v2.0.2

Multicast v2.0.2 Release Notes

This release focuses on enhancing the functionality, security, and documentation of the multicast project by addressing multiple issues, improving error handling, updating dependencies, and adding new features.

Fixes

• Security Fixes:

  • Mitigated command injection vulnerability in tests/check_pip script by sanitizing inputs and improving cleanup processes. (Issue #197)
  • Validated YAML_ARGS in makefile-lint.yml to prevent command injection vulnerabilities. (Issue #196)

• Error Handling Improvements:

  • Handled UnicodeDecodeError in HearUDPHandler to improve robustness against malformed input. (Issue #188)
  • Added input validation for the DOCS_BUILD_REF environment variable in docs/conf.py. (Issue #189)
  • Fixed shell script syntax in the error handling block of makefile-lint.yml. (Issue #200)

• Testing Enhancements:

  • Investigated and addressed flaky tests in tests/test_fuzz.py. (Issue #217)

• Maintenance:

  • Enhanced virtual environment cleanup in tests/check_pip script. (Issue #198)
  • Refactored check_license_when_given_req function for better maintainability. (Issue #191)

New Features

• Package Management:
  • Implemented package.json for managing npm dependencies, enabling better management of JavaScript-related tooling. (Issue #214)

Documentation

• Guides and References:
  • Added docs/Exception_Guide.md providing a comprehensive guide on error handling and exceptions within the project.
  • Updated README.md with a new logo and updated copyright year.
  • Enhanced contributing guidelines in .github/CONTRIBUTING.md with clearer instructions for reporting issues and submitting pull requests.
  • Updated docs/USAGE.md, docs/FAQ.md, docs/CI.md, and docs/toc.md to reflect the latest changes and improve clarity.
  • Added images and visual aids to documentation files for better understanding.

Refactors

• Codebase Improvements:
  • Standardized error handling in makefile-lint.yml by introducing a print_error function for consistent error reporting.
  • Updated docs/conf.py by adding _validate_git_ref function to ensure Git references are valid.
  • Refactored code to support Python 3.13 and updated minimum required versions.

Chores

• Dependency Updates:

  • Added Dependabot configuration for npm packages in .github/dependabot.yml to automate dependency updates. (Issue #220)
  • Updated setup.cfg, setup.py, requirements.txt, and package.json to reflect new version and dependency changes.

• Workflow Enhancements:

  • Updated GitHub Actions workflows:
    • Improved CI workflow documentation in .github/workflows/Tests.yml.
    • Updated .github/workflows/markdown-lint.yml and .markdownlint.yaml configurations for better linting support.
    • Added scorecard.yml workflow for scorecard analysis.

• Version Bump:

  • Updated version number to 2.0.2 across relevant files.

---

Full Changelog: v2.0.1...v2.0.2

v2.0.1

What's Changed

• [UPDATE] (deps): Bump ossf/scorecard-action from 6622d322b30ed8cdd77455e4af0bddb2b735325c to 83a1bb1ff6a010f9ab75ad12160fe70252c99b71 in /.github/workflows by @dependabot in #220
• [PATCH] check_pip script improvements by @reactive-firewall in #226
• [PATCH] Implemented validation logic for #196 by @reactive-firewall in #227
• Patch unicodedecodeerror in HEAR by @reactive-firewall in #231

Full Changelog: v2.0.0...v2.0.1

Version 2.0.0

Release Version 2.0.0

Introduction

This pull request introduces the Release Candidate for Version 2.0.0 of the multicast project. It represents a significant milestone, encompassing substantial enhancements in continuous integration (CI/CD), documentation quality, new features, and numerous fixes. This summary provides an in-depth analysis of the changes, improvements, and additions included in this release.

Major Improvements

Enhanced Continuous Integration and Delivery

• Over 99% Test Coverage: The testing suite has been significantly expanded, ensuring greater reliability and robustness of the codebase.
• Updated CI Workflows: Multiple GitHub Actions workflows have been updated and added to improve automation, code quality checks, and security analysis:
  • New Workflows:
    • .github/workflows/makefile-lint.yml: Automates linting of Makefiles to ensure consistency and correctness.
    • .github/workflows/markdown-lint.yml: Introduces automated linting for Markdown files, enhancing documentation quality.
    • .github/workflows/yaml-lint.yml: Automates linting of YAML configuration files.
    • .github/workflows/scorecard.yml: Implements supply-chain security analysis using the OpenSSF Scorecard tool.
  • Updated Workflows:
    • .github/workflows/Tests.yml: Enhanced to include Python 3.13, updated permissions for security, and improved job configurations.
    • .github/workflows/bandit.yml: Updated to refine security scanning with Bandit, adjusting confidence levels and permissions.
    • .github/workflows/codeql-analysis.yml: Reformatted for consistency and clarity.

Improved Documentation Quality

• Adherence to CEP-7 Style Guidelines: Documentation has been updated to comply with CEP-7 conventions, ensuring consistency and clarity across all documents.
• Enhanced Documentation Content:
  • New Sections and Updates in docs/CI.md, docs/FAQ.md, docs/USAGE.md, and others, providing users with better guidance and comprehensive information.
  • Formatting Improvements: Enhanced readability through improved formatting in README.md, docs/index.md, and docs/toc.md.
  • Updated Build Configuration: .readthedocs.yaml updated to align with the latest Read the Docs standards, ensuring that online documentation remains up-to-date.

Introduction of New Features

• --message - Option for SAY Command: The SAY command now supports reading messages from standard input (stdin), improving flexibility for users scripting or piping input.
• Refined Error Handling: Implemented in accordance with CEP-8 standards, providing clearer error messages and more robust exception management throughout the codebase.

Code Quality Enhancements

• Adoption of New Linting Tools:
  • .bandit.yml: Introduces strict security scanning settings for the Bandit tool to detect security issues.
  • .markdownlint.yaml and .markdownlint.json: Define rules for Markdown linting, improving documentation consistency.
• Updates to Existing Linting Configurations:
  • .flake8.ini: Updated to include additional error and warning codes, refined ignore lists, and expanded excluded directories.
• Refactoring for Clarity and Maintainability:
  • Improvements in modules such as multicast/__init__.py, multicast/__main__.py, and multicast/hear.py, enhancing code readability and structure.
  • Consolidation of cleanup steps in CI configurations to avoid redundancy and ensure consistency.

Detailed Changes

Configuration and Setup Enhancements

• Updated setup.cfg and setup.py:
  • Version bumped to 2.0.0-rc7, indicating the release candidate status.
  • Updated classifiers to reflect production/stable status and operating system compatibility (Operating System :: POSIX).
  • Included project URLs for documentation and repository links.
• Dependency Management:
  • Requirements files (requirements.txt, tests/requirements.txt, docs/requirements.txt) updated to specify newer versions of dependencies for improved security and compatibility.
  • Excluded specific problematic versions (e.g., build>=1.1.1, !=1.2.2.post1).

Testing Improvements

• Expanded Test Coverage:
  • New test suites added, covering various aspects of the application:
    • Exception handling (tests/test_exceptions.py)
    • Server activation and cleanup (tests/test_hear_server_activate.py, tests/test_hear_cleanup.py)
    • Data processing and error handling (tests/test_hear_data_processing.py, tests/test_hear_keyboard_interrupt.py)
  • Enhanced existing tests with additional cases and improved assertions.
• Test Configuration Updates:
  • tox.ini updated to include testing environments for Python 3.13 and dependencies updated accordingly.
  • Integration of new dependencies like flake8-comprehensions and packaging to aid in testing and code analysis.

Continuous Integration and Deployment (CI/CD)

• AppVeyor Configuration:
  • .appveyor.yml updated to include structured build and testing processes across multiple Visual Studio images.
  • Ensured compatibility and testing on Windows environments.
• Codecov Configuration:
  • .codecov.yml enhanced to define notification behaviors, coverage requirements, and GitHub checks integration.
  • Improved reporting and analysis of code coverage metrics.

Documentation and License Updates

• License File Updates:
  • LICENSE.md updated to include new files and acknowledge additional contributors and resources.
  • Ensured compliance with licensing requirements for newly added files and third-party code.
• Code of Conduct:
  • Added .github/CODE_OF_CONDUCT.md, adopting the Contributor Covenant to foster an open and welcoming community.

Issues Addressed and Superseded Pull Requests

• This pull request addresses numerous issues, incorporating fixes and features from previous pull requests.
• Supersedes several prior release candidates, consolidating their improvements into this comprehensive update.

Future Work and Open Issues

• Ongoing Development: Several issues have been opened for the 2.0 series to continue enhancing features, performance, and security.
• Planned Enhancements:
  • Further refinement of CI workflows.
  • Additional testing, including edge cases and compatibility with upcoming Python versions.
  • Continuous improvement of documentation for clarity and completeness.

Conclusion

PR #184 marks a significant advancement for the multicast project, embodying a culmination of efforts to enhance code quality, testing, documentation, and security. The extensive updates and new features not only improve the current state of the project but also lay a robust foundation for future development in the 2.0 series.

v2.0.0-rc-8

What's Changed

• [UPDATE] (deps): Bump ossf/scorecard-action from 08f935069d990d2675a557ebcecc774477e7c55c to 6622d322b30ed8cdd77455e4af0bddb2b735325c in /.github/workflows by @dependabot in #193
• [UPDATE] (deps): Bump reactive-firewall/python-bandit-scan from 2.1 to 2.3 in /.github/workflows by @dependabot in #192
• [UPDATE] (deps): Bump codecov/codecov-action from 4 to 5 in /.github/workflows by @dependabot in #194

Full Changelog: v2.0.0-rc-7...v2.0.0-rc-8

v2.0.0-rc-7

What's Changed

• [TESTING] improved coverage slightly (- #53 -) by @reactive-firewall in #178
• [PATCH] specialize exception hear (- WIP #154 -) by @reactive-firewall in #179
• [STYLE] Aligned '.flake8.ini' with CEP-8 and CEP-7 (- WIP #181 -) by @reactive-firewall in #182

Full Changelog: v2.0.0-rc-6...v2.0.0-rc-7

v2.0.0-rc-6

Full Changelog: v2.0.0-rc-5...v2.0.0-rc-6

v2.0.0-rc-5

What's Changed

• Create scorecard.yml by @reactive-firewall in #173
• Update codeql-analysis.yml with defaults by @reactive-firewall in #174
• [TESTING] Improved test coverage slightly (- WIP #53 -) by @reactive-firewall in #175

Full Changelog: v2.0.0-rc-4...v2.0.0-rc-5

v2.0.0-rc-4

Full Changelog: v2.0.0-rc-3...v2.0.0-rc-4

Version v2.0.0-beta (Security Pre-Release)

What's Changed

• [SECURITY] Mitigates GHSA-2v67-4x3c-889g
• [PATCH] Prep Development Cycle for 2.0 by @reactive-firewall in #135
• Bring documentation to a min coverage level by @reactive-firewall in #136
• [UPGRADE] Fixes for #128 and #129 by @reactive-firewall in #137
• [UPGRADE] improved error handling by implementing error chaining (- W… by @reactive-firewall in #138
• [TESTING] implementing basic fuzzing in test by @reactive-firewall in #139
• Patch documentation min cov by @reactive-firewall in #141
• [TESTING] ignoring slow network in fuzzing by @reactive-firewall in #144
• [PATCH] cleaned up documentation regarding usage (- WIP #79 -) by @reactive-firewall in #142
• [COVERAGE] improving coverage slightly by @reactive-firewall in #145
• Patch documentation min cov by @reactive-firewall in #153
• Version 2.0.0-Beta Release Candidate by @reactive-firewall in #148

Full Changelog: v1.5.1...v2.0.0-beta

v1.5.1

Back-ported security fix.

Full Changelog: v1.5.0...v1.5.1