Comparing changes

Why is this change needed? -------------------------- The generated pom.xml doesn't include this plugin, and it is necessary to publish the finished package. Because it's a big XML file it's not very obvious that it gets removed on generation. We want the rest of the generated file so we get reasonable dependency version updates. How does it address the issue? ------------------------------ This commit adds the plugin back, which allows `mvn clean deploy -P sign-artifacts` to work. This is slightly different than the previous `mvn clean deploy` because the generated file moved artifact signing into a different profile, in theory to keep most tasks faster. `-P sign-artifacts` tell maven to apply the `sign-artifacts` profile, which augments the deafult profile. This plugin is added to the default profile in case the gpg plugin is moved to the default profile in the future (then we could remove the `-P sign-artifacts` above). At the moment, though, it doesn't really matter. The next commit will add an automatically applied patch after client gneration that will reapply this change when necessary. This will help by handling the situation automatically, or failing that complain that the patch can't be applied which will indicate to the user that things have changed and roughly what needs to happen next (fix and apply the patch). The generated code seems to have some support to publishing to maven using grandle, but it didn't seem to just work out of the box so this commit preserves the previous behavior. In the future it might be worth attempting to get closer to the golden path by switching to gradle. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://central.sonatype.org/publish/publish-guide/#initial-setup https://central.sonatype.org/publish/publish-maven/#nexus-staging-maven-plugin-for-deployment-and-release https://books.sonatype.com/mvnref-book/reference/profiles-sect-maven-profiles.html https://stackoverflow.com/questions/31740785/why-order-of-maven-dependencies-matter Any screenshots? ---------------- Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- See the patch or the previous commit for the details. How does it address the issue? ------------------------------ This encapsulates the change that is needed after each client generation to allow publishing. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- Any screenshots? ---------------- Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- Ideally releasing uses docker to prevent environment issues. How does it address the issue? ------------------------------ Add `script/release` to allowing scripting the process. This includes facilitating the setup of a gpg key for maven publishing. This whole process has been difficult to remember and execute correctly every time, so this scripts as much as is reasonable to help the developer along. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29124557/todos/5284412189 https://3.basecamp.com/3093825/buckets/29124557/todos/5284421778 https://stackoverflow.com/questions/57591432/gpg-signing-failed-inappropriate-ioctl-for-device-on-macos-with-maven https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration.html keybase/keybase-issues#2798 https://askubuntu.com/questions/29889/how-do-i-check-if-my-openpgp-key-is-in-the-ubuntu-keyserver https://stackoverflow.com/questions/51504367/gpg-agent-forwarding-inappropriate-ioctl-for-device https://superuser.com/questions/1150165/get-list-of-secret-key-ids https://serverfault.com/questions/691120/how-to-generate-gpg-key-without-user-interaction Any screenshots? ---------------- Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- Different clients have different requirements. Ruby needs ssh to publish a release because it needs to connect to github. This should support whatever the client needs. How does it address the issue? ------------------------------ This moves the magic ssh configuration into the file with the rest of the volume info. We need to jump through a few hoops because the cache dir has a colon in it, and that's the field separator for docker `--volume` mounts. We need `--volume` instead of `--mount` because the ssh magic path needs `--volume`. We do some eval so we can replace the colon with an underscore in the volume list. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298552 https://gist.github.com/d11wtq/8699521 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- I believe I had an issue with one of the clients where the previous check was ambiguous inside the container. In any case this is more explicit. How does it address the issue? ------------------------------ Use the INSIDE_DOCKER env var from .docker_env.list to determine if we are inside the container. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298600 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- Tracing is helpful for debugging, so let's apply it consistently across clients. How does it address the issue? ------------------------------ Add a TRACE flag to the top of each script. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298600 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- Reviewing generated files can let us know when there are important changes. Ideally we can review files that aren't overriding files of our own in case they contain important changes as well. How does it address the issue? ------------------------------ This change allows us to add files to the .review directory that we generally don't want to keep in the repo. Things like the generated docs that usually aren't super useful, but might contain important changes. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298600 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- These files might have useful changes that we want to review. How does it address the issue? ------------------------------ Don't remove these since we'll want to review the diffs between the old and new versions to see if we should make any updates to non-generated code. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298600 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- These files might have useful changes that we want to review. How does it address the issue? ------------------------------ Commit these files to the review directory so we'll be able to more easily review changes in the future. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298600 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- Csharp had an issue with PrinceOptions, so I made a test. Since the basic test exists I'll copy it to the other clients to verify everything continues to work in the future. How does it address the issue? ------------------------------ Add a test for PrinceOptions. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298600 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- It appears Debian has rotated the apt keys so `apt update` fails on these images. Since these java versions are EOL, we're just removing them from the list of images to test. How does it address the issue? ------------------------------ Remove the EOL java versions from the list of images to test. Also add a comment so future maintainers know why these images are missing. Also update some scripts to better handle removing comments from the runtime environments file. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://endoflife.date/java https://unix.stackexchange.com/questions/157328/how-can-i-remove-all-comments-from-a-file Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- We'd like to allow users to set the following options: - iframes - page_margin - pdf_forms How does it address the issue? ------------------------------ Add the options and regenerate the client. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298600 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- We want to have a basic check that this new works and continues to work in the future. How does it address the issue? ------------------------------ Add iframes tests. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- https://3.basecamp.com/3093825/buckets/29007795/todolists/5257298600 Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- We'd like to release a new version of the client library with support for new API options. How does it address the issue? ------------------------------ Bump the version number and update the changelog. Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- It's a cool feature and worth promoting. How does it address the issue? ------------------------------ Highlight that one of the new options allows enabling PDF forms. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- DocRaptor/docraptor-csharp-private#5 (comment) Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

Why is this change needed? -------------------------- Without these changes we get the following error: ``` gpg: connecting dirmngr at '/root/.gnupg/S.dirmngr' failed: IPC connect call failed gpg: error searching keyserver: No dirmngr gpg: keyserver search failed: No dirmngr ``` It seems to be because the sockets in the host's `~/.gnupg` directory are not accessible to the container. How does it address the issue? ------------------------------ We copy the contents of the host's `~/.gnupg` directory into the container's `~/.gnupg` directory during the release script run. This sets up the container's `~/.gnupg` directory with the same contents as the host's `~/.gnupg` directory excluding the sockets, which gnupg will setup itself when run inside the container. Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices?

…officially supported. It allows the user to pass a token which will then be used when retrieving any document content or resources from your servers. Why is this change needed? -------------------------- Many DocRaptor customers have security configurations that require workarounds to make docs that contain resources they do not want to expose to the open internet. This will enable firewall settings to filter based on user agent using a token that is passed to DocRaptor with each document. Any links to any relevant tickets, articles, or other resources? --------------------------------------------------------------- Any screenshots? ---------------- Did you complete all of the following? -------------------------------------- - Run test suite? - Add new tests? - Consider security implications and practices? Co-authored-by: Zach Hunt <zach@expectedbehavior.com>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comparing changes

Open a pull request

Uh oh!

Commits on Nov 16, 2022

Commits on Nov 17, 2022

Commits on Jun 1, 2023

Commits on Jun 2, 2023

Commits on Jul 12, 2023

Commits on Jul 14, 2023

Commits on Sep 26, 2023

Commits on Sep 27, 2023

Commits on Apr 2, 2024

This comparison is taking too long to generate.

Uh oh!