diff --git a/local-tasks/hash-build-artifacts.js b/local-tasks/hash-build-artifacts.js new file mode 100644 index 00000000..91fea918 --- /dev/null +++ b/local-tasks/hash-build-artifacts.js @@ -0,0 +1,51 @@ +const + gulp = requireModule("gulp"); + +gulp.task("hash-build-artifacts", async () => { + const + path = require("path"), + crypto = require("crypto"), + { readFile, writeFile, ls, FsEntities } = require("yafs"), + artifactsFolder = path.join("build", "artifacts"); + const + buildArtifacts = await ls(artifactsFolder, { + fullPaths: true, + entities: FsEntities.files + }), + nupkg = buildArtifacts.find(p => p.match(/\.nupkg$/)), + binaries = buildArtifacts.find(p => p.match(/apache-log4net-binaries-\d+\.\d+\.\d+.zip$/)), + source = buildArtifacts.find(p => p.match(/apache-log4net-source-\d+\.\d+\.\d+.zip$/)); + + if (!nupkg) { + throw new Error(`apache-log4net nupkg not found in ${artifactsFolder}`); + } + if (!binaries) { + throw new Error(`apache-log4net binaries zip not found in ${artifactsFolder}`); + } + if (!source) { + throw new Error(`apache-log4net source zip not found in ${artifactsFolder}`); + } + + await writeSHA512For(nupkg); + await writeSHA512For(binaries); + await writeSHA512For(source); + + function writeSHA512For(filepath) { + return new Promise(async (resolve, reject) => { + try { + const + hash = crypto.createHash("sha512"), + data = await readFile(filepath); + hash.update(data); + const + outfile = `${filepath}.sha512`, + hex = hash.digest("hex"), + contents = `${hex} *${path.basename(filepath)}`; + await writeFile(outfile, contents); + resolve(); + } catch (e) { + reject(e); + } + }); + } +}); diff --git a/local-tasks/prefix-build-artifacts.js b/local-tasks/prefix-build-artifacts.js new file mode 100644 index 00000000..4f34ae96 --- /dev/null +++ b/local-tasks/prefix-build-artifacts.js @@ -0,0 +1,23 @@ +const { renameSync } = require("fs"); + +const gulp = requireModule("gulp"); + +gulp.task("prefix-build-artifacts", async () => { + // prefixes build artifacts with 'apache-' + const + { ls, rename, FsEntities } = require("yafs"), + path = require("path"), + artifactsFolder = path.join("build/artifacts"), + contents = await ls(artifactsFolder, { fullPaths: true, entities: FsEntities.files }); + for (let item of contents) { + const basename = path.basename(item); + if (basename.match(/^apache-/)) { + continue; + } + const newName = path.join( + path.dirname(item), + `apache-${basename}` + ); + await rename(item, newName, true); + } +}); \ No newline at end of file diff --git a/local-tasks/prepare-build-artifacts.js b/local-tasks/prepare-build-artifacts.js new file mode 100644 index 00000000..3c22504e --- /dev/null +++ b/local-tasks/prepare-build-artifacts.js @@ -0,0 +1,8 @@ +const + gulp = requireModule("gulp"); + +gulp.task("prepare-build-artifacts", gulp.series( + "zip", + "prefix-build-artifacts", + "hash-build-artifacts" +)); diff --git a/local-tasks/zip.js b/local-tasks/zip.js index 4e6b5f14..cbfce84d 100644 --- a/local-tasks/zip.js +++ b/local-tasks/zip.js @@ -10,7 +10,7 @@ gulp.task("zip", [ "zip-binaries", "zip-source"], () => Promise.resolve()); gulp.task("zip-binaries", async () => { const version = await readVersion(); return promisify( - gulp.src("build/Release/**/*") + gulp.src(["build/Release/**/*", "LICENSE", "NOTICE"]) .pipe(zip(`log4net-binaries-${version}.zip`)) .pipe(gulp.dest(target)) ); @@ -39,4 +39,4 @@ gulp.task("zip-source", async () => { function readVersion() { return readCsProjVersion("src/log4net/log4net.csproj"); -} \ No newline at end of file +} diff --git a/package-lock.json b/package-lock.json index 6aa4fb5c..15bcb213 100644 --- a/package-lock.json +++ b/package-lock.json @@ -6151,6 +6151,12 @@ "integrity": "sha1-bRX7qITAhnnA136I53WegR4H+kE=", "dev": true }, + "yafs": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/yafs/-/yafs-1.5.0.tgz", + "integrity": "sha512-FRrHCUDPZw4UEAi53wJhXXGdWHdd9/cZUpoh8kBGI/JCWkSIMB2UifeU2AD6GXaRd4wwrQYzEDrX1HTrSoup5w==", + "dev": true + }, "yallist": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz", diff --git a/package.json b/package.json index a0069517..ec8b812e 100644 --- a/package.json +++ b/package.json @@ -8,9 +8,9 @@ "build": "run-s clean-build \"zarro build\"", "build-release": "cross-env BUILD_CONFIGURATION=Release run-s clean-build \"zarro build\"", "build-site": "run-s \"zarro build-site\"", - "zip": "run-s \"zarro zip\"", + "prepare-build-artifacts": "run-s \"zarro prepare-build-artifacts\"", "dump-env": "node -e \"console.log(process.env);\"", - "release": "run-s build-release zip", + "release": "run-s build-release prepare-build-artifacts build-site", "zarro": "cross-env BUILD_INCLUDE=src/log4net.sln zarro" }, "repository": { @@ -28,7 +28,8 @@ "gulp-zip": "^5.0.1", "npm-run-all": "^4.1.5", "rimraf": "^3.0.2", - "zarro": "^1.77.0", - "which": "^2.0.2" + "which": "^2.0.2", + "yafs": "^1.5.0", + "zarro": "^1.77.0" } } diff --git a/src/log4net/log4net.csproj b/src/log4net/log4net.csproj index ff9052b5..62b17340 100644 --- a/src/log4net/log4net.csproj +++ b/src/log4net/log4net.csproj @@ -1,7 +1,7 @@  log4net - 2.0.9 + 2.0.10 Apache log4net Apache log4net @@ -14,7 +14,7 @@ The Apache Software Foundation Apache Logging Project, Jiří Činčura Apache-2.0 - http://logging.apache.org/log4net/ + https://logging.apache.org/log4net/ package-icon.png Copyright 2004-2017 The Apache Software Foundation logging log tracing logfiles diff --git a/src/site/xdoc/download_log4net.xml b/src/site/xdoc/download_log4net.xml index c592219a..5aa7ac5f 100644 --- a/src/site/xdoc/download_log4net.xml +++ b/src/site/xdoc/download_log4net.xml @@ -33,17 +33,17 @@ limitations under the License.

Users who download the ZIP files to Windows may need to unblock the archive (right click on the ZIP and press the "Unblock" button) before extracting it.

- + -
+
- - - + + +
apache-log4net-source-2.0.9.zipsha512pgpapache-log4net-source-2.0.10.zipsha512pgp
@@ -52,14 +52,14 @@ limitations under the License.

Binaries are available in a zip file or nupkg, which is also available from nuget.org

- - - - + + + + - - - + + +
log4net-binaries-2.0.9.zipsha512pgp
log4net-binaries-2.0.10.zipsha512pgp
log4net-2.0.9.nupkgsha512pgplog4net-2.0.10.nupkgsha512pgp
diff --git a/src/site/xdoc/release/release-notes.xml b/src/site/xdoc/release/release-notes.xml index 89ce8579..58f3707d 100644 --- a/src/site/xdoc/release/release-notes.xml +++ b/src/site/xdoc/release/release-notes.xml @@ -27,6 +27,22 @@ limitations under the License.
+
+

+ Apache log4net 2.0.10 improves netstandard2.0 support + thanks to community member @NicholasNoise. +

+
+
    +
  • + [LOG4NET-575] + Addresses CVE-2018-1285 by cherry-picking the fix from + Dominik Psenner, reported by Karthik Balasundaram, as it already + existed in the the develop branch +
    • +
+
+

@@ -36,8 +52,12 @@ limitations under the License.

    -
  • [LOG4NET-559] Add null checkes to avoid issues thrown by custom appenders
    • -
  • [LOG4NET-563] Site styling copied from log4j
    • +
  • [LOG4NET-559] Add null + checkes to avoid issues thrown by custom appenders +
    • +
  • [LOG4NET-563] Site styling + copied from log4j +