Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix/2.1.2 sec #1437

Merged
merged 7 commits into from
Jul 14, 2018
Merged

Fix/2.1.2 sec #1437

merged 7 commits into from
Jul 14, 2018

Conversation

janl
Copy link
Member

@janl janl commented Jul 13, 2018

this branch brings the security fixes we’ve done for 2.1.2 to master.

dch and others added 6 commits July 13, 2018 17:42
@dch @janl
config: improve handling of admin-supplied changes
5f34f6a 
- send a readable error response from failed config set
- trust but verify admin-supplied content in separate function
- return specific error conditions for logging
@dch @janl
build: ease pattern matching to be less pedantic about RC
ed21a53 
git-describe may have changed output formats. The previous regex doesn't
allow any trailing content, and git-describe always appends -g<SHA> unless
abbrev=0 is added.

This approach pulls out only the matching tag, leaving behind any
trailing garbage from git-describe, and as a bonus allows tagging a
commit from within a branch, and running a release directly from the
branch without needing to re-check out the tag itself.
@dch @janl
build: release candidate tarball should have -RCx
2334f7c 
the released tarball should have -RCx in the name, but not in the
extracted file, otherwise we can't simply rename the final artefact for
our public release.
@rnewson @janl
Use couch_util:trim for greater erlang compatibility
e5c8275
@janl
string:trim() compat for couch_util:trim()
540c22e
@janl
bump deps
a1b3d63
@wohali
Copy link
Member

wohali commented Jul 13, 2018

+1 once the tests pass (?)

@janl janl added this to the 2.2.0 milestone Jul 14, 2018
@janl janl mentioned this pull request Jul 14, 2018
Closed
@janl janl merged commit fa3c812 into master Jul 14, 2018
@janl janl deleted the fix/2.1.2-sec branch July 14, 2018 10:37
wohali added a commit that referenced this pull request Jul 16, 2018
@wohali
Improve detection of git tags/dirty status
edb4a70 
Unfortuantely, #1437 brought in a build bug that caused dist tarballs
to be created always using the last tag that could be found on the
tree. This lead to `master` building tarballs labelled `2.1.0`.

The new approach includes extensive comments to explain the approach,
fixes the bug, and for an encore adds -dirty if you're building a
CouchDB with local changes that aren't committed to git.
janl pushed a commit that referenced this pull request Jul 17, 2018
@wohali @janl
Improve detection of git tags/dirty status
1d69790 
Unfortuantely, #1437 brought in a build bug that caused dist tarballs
to be created always using the last tag that could be found on the
tree. This lead to `master` building tarballs labelled `2.1.0`.

The new approach includes extensive comments to explain the approach,
fixes the bug, and for an encore adds -dirty if you're building a
CouchDB with local changes that aren't committed to git.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.2.0
Development

Successfully merging this pull request may close these issues.
4 participants
@janl @wohali @dch @rnewson