

167 changes: 0 additions & 167 deletions webauthn-server-demo/docker/server.xml
View file

This file was deleted.

0 comments on commit a32f39b

Please sign in to comment.