This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new 6ed87ac1e5 Preparing website for releases
6ed87ac1e5 is described below
commit 6ed87ac1e57dc6e1a92c498a2371fd7fa20a2ea8
Author: Francesco Chicchiriccò <[email protected]>
AuthorDate: Fri Dec 27 11:40:54 2024 +0100
Preparing website for releases
---
.../core/spring/security/AuthDataAccessor.java | 2 +-
pom.xml | 28 ++---
src/site/site.xml | 2 +-
src/site/xdoc/building.xml | 10 +-
src/site/xdoc/docs/index.xml | 34 +++---
src/site/xdoc/downloads.xml | 124 ++++-----------------
src/site/xdoc/integration.xml | 8 +-
src/site/xdoc/release-process.xml | 80 +++++--------
src/site/xdoc/security.xml | 80 +++++++++++++
src/site/xdoc/source-repository.xml | 9 +-
10 files changed, 173 insertions(+), 204 deletions(-)
diff --git
a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
index e181abf338..6f0b7b7375 100644
---
a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
+++
b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
@@ -72,7 +72,7 @@ import
org.springframework.transaction.annotation.Transactional;
/**
* Domain-sensible (via {@code @Transactional}) access to authentication /
authorization data.
*
- * @see JWTAuthenticationProvider
+ * @see JWTAuthenticationFilter
* @see UsernamePasswordAuthenticationProvider
* @see SyncopeAuthenticationDetails
*/
diff --git a/pom.xml b/pom.xml
index 3eb6d7952e..54ef649cff 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2017,24 +2017,24 @@ under the License.
<links>
<link>https://docs.oracle.com/en/java/javase/21/docs/api/</link>
<link>https://jakarta.ee/specifications/platform/10/apidocs/</link>
- <link>http://www.slf4j.org/api/</link>
- <link>http://connid.tirasa.net/apidocs/1.5/</link>
+ <link>https://www.slf4j.org/api/</link>
+ <link>https://connid.tirasa.net/apidocs/1.6/</link>
<link>https://cxf.apache.org/javadoc/latest/</link>
- <link>http://fasterxml.github.io/jackson-core/javadoc/2.15/</link>
-
<link>http://fasterxml.github.io/jackson-databind/javadoc/2.15/</link>
-
<link>http://fasterxml.github.io/jackson-annotations/javadoc/2.15/</link>
-
<link>http://fasterxml.github.io/jackson-dataformat-xml/javadoc/2.15/</link>
-
<link>http://fasterxml.github.io/jackson-dataformats-text/javadoc/yaml/2.15/</link>
-
<link>http://fasterxml.github.io/jackson-dataformats-text/javadoc/csv/2.15/</link>
- <link>https://ci.apache.org/projects/wicket/apidocs/10.x/</link>
+
<link>https://javadoc.io/static/com.fasterxml.jackson.core/jackson-core/2.17.3/</link>
+
<link>https://javadoc.io/static/com.fasterxml.jackson.core/jackson-databind/2.17.3/</link>
+
<link>https://javadoc.io/static/com.fasterxml.jackson.core/jackson-annotations/2.17.3/</link>
+
<link>https://javadoc.io/static/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/2.17.3/</link>
+
<link>https://javadoc.io/static/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.17.3/</link>
+
<link>https://javadoc.io/static/com.fasterxml.jackson.dataformat/jackson-dataformat-csv/2.17.3/</link>
+ <link>https://nightlies.apache.org/wicket/apidocs/10.x/</link>
<link>https://commons.apache.org/proper/commons-lang/javadocs/api-release/</link>
<link>https://commons.apache.org/proper/commons-jexl/apidocs/</link>
- <link>https://tika.apache.org/3.0.0-BETA2/api/</link>
- <link>https://docs.spring.io/spring-boot/docs/current/api/</link>
-
<link>https://docs.spring.io/spring/docs/current/javadoc-api/</link>
-
<link>https://docs.spring.io/spring-security/site/docs/current/api/</link>
+ <link>https://tika.apache.org/3.0.0/api/</link>
+ <link>https://docs.spring.io/spring-boot/3.3/api/java/</link>
+
<link>https://docs.spring.io/spring-framework/docs/6.1.x/javadoc-api/</link>
+
<link>https://docs.spring.io/spring-security/site/docs/6.3.6/api/</link>
<link>https://www.flowable.com/open-source/docs/javadocs/</link>
- <link>http://docs.swagger.io/swagger-core/v2.2.24/apidocs/</link>
+ <link>https://docs.swagger.io/swagger-core/v2.2.27/apidocs/</link>
</links>
<additionalOptions>
<additionalOption>--legal-notices</additionalOption>
diff --git a/src/site/site.xml b/src/site/site.xml
index 5cc0c2ff1d..9f081b5b01 100644
--- a/src/site/site.xml
+++ b/src/site/site.xml
@@ -87,7 +87,7 @@ under the License.
<footer>
<![CDATA[
-Copyright © 2023, the Apache Software Foundation.<br/>
+Copyright © 2024, the Apache Software Foundation.<br/>
Apache, Syncope, Apache Syncope, the Apache feather logo and the Apache
Syncope project logo are trademarks of The Apache Software Foundation. All
other marks mentioned may be trademarks or registered trademarks of their
respective owners.
<div class="pull-right">
diff --git a/src/site/xdoc/building.xml b/src/site/xdoc/building.xml
index 637bdb1060..de8e088b73 100644
--- a/src/site/xdoc/building.xml
+++ b/src/site/xdoc/building.xml
@@ -152,13 +152,6 @@ under the License.
<p>The build profiles enlisted below require <a
href="https://www.docker.com/";>Docker</a> to work.</p>
</div>
- <h5>PostgreSQL</h5>
- <div class="alert alert-warning">
- <p>This build profile requires <a
href="https://www.docker.com/";>Docker</a> to work.</p>
- </div>
- Perform the full test suite against a real <a
href="https://www.postgresql.org/";>PostgreSQL</a> database via
- <source>$ mvn -Ppostgres-it</source> or <source>$ mvn
-Ppgjsonb-it</source> (for JSONB support)
-
<h5>MySQL</h5>
<div class="alert alert-warning">
<p>This build profile requires <a
href="https://www.docker.com/";>Docker</a> to work.</p>
@@ -181,6 +174,9 @@ under the License.
<source>$ mvn -Poracle-it</source> or <source>$ mvn
-Pojson-it</source> (for JSON support)
<h5>Neo4j</h5>
+ <div class="alert alert-warning">
+ <p>This build profile requires <a
href="https://www.docker.com/";>Docker</a> to work.</p>
+ </div>
Prform the full test suite against a real <a
href="https://neo4j.com/";>Neo4j</a> instance via
<source>$ mvn -Pneo4j-it</source>
diff --git a/src/site/xdoc/docs/index.xml b/src/site/xdoc/docs/index.xml
index 159ae26ff7..4978416e48 100644
--- a/src/site/xdoc/docs/index.xml
+++ b/src/site/xdoc/docs/index.xml
@@ -47,8 +47,8 @@ under the License.
<thead>
<tr>
<th>Name</th>
+ <th width="100">4.0</th>
<th width="100">3.0</th>
- <th width="100">2.1</th>
<th width="100">dev</th>
</tr>
</thead>
@@ -56,29 +56,29 @@ under the License.
<tr>
<td>Getting Started</td>
<td>
- <a href="3.0/getting-started.html">
+ <a href="4.0/getting-started.html">
<img src="../images/text-html.png"/>
</a>
- <a href="3.0/getting-started.pdf">
+ <a href="4.0/getting-started.pdf">
<img src="../images/application-pdf.png"/>
</a>
</td>
<td>
- <a href="2.1/getting-started.html">
+ <a href="3.0/getting-started.html">
<img src="../images/text-html.png"/>
</a>
- <a href="2.1/getting-started.pdf">
+ <a href="3.0/getting-started.pdf">
<img src="../images/application-pdf.png"/>
</a>
</td>
<td>
- <a
href="https://nightlies.apache.org/syncope/master/getting-started.html";>
+ <a
href="https://nightlies.apache.org/syncope/4_0_X/getting-started.html";>
<img src="../images/text-html.png"/>
</a>
- <a
href="https://nightlies.apache.org/syncope/master/getting-started.pdf";>
+ <a
href="https://nightlies.apache.org/syncope/4_0_X/getting-started.pdf";>
<img src="../images/application-pdf.png"/>
</a>
</td>
@@ -86,29 +86,29 @@ under the License.
<tr>
<td>Reference Guide</td>
<td>
- <a href="3.0/reference-guide.html">
+ <a href="4.0/reference-guide.html">
<img src="../images/text-html.png"/>
</a>
- <a href="3.0/reference-guide.pdf">
+ <a href="4.0/reference-guide.pdf">
<img src="../images/application-pdf.png"/>
</a>
</td>
<td>
- <a href="2.1/reference-guide.html">
+ <a href="3.0/reference-guide.html">
<img src="../images/text-html.png"/>
</a>
- <a href="2.1/reference-guide.pdf">
+ <a href="3.0/reference-guide.pdf">
<img src="../images/application-pdf.png"/>
</a>
</td>
<td>
- <a
href="https://nightlies.apache.org/syncope/master/reference-guide.html";>
+ <a
href="https://nightlies.apache.org/syncope/4_0_X/reference-guide.html";>
<img src="../images/text-html.png"/>
</a>
- <a
href="https://nightlies.apache.org/syncope/master/reference-guide.pdf";>
+ <a
href="https://nightlies.apache.org/syncope/4_0_X/reference-guide.pdf";>
<img src="../images/application-pdf.png"/>
</a>
</td>
@@ -138,17 +138,17 @@ under the License.
<tr>
<td>REST</td>
<td>
- <a href="../rest/3.0/index.html">3.0</a>
+ <a href="../rest/4.0/index.html">4.0</a>
- <a href="../rest/2.1/index.html">2.1</a>
+ <a href="../rest/3.0/index.html">3.0</a>
</td>
</tr>
<tr>
<td>Javadocs</td>
<td>
- <a href="../apidocs/3.0/index.html">3.0</a>
+ <a href="../apidocs/4.0/index.html">4.0</a>
- <a href="../apidocs/2.1/index.html">2.1</a>
+ <a href="../apidocs/3.0/index.html">3.0</a>
</td>
</tr>
</tbody>
diff --git a/src/site/xdoc/downloads.xml b/src/site/xdoc/downloads.xml
index b08af3c287..9e96334823 100644
--- a/src/site/xdoc/downloads.xml
+++ b/src/site/xdoc/downloads.xml
@@ -36,18 +36,18 @@ under the License.
It is good practice to <a href="#Verifying_Releases">verify the
integrity</a> of the distribution files.
</p>
- <subsection name="3.0.0 Maggiore">
- <p>Release date: November 11th 2022</p>
+ <subsection name="4.0.0-M0 Notturno">
+ <p>Release date: December 27th 2024</p>
<p>
- <a
href="https://cwiki.apache.org/confluence/display/SYNCOPE/Maggiore";>Release
notes</a>
+ <a
href="https://cwiki.apache.org/confluence/display/SYNCOPE/Notturno";>Release
notes</a>
</p>
<div class="alert alert-info">
<p><strong>Don't know what to download? Click the buttons below to
get more information.</strong></p>
<div class="btn-group">
- <a href="docs/3.0/getting-started.html#maven-project"
class="btn">Maven Project</a>
- <a href="docs/3.0/getting-started.html#standalone"
class="btn">Standalone</a>
- <a href="docs/3.0/getting-started.html#docker" class="btn">Docker
images</a>
+ <a href="docs/4.0/getting-started.html#maven-project"
class="btn">Maven Project</a>
+ <a href="docs/4.0/getting-started.html#standalone"
class="btn">Standalone</a>
+ <a href="docs/4.0/getting-started.html#docker" class="btn">Docker
images</a>
</div>
</div>
@@ -61,42 +61,38 @@ under the License.
<tbody>
<tr>
<td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/3.0.0/syncope-3.0.0-source-release.zip";>syncope-3.0.0-source-release.zip</a>
+ <a
href="http://www.apache.org/dyn/closer.lua/syncope/4.0.0-M0/syncope-4.0.0-M0-source-release.zip";>syncope-4.0.0-M0-source-release.zip</a>
</td>
<td>
- <a
href="https://downloads.apache.org/syncope/3.0.0/syncope-3.0.0-source-release.zip.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/3.0.0/syncope-3.0.0-source-release.zip.sha512";>sha512</a>
+ <a
href="https://downloads.apache.org/syncope/4.0.0-M0/syncope-4.0.0-M0-source-release.zip.asc";>asc</a>
+ <a
href="https://downloads.apache.org/syncope/4.0.0-M0/syncope-4.0.0-M0-source-release.zip.sha512";>sha512</a>
</td>
</tr>
<tr>
<td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/3.0.0/syncope-standalone-3.0.0-distribution.zip";>syncope-standalone-3.0.0-distribution.zip</a>
+ <a
href="http://www.apache.org/dyn/closer.lua/syncope/4.0.0-M0/syncope-standalone-4.0.0-M0-distribution.zip";>syncope-standalone-4.0.0-M0-distribution.zip</a>
</td>
<td>
- <a
href="https://downloads.apache.org/syncope/3.0.0/syncope-standalone-3.0.0-distribution.zip.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/3.0.0/syncope-standalone-3.0.0-distribution.zip.sha512";>sha512</a>
+ <a
href="https://downloads.apache.org/syncope/4.0.0-M0/syncope-standalone-4.0.0-M0-distribution.zip.asc";>asc</a>
+ <a
href="https://downloads.apache.org/syncope/4.0.0-M0/syncope-standalone-4.0.0-M0-distribution.zip.sha512";>sha512</a>
</td>
</tr>
</tbody>
</table>
</subsection>
- <subsection name="2.1.13 Fusion">
- <p>Release date: December 9th 2022</p>
+ <subsection name="3.0.10 Maggiore">
+ <p>Release date: December 27th 2024</p>
<p>
- <a
href="https://cwiki.apache.org/confluence/display/SYNCOPE/Fusion";>Release
notes</a>
+ <a
href="https://cwiki.apache.org/confluence/display/SYNCOPE/Maggiore";>Release
notes</a>
</p>
<div class="alert alert-info">
<p><strong>Don't know what to download? Click the buttons below to
get more information.</strong></p>
<div class="btn-group">
- <a href="docs/2.1/getting-started.html#maven-project"
class="btn">Maven Project</a>
- <a href="docs/2.1/getting-started.html#standalone"
class="btn">Standalone</a>
- <a href="docs/2.1/getting-started.html#debian-packages"
class="btn">Debian Packages</a>
- <a href="docs/2.1/getting-started.html#gui-installer"
class="btn">GUI Installer</a>
- <a href="docs/2.1/getting-started.html#docker" class="btn">Docker
images</a>
- <a href="docs/2.1/getting-started.html#eclipse-ide-plugin"
class="btn">Eclipse IDE Plugin</a>
- <a href="docs/2.1/getting-started.html#netbeans-ide-plugin"
class="btn">Netbeans IDE Plugin</a>
+ <a href="docs/3.0/getting-started.html#maven-project"
class="btn">Maven Project</a>
+ <a href="docs/3.0/getting-started.html#standalone"
class="btn">Standalone</a>
+ <a href="docs/3.0/getting-started.html#docker" class="btn">Docker
images</a>
</div>
</div>
@@ -110,92 +106,20 @@ under the License.
<tbody>
<tr>
<td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/syncope-2.1.13-source-release.zip";>syncope-2.1.13-source-release.zip</a>
- </td>
- <td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-2.1.13-source-release.zip.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-2.1.13-source-release.zip.sha512";>sha512</a>
- </td>
- </tr>
- <tr>
- <td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/syncope-standalone-2.1.13-distribution.zip";>syncope-standalone-2.1.13-distribution.zip</a>
- </td>
- <td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-standalone-2.1.13-distribution.zip.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-standalone-2.1.13-distribution.zip.sha512";>sha512</a>
- </td>
- </tr>
- <tr>
- <td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/apache-syncope-2.1.13.deb";>apache-syncope-2.1.13.deb</a>
- </td>
- <td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/apache-syncope-2.1.13.deb.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/apache-syncope-2.1.13.deb.sha512";>sha512</a>
- </td>
- </tr>
- <tr>
- <td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/apache-syncope-console-2.1.13.deb";>apache-syncope-console-2.1.13.deb</a>
- </td>
- <td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/apache-syncope-console-2.1.13.deb.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/apache-syncope-console-2.1.13.deb.sha512";>sha512</a>
- </td>
- </tr>
- <tr>
- <td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/apache-syncope-enduser-2.1.13.deb";>apache-syncope-enduser-2.1.13.deb</a>
- </td>
- <td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/apache-syncope-enduser-2.1.13.deb.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/apache-syncope-enduser-2.1.13.deb.sha512";>sha512</a>
- </td>
- </tr>
- <tr>
- <td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/syncope-installer-2.1.13-uber.jar";>syncope-installer-2.1.13-uber.jar</a>
- </td>
- <td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-installer-2.1.13-uber.jar.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-installer-2.1.13-uber.jar.sha512";>sha512</a>
- </td>
- </tr>
- <tr>
- <td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/syncope-client-cli-2.1.13.zip";>syncope-client-cli-2.1.13.zip</a>
- </td>
- <td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-client-cli-2.1.13.zip.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-client-cli-2.1.13.zip.sha512";>sha512</a>
- </td>
- </tr>
- <tr>
- <td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/syncope-core-upgrade-2.1.13.zip";>syncope-core-upgrade-2.1.13.zip</a>
- </td>
- <td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-core-upgrade-2.1.13.zip.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-core-upgrade-2.1.13.zip.sha512";>sha512</a>
- </td>
- </tr>
- <tr>
- <td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/org.apache.syncope.ide.eclipse.site-2.1.13.zip";>org.apache.syncope.ide.eclipse.site-2.1.13.zip</a>
+ <a
href="http://www.apache.org/dyn/closer.lua/syncope/3.0.10/syncope-3.0.10-source-release.zip";>syncope-3.0.10-source-release.zip</a>
</td>
<td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/org.apache.syncope.ide.eclipse.site-2.1.13.zip.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/org.apache.syncope.ide.eclipse.site-2.1.13.zip.sha512";>sha512</a>
+ <a
href="https://downloads.apache.org/syncope/3.0.10/syncope-3.0.10-source-release.zip.asc";>asc</a>
+ <a
href="https://downloads.apache.org/syncope/3.0.10/syncope-3.0.10-source-release.zip.sha512";>sha512</a>
</td>
</tr>
<tr>
<td>
- <a
href="http://www.apache.org/dyn/closer.lua/syncope/2.1.13/syncope-ide-netbeans-2.1.13.nbm";>syncope-ide-netbeans-2.1.13.nbm</a>
+ <a
href="http://www.apache.org/dyn/closer.lua/syncope/3.0.10/syncope-standalone-3.0.10-distribution.zip";>syncope-standalone-3.0.10-distribution.zip</a>
</td>
<td>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-ide-netbeans-2.1.13.nbm.asc";>asc</a>
- <a
href="https://downloads.apache.org/syncope/2.1.13/syncope-ide-netbeans-2.1.13.nbm.sha512";>sha512</a>
+ <a
href="https://downloads.apache.org/syncope/3.0.10/syncope-standalone-3.0.10-distribution.zip.asc";>asc</a>
+ <a
href="https://downloads.apache.org/syncope/3.0.10/syncope-standalone-3.0.10-distribution.zip.sha512";>sha512</a>
</td>
</tr>
</tbody>
diff --git a/src/site/xdoc/integration.xml b/src/site/xdoc/integration.xml
index ae8ba5614b..c4dd9fe0a8 100644
--- a/src/site/xdoc/integration.xml
+++ b/src/site/xdoc/integration.xml
@@ -28,7 +28,7 @@ under the License.
<body>
<section name="Jenkins">
<p>
- <source><a
href="https://ci-builds.apache.org./job/Syncope/";>https://ci-builds.apache.org./job/Syncope/</a></source>
+ <source><a
href="https://ci-builds.apache.org/job/Syncope/";>https://ci-builds.apache.org./job/Syncope/</a></source>
</p>
</section>
@@ -41,14 +41,16 @@ under the License.
<img
src="https://github.com/apache/syncope/actions/workflows/codeql-analysis.yml/badge.svg";
style="max-width:100%;"/>
</a>
</p>
+
+ <p>See more at <a
href="https://github.com/apache/syncope/actions/";>GitHub</a>.</p>
</section>
<section name="Buildbot">
<p>
- <source><a
href="https://ci2.apache.org/#/builders/56";>master</a></source>
+ <source><a
href="https://ci2.apache.org/#/builders/56";>4_0_X</a></source>
</p>
<p>
- <source><a
href="https://ci2.apache.org/#/builders/55";>2_1_X</a></source>
+ <source><a
href="https://ci2.apache.org/#/builders/115";>3_0_X</a></source>
</p>
</section>
</body>
diff --git a/src/site/xdoc/release-process.xml
b/src/site/xdoc/release-process.xml
index fc9b628e49..fe171d83de 100644
--- a/src/site/xdoc/release-process.xml
+++ b/src/site/xdoc/release-process.xml
@@ -244,23 +244,6 @@ cp
$SYNCOPE_RELEASE_DIR/target/syncope-*-source-release.zip .
cp $SYNCOPE_RELEASE_DIR/target/syncope-*-source-release.zip.asc .
cp
$SYNCOPE_RELEASE_DIR/standalone/target/syncope-standalone-*-distribution.zip .
cp
$SYNCOPE_RELEASE_DIR/standalone/target/syncope-standalone-*-distribution.zip.asc
.
-# only for 2_1_X
-cp $SYNCOPE_RELEASE_DIR/installer/target/syncope-installer-*-uber.jar .
-cp $SYNCOPE_RELEASE_DIR/installer/target/syncope-installer-*-uber.jar.asc .
-cp $SYNCOPE_RELEASE_DIR/deb/core/target/apache-syncope-*.deb .
-cp $SYNCOPE_RELEASE_DIR/deb/core/target/apache-syncope-*.deb.asc .
-cp $SYNCOPE_RELEASE_DIR/deb/console/target/apache-syncope-console-*.deb .
-cp $SYNCOPE_RELEASE_DIR/deb/console/target/apache-syncope-console-*.deb.asc .
-cp $SYNCOPE_RELEASE_DIR/deb/enduser/target/apache-syncope-enduser-*.deb .
-cp $SYNCOPE_RELEASE_DIR/deb/enduser/target/apache-syncope-enduser-*.deb.asc .
-cp $SYNCOPE_RELEASE_DIR/client/cli/target/syncope-client-cli-*.zip .
-cp $SYNCOPE_RELEASE_DIR/client/cli/target/syncope-client-cli-*.zip.asc .
-cp
$SYNCOPE_RELEASE_DIR/ide/eclipse/releng/org.apache.syncope.ide.eclipse.site/target/org.apache.syncope.ide.eclipse.site-*.zip
.
-cp
$SYNCOPE_RELEASE_DIR/ide/eclipse/releng/org.apache.syncope.ide.eclipse.site/target/org.apache.syncope.ide.eclipse.site-*.zip.asc
.
-cp $SYNCOPE_RELEASE_DIR/ide/netbeans/target/syncope-ide-netbeans-*.nbm .
-cp $SYNCOPE_RELEASE_DIR/ide/netbeans/target/syncope-ide-netbeans-*.nbm.asc .
-cp $SYNCOPE_RELEASE_DIR/core/upgrade/target/syncope-core-upgrade-*.zip .
-cp $SYNCOPE_RELEASE_DIR/core/upgrade/target/syncope-core-upgrade-*.zip.asc .
for file in `find . -type f -iname '*.asc'`
do
@@ -284,6 +267,7 @@ mvn -PskipTests,all
cd standalone/target/standalone/apache-tomcat-* && chmod 755 bin/*.sh &&
./bin/startup.sh
curl -o /tmp/openapi.json http://localhost:9080/syncope/rest/openapi.json
+curl -o /tmp/keymaster-openapi.json
http://localhost:9080/syncope/rest/keymaster/openapi.json
./bin/shutdown.sh && cd -
cd syncope-$VERSION
@@ -294,43 +278,33 @@ mvn -P site -Dsite.deploymentBaseUrl=file:///<absolute
path to/site>/$VERSION
cd <absolute path to/site>/$VERSION
-# if releasing from 2_1_X
-mkdir -p rest/2.1
-mv /tmp/openapi.json rest/2.1/
-cp -r
$SYNCOPE_RELEASE_DIR/ext/swagger-ui/target/swagger-ui/META-INF/resources/webjars/swagger-ui/*/*
rest/2.1/
-sed 's/..\/rest\/openapi.json/openapi.json/'
$SYNCOPE_RELEASE_DIR/ext/swagger-ui/target/classes/META-INF/resources/swagger/index.html
> rest/2.1/index.html
-mkdir -p docs/2.1
-cp $SYNCOPE_SITE_DIR/target/generated-docs/getting-started.* docs/2.1/
-cp $SYNCOPE_SITE_DIR/target/generated-docs/reference-guide.* docs/2.1/
-cp -r $SYNCOPE_SITE_DIR/target/generated-docs/images docs/2.1/
+mkdir -p rest/$MAJOR_VERSION
+mv /tmp/openapi.json rest/$MAJOR_VERSION/
+mv /tmp/keymaster-openapi.json rest/$MAJOR_VERSION/
+cp -r
$SYNCOPE_RELEASE_DIR/core/starter/target/swagger-ui/META-INF/resources/webjars/swagger-ui/*/*
rest/$MAJOR_VERSION/
+sed 's/rest\/openapi.json/openapi.json/'
$SYNCOPE_RELEASE_DIR/core/starter/target/classes/META-INF/resources/index.html
| \
+ sed 's/\/rest\/keymaster\//keymaster-/' > rest/$MAJOR_VERSION/index.html
+mkdir -p docs/$MAJOR_VERSION
+cp $SYNCOPE_SITE_DIR/target/generated-docs/getting-started.*
docs/$MAJOR_VERSION/
+cp $SYNCOPE_SITE_DIR/target/generated-docs/reference-guide.*
docs/$MAJOR_VERSION/
+cp -r $SYNCOPE_SITE_DIR/target/generated-docs/images docs/$MAJOR_VERSION/
cd docs
-ln -s 3.0/reference-guide.html .
-ln -s 3.0/getting-started.html .
-ln -s 3.0/images/ .
+ln -s 4.0/reference-guide.html .
+ln -s 4.0/getting-started.html .
+ln -s 4.0/images/ .
+cd ../apidocs
+mkdir $MAJOR_VERSION
+mv * $MAJOR_VERSION/
cd ../..
svn add $VERSION
+# if releasing from 4_0_X
svn copy apidocs/3.0 $VERSION/apidocs/
svn copy rest/3.0 $VERSION/rest/
svn copy docs/3.0 $VERSION/docs/
-
-# else if releasing from master
-mkdir -p rest/3.0
-mv /tmp/openapi.json rest/3.0/
-cp -r
$SYNCOPE_RELEASE_DIR/core/starter/target/swagger-ui/META-INF/resources/webjars/swagger-ui/*/*
rest/3.0/
-sed 's/rest\/openapi.json/openapi.json/'
$SYNCOPE_RELEASE_DIR/core/starter/target/classes/META-INF/resources/index.html
> rest/3.0/index.html
-mkdir -p docs/3.0
-cp $SYNCOPE_SITE_DIR/target/generated-docs/getting-started.* docs/3.0/
-cp $SYNCOPE_SITE_DIR/target/generated-docs/reference-guide.* docs/3.0/
-cp -r $SYNCOPE_SITE_DIR/target/generated-docs/images docs/3.0/
-cd docs
-ln -s 3.0/reference-guide.html .
-ln -s 3.0/getting-started.html .
-ln -s 3.0/images/ .
-cd ../..
-svn add $VERSION
-svn copy apidocs/2.1 $VERSION/apidocs/
-svn copy rest/2.1 $VERSION/rest/
-svn copy docs/2.1 $VERSION/docs/
+# else if releasing from 3_0_X
+svn copy apidocs/4.0 $VERSION/apidocs/
+svn copy rest/4.0 $VERSION/rest/
+svn copy docs/4.0 $VERSION/docs/
svn commit -m "Staging site for release"]]></source>
</li>
@@ -496,10 +470,8 @@ svn mv -m "Moving the voted release artifacts to
dist/release" \
https://dist.apache.org/repos/dist/dev/syncope/$VERSION
https://dist.apache.org/repos/dist/release/syncope/
-svn co https://dist.apache.org/repos/dist/release/syncope syncope-dist-release
-cd syncope-dist-release
-svn rm <any older release artifact (if present)>
-svn commit -m "Cleaning up older releases"]]></source>
+svn rm -m "Cleaning up older releases" \
+https://dist.apache.org/repos/dist/release/syncope/$OLD_VERSION/]]></source>
</li>
<li>
Add appropriate release notes to
@@ -516,14 +488,14 @@ svn commit -m "Cleaning up older releases"]]></source>
<source><![CDATA[
svn co https://svn.apache.org/repos/asf/syncope/site/
cd site
-svn rm *.html apidocs rest css images img js fonts docs
+svn rm *.html apidocs rest css images img js fonts docs xref*
svn mv $VERSION/* .
svn rm $VERSION
svn commit -m "Promoting the staging site"]]></source>
</li>
<li>
Deploy the updated Docker images to <a
href="https://hub.docker.com/";>DockerHub</a> by adjusting the GIT tag
- name then running the <a
href="https://ci-builds.apache.org./job/Syncope/job/Syncope-Release-Docker/";>dedicated
Jenkins job</a>.
+ name then running the <a
href="https://ci-builds.apache.org/job/Syncope/job/Syncope-Release-Docker/";>dedicated
Jenkins job</a>.
</li>
</ol>
</subsection>
diff --git a/src/site/xdoc/security.xml b/src/site/xdoc/security.xml
index ecc9c77ab9..536be0edab 100644
--- a/src/site/xdoc/security.xml
+++ b/src/site/xdoc/security.xml
@@ -36,6 +36,86 @@ under the License.
<p>If you want to report a vulnerability, please follow <a
href="https://www.apache.org/security/";>the procedure</a>.</p>
+ <subsection name="CVE-2024-45031: Apache Syncope: Stored XSS in Console
and Enduser">
+ <p>When editing objects in the Syncope Console, incomplete HTML tags
could be used to bypass HTML sanitization. This made it possible to inject
stored XSS payloads which would trigger for other users during ordinary usage
of the application.<br/>
+XSS payloads could also be injected in Syncope Enduser when editing “Personal
Information” or “User Requests”: such payloads would trigger for administrators
in Syncope Console, thus enabling session hijacking.</p>
+
+ <p>
+ <b>Severity</b>
+ </p>
+ <p>Moderate</p>
+
+ <p>
+ <b>Affects</b>
+ </p>
+ <p>
+ <ul>
+ <li>3.0 through 3.0.8</li>
+ <li>2.1 through 2.1.14</li>
+ </ul>
+ </p>
+
+ <p>
+ <b>Solution</b>
+ </p>
+ <p>
+ <ul>
+ <li>Users are recommended to upgrade to version 3.0.9, which fixes
this issue.</li>
+ </ul>
+ </p>
+
+ <p>
+ <b>Fixed in</b>
+ </p>
+ <p>
+ <ul>
+ <li>Release 3.0.9</li>
+ </ul>
+ </p>
+
+ <p>Read the <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45031";>full CVE
advisory</a>.</p>
+ </subsection>
+
+ <subsection name="CVE-2024-38503: HTML tags can be injected into Console
or Enduser text fields">
+ <p>When editing a user, group or any object in the Syncope Console,
HTML tags could be added to any text field and could lead to potential exploits.
+The same vulnerability was found in the Syncope Enduser, when editing
“Personal Information” or “User Requests”.</p>
+
+ <p>
+ <b>Severity</b>
+ </p>
+ <p>Moderate</p>
+
+ <p>
+ <b>Affects</b>
+ </p>
+ <p>
+ <ul>
+ <li>3.0 through 3.0.7</li>
+ <li>2.1 through 2.1.14</li>
+ </ul>
+ </p>
+
+ <p>
+ <b>Solution</b>
+ </p>
+ <p>
+ <ul>
+ <li>Users are recommended to upgrade to version 3.0.8, which fixes
this issue.</li>
+ </ul>
+ </p>
+
+ <p>
+ <b>Fixed in</b>
+ </p>
+ <p>
+ <ul>
+ <li>Release 3.0.8</li>
+ </ul>
+ </p>
+
+ <p>Read the <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38503";>full CVE
advisory</a>.</p>
+ </subsection>
+
<subsection name="CVE-2020-11977: Remote Code Execution via Flowable
workflow definition">
<p>When the Flowable extension is enabled, an administrator with
workflow entitlements can use Shell Service Tasks to perform malicious
operations, including but not limited
to file read, file write, and code execution.</p>
diff --git a/src/site/xdoc/source-repository.xml
b/src/site/xdoc/source-repository.xml
index db82632d33..9a6d909e5b 100644
--- a/src/site/xdoc/source-repository.xml
+++ b/src/site/xdoc/source-repository.xml
@@ -27,12 +27,7 @@ under the License.
<body>
<section name="Web Browsing">
- <p>To browse use the GIT web interface:<br/>
-
- <a
href="https://gitbox.apache.org/repos/asf?p=syncope.git";>https://gitbox.apache.org/repos/asf?p=syncope.git</a>
- </p>
- <p>Alternatively, use GitHub web interface:<br/>
-
+ <p>To browse, use the GitHub web interface:<br/>
<a
href="https://github.com/apache/syncope";>https://github.com/apache/syncope</a>
</p>
</section>
@@ -54,7 +49,7 @@ under the License.
</p>
<subsection name="Forking on GitHub">
- <p>Syncope's git repo is automatically mirrored on github at: <a
href="https://github.com/apache/syncope";>https://github.com/apache/syncope</a>.</p>
+ <p>Syncope's git repo is automatically mirrored at: <a
href="https://github.com/apache/syncope";>https://github.com/apache/syncope</a>.</p>
<p>You can fork that repository, commit changes to your fork, and
submit pull requests through GitHub's pull
requests.<br/>
![https://github.com/apache/syncope/actions/workflows/codeql-analysis.yml/badge.svg"](https://github.com/apache/syncope/actions/workflows/codeql-analysis.yml/badge.svg"){kind=link}