From 26ae9cb6808c940f4d34f262a826157fa57b1213 Mon Sep 17 00:00:00 2001 From: Kevin O'Gorman Date: Tue, 7 Nov 2023 12:36:03 -0500 Subject: [PATCH] SecureDrop 2.7.0 --- changelog.md | 62 +++++-------------- .../ansible-base/group_vars/all/securedrop | 2 +- molecule/shared/stable.ver | 2 +- securedrop/debian/changelog | 22 +------ securedrop/setup.py | 2 +- securedrop/version.py | 2 +- 6 files changed, 22 insertions(+), 70 deletions(-) diff --git a/changelog.md b/changelog.md index 455e8fc94d..1d9c62f8c6 100644 --- a/changelog.md +++ b/changelog.md @@ -1,50 +1,17 @@ # Changelog -## 2.7.0~rc4 +## 2.7.0 ### Web applications - -* Fix validation of the submission key; block both Journalist and Source Interfaces if invalid (#7059) - -## 2.7.0~rc3 - -### Web applications - -* Use Sequoia and redwood instead of gnupg and pretty_bad_protocol for GPG operations (#7023, #7035, #7029, #7026, #7000) -* Update translation workflow to support continuous updates (#7034) -* Update wordlist to remove potentially confusing or offensive terms (#7008, #7021) - -### Development - -* Update build script to record commit details (#7019, #7038) - -## 2.7.0~rc2 - -### Web applications - -* Update translation workflow to support continuous updates (#7010) - -### Operations - -* Use systemd timers to check for disconnected submissions and source listings (#7009) -* Dependency changes: - * Update Ansible from 2.9.26 to 6.7.0 (ansible-core version 2.13.7) (#6830) - -### Development: - -* Dependency changes: - * Update markupsafe from 2.0.1 to 2.1.2 (#7014) - -## 2.7.0~rc1 - -### Web applications -* Use Sequoia and redwood instead of gnupg and pretty_bad_protocol for GPG operations (#6891, #6884, #6913, #6912, #6925, #6926, #6949, #6958, #6892, #6948, #6946, #6970, #6975, #6972, #6983, #6981, #6998) -* Update translation workflow to support continuous updates (#6953, #6954, #6985, #6997, #6984) +* Use Sequoia and redwood instead of gnupg and pretty_bad_protocol for GPG operations (#6891, #6884, #6913, #6912, #6925, #6926, #6949, #6958, #6892, #6948, #6946, #6970, #6975, #6972, #6983, #6981, #6998, #7000, #7026, #7029, #7035, #7023, #7071) +* Update translation workflow to support continuous updates (#6953, #6954, #6985, #6997, #6984, #7010, #7034) * Update French diceware wordlist (#6936) * Replace pretty-bad-protocol dependency with vendored version (#6836, #6907) * Import Markup and escape from markupsafe (#6964) +* Update wordlist to remove potentially confusing or offensive terms (#7008, #7021) +* Validate the submission key,disable Journalist and Source Interfaces if a weak key is found (#7059) * Dependency changes: - * Update cryptography from 41.0.1 to 41.0.3 + * Update cryptography from 41.0.1 to 41.0.3 (#6940) ### Operations @@ -54,6 +21,9 @@ * geckodriver to 0.33.0 (#6957) * Firefox to 115esr, Tor Browser to 13.0 (#7001) * Update securedrop-admin tooling to reject weak GPG keys with a SHA-1 signature (#6928) +* Use systemd timers to check for disconnected submissions and source listings (#7009) +* Dependency changes: + * Update Ansible from 2.9.26 to 6.7.0 (ansible-core version 2.13.7) (#6830) ### CI @@ -62,19 +32,19 @@ * Reduce mypy execution time by skipping redwood compilation and parsing stub (#6971) * Miscellaneous CI updates (#6844, #6920) - ### Development -* Dependencies changes: - * Remove boto and boto3 dependencies (#6890) - * Remove hypothesis dependency (#6893) - * Update certifi from 2022.12.7 to 2023.7.22 (#6900) - * Update pillow from 9.3.0 to 10.0.1 (#6959) * Improve printing of apparmor denials in testinfra suite (#6883) * Set "ia" as unavailable locale, "eo" as test locale (#6919) * Add script to auto-backport PRs to release branches (#6875) * Miscellaneous development updates (#6842, #6865, #6871, #6882) - +* Update build script to record commit details (#7019, #7038) +* Dependency changes: + * Remove boto and boto3 dependencies (#6890) + * Remove hypothesis dependency (#6893) + * Update certifi from 2022.12.7 to 2023.7.22 (#6900) + * Update pillow from 9.3.0 to 10.0.1 (#6959) + * Update markupsafe from 2.0.1 to 2.1.2 (#7014) ## 2.6.1 diff --git a/install_files/ansible-base/group_vars/all/securedrop b/install_files/ansible-base/group_vars/all/securedrop index 04aabe78a1..72df192eda 100644 --- a/install_files/ansible-base/group_vars/all/securedrop +++ b/install_files/ansible-base/group_vars/all/securedrop @@ -2,7 +2,7 @@ # Variables that apply to both the app and monitor server go in this file # If the monitor or app server need different values define the variable in # hosts_vars/app.yml or host_vars/mon.yml -securedrop_version: "2.7.0~rc4" +securedrop_version: "2.7.0" securedrop_app_code_sdist_name: "securedrop-app-code-{{ securedrop_version | replace('~', '-') }}.tar.gz" grsecurity: true diff --git a/molecule/shared/stable.ver b/molecule/shared/stable.ver index 6a6a3d8e35..24ba9a38de 100644 --- a/molecule/shared/stable.ver +++ b/molecule/shared/stable.ver @@ -1 +1 @@ -2.6.1 +2.7.0 diff --git a/securedrop/debian/changelog b/securedrop/debian/changelog index b8a72375fd..eb9db79b2d 100644 --- a/securedrop/debian/changelog +++ b/securedrop/debian/changelog @@ -1,26 +1,8 @@ -securedrop (2.7.0~rc4+focal) focal; urgency=medium +securedrop (2.7.0+focal) focal; urgency=medium * see changelog.md - -- SecureDrop Team Thu, 02 Nov 2023 14:47:28 -0700 - -securedrop (2.7.0~rc3+focal) focal; urgency=medium - - * see changelog.md - - -- SecureDrop Team Fri, 27 Oct 2023 17:45:35 -0400 - -securedrop (2.7.0~rc2+focal) focal; urgency=medium - - * see changelog.md - - -- SecureDrop Team Thu, 19 Oct 2023 18:12:25 -0400 - -securedrop (2.7.0~rc1+focal) focal; urgency=medium - - * see changelog.md - - -- SecureDrop Team Fri, 13 Oct 2023 16:22:38 -0400 + -- SecureDrop Team Tue, 07 Nov 2023 12:35:26 -0500 securedrop (2.6.1+focal) focal; urgency=medium diff --git a/securedrop/setup.py b/securedrop/setup.py index 992b7e2d75..65b22aaad1 100644 --- a/securedrop/setup.py +++ b/securedrop/setup.py @@ -4,7 +4,7 @@ setuptools.setup( name="securedrop-app-code", - version="2.7.0~rc4", + version="2.7.0", author="Freedom of the Press Foundation", author_email="securedrop@freedom.press", description="SecureDrop Server", diff --git a/securedrop/version.py b/securedrop/version.py index 7ecddc8a9c..2614ce9d96 100644 --- a/securedrop/version.py +++ b/securedrop/version.py @@ -1 +1 @@ -__version__ = "2.7.0~rc4" +__version__ = "2.7.0"