Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump wrapper versions to 0.15.0 #1007

Merged
merged 15 commits into from
Jun 20, 2023

Conversation

G1gg1L3s
Copy link
Collaborator

Bump all of the wrapper versions according to our docs. Same parts of it are outdated while the other are a bit unclear for me, so I may miss something.

I've put the release day of July 1st, but it's more like a plug, we can adjust it on the go.

About the unclearness: I didn't get where to put the 0.15.0 tag on, so I skipped that.

Also, since I don't have MacOS machine, I didn't touch any of the Apple stuff, so I need help here.

Finally, I've update the React Native, though it's not documented. I also found that it uses 0.13.1 in some of its scripts, so the question is should we update it as well?

implementation 'com.cossacklabs.com:themis:0.13.1'

Checklist

Wrappers

  • Themis Core
  • Python
  • Ruby
  • NodeJs
  • Wasm
  • Android
  • PHP (we deprecate it, right? Maybe do something with it or just update the changelog?)
  • Rust
  • ObjC
  • React Native

Other

  • Changelog is updated
  • The 0.15.0 tag points to the correct branch
  • Documentation is updated1
  • Examples are update to use the new version1

Footnotes

  1. Looking at the Themis 0.14 #883, I suspect that these are changed after the release. Though the changes can be prepared now. Correct me if I'm wrong. 2

s.version = '0.14.0'
s.date = '2021-12-24'
s.version = '0.15.0'
s.date = '2023-07-01'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👀

@Lagovas
Copy link
Collaborator

Lagovas commented Jun 19, 2023

I see, that

  • Themis Core / MSYS2 environment (pull_request) - fails due to it expects 0.15.0 tar.gz from github and probably will be fixed after pushing tag
  • Themis Core / Benchmarks (pull_request) - looks like the same, rust cannot find code with expected version
  • RustThemis / libthemis-sys bindings (pull_request) - looks like we should re-generate some bindings for rust
  • RustThemis / Code examples (1.58) (pull_request) - some rust examples (comparator?) expect 0.14.0 themis as dependency. +1 place where we should keep in mind to up version?

G1gg1L3s and others added 2 commits June 19, 2023 15:45
Co-authored-by: vixentael <vixentael@users.noreply.github.com>
@G1gg1L3s G1gg1L3s mentioned this pull request Jun 19, 2023
3 tasks
@G1gg1L3s
Copy link
Collaborator Author

So, RustThemis is fixed - I somehow forgot to update benchmarks, though I remember doing it... Anyway, fixes of the libthemis-sys are in #1008. I will merge them here when PR is approved but they are probably okay.

So yeah, the other checks fail because they expect packages that we haven't released yet.

Copy link
Collaborator

@Lagovas Lagovas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm in general, we should check msys2 tests after tagging with ios related parts

CHANGELOG.md Outdated
**TL;DR:**

- Uncompressed EC public keys are now supported.
- Increased PBKDF2 iteration count for Secure Cell passphrase mode.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's mention from which value to which new value we increased. it will help us in the future too, I think so

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"

[project]
name = "pythemis"
version = "0.14.0"
version = "0.15.0"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wow, you had already updated our internal readme. thanks!

Copy link
Collaborator

@Lagovas Lagovas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's merge. msys2 tests will be fixed after tags. anyway this PR is targeted to pre-release branch

@G1gg1L3s G1gg1L3s merged commit bc94b63 into cossacklabs:pre-release/0.15.0 Jun 20, 2023
@G1gg1L3s G1gg1L3s deleted the update-version branch June 20, 2023 16:36
G1gg1L3s added a commit that referenced this pull request Jun 21, 2023
* Fix rust issues (pin log, run bindgen) (#1005)

* rust: Pin log version to =0.4.18

The 0.4.19 requires rustc 1.60, but currently we support 1.58.
Pinning it is not a big deal since it's development dependecy for
tests and examples.

* rust: Regenerate and update lib.rs

bindgen was updated again and changed something which resulted in
new output (seems like some internal constants are removed).

* Pythemis: introduce `pyproject.toml` (#1006)

* pythemis: Add pyproject.toml

Since setup.py is deprecated, let's try moving to the pyproject.toml
and configuring it with the same data as in setup.py.

Use setuptools as a backend for no particular reasons ¯\_(ツ)_/¯,
just because the name is familiar and we have no reasons to not use
it or use something else.

Keep the old setup.py for backward compatibility so old systems can
try to build the package.

For now, keep 0.14.0, we will bump the version in another PR.

* makefile: Use pyproject.toml for installing pythemis

According to this [1] article, the correct command is

    pip install .

in the project's root. Let's try that. Also, the other option is

    python -m build --wheel

which builds the package but doesn't install it. We can provide
something like `pythemis_build` for it for example.

[1]: https://godatadriven.com/blog/a-practical-guide-to-setuptools-and-pyproject-toml/

* pythemis: Update classifiers to Python3.6+

With many hours and docker containers I tested that themis actually
works up to python 3.4. The other versions require some changes in
makefile so they are more like "grey area".

However, python3.5 is deprecated and it produces warning like
"DEPRECATION: Python 3.5 reached the end of its life on..." so many
libraries don't support it. Instead they start with 3.6 which will
do as well, I guess.

Though, actually python3.6 is also deprecated [1]. The same will be
true for python3.7 in a couple of days (Jun 27 2023), so the question
is, should we declare support of these versions?

[1]: https://devguide.python.org/versions/

* pythemis: Extend range of supported py versions

* Update changelog

* Run and pin bindgen (#1008)

* rust-themis: Update bindgen

It updated and broke something again 🤦

* rust-themis: Pin bindgen version

It is pretty unstable with its frequent releases, so let's pin it.

* Update changelog

* Bump wrapper versions to 0.15.0 (#1007)

* changelog: Add 0.15.0 summary

* themis-core: Update version

* pythemis: Update version

* pythemis: Fix 8-year old typo in AUTHORS :)

* rbthemis: Update version

* jsthemis: Update versions

* wasm-themis: Update versions

* android-themis: Update version

* rust-themis: Update versions

* react-native-themis: Update versions

* pythemis: https in AUTHORS

Co-authored-by: vixentael <vixentael@users.noreply.github.com>

* rust-themis: Update bench versions

Somehow missed that.

* changelog: Forgot to mention rust 1.58

* changelog: Mention the new iteration count

---------

Co-authored-by: vixentael <vixentael@users.noreply.github.com>

* Bump embedded BoringSSL (#1004)

* Bump BoringSSL and fix makefile

This is not the latest BoringSSL version yet, because there are
a couple of fixes. So, treat it as the first. Here we also fix
our makefile because the BoringSSL team fixed bug with the strange
behaviour of absolute path to symbols.txt [1].

[1]: https://boringssl.googlesource.com/boringssl/+/8c75ed046f799f1d8b805036b1dea9c5ec0a0fb5%5E%21/#F0

* Bump BoringSSL and fix opaque EVP

As OpenSSL, BoringSSL made many types opaque, so it will require
updating some of the code to not use fields.

* Bump BoringSSL again and fix RSA

The same issue - RSA type became opaque, so we need to use accessors
similar to what Openssl had.

* Bump BoringSSL once more

This is (hoperfully) the last bump. This time without issues but
we will see what CI says.

* Make bignum_to_bytes accept const bignum*

It will prevent some of the warnings. This function doesn't mutate
bignum anyway.

* Update changelog

* boringssl: Bump once again

* msys2: Update hashes temporarily

This are test values because we will move the tag. But for now,
let's just test it.

* phpthemis: Update version for the sake of testing

They will fail probably, but just out of curiosity let's try to run
the tests.

* Update date of the release

Solstice!

---------

Co-authored-by: vixentael <vixentael@users.noreply.github.com>
Lagovas pushed a commit that referenced this pull request Dec 5, 2023
* Pre-release Themis 0.15.0 (#1011)

* Fix rust issues (pin log, run bindgen) (#1005)

* rust: Pin log version to =0.4.18

The 0.4.19 requires rustc 1.60, but currently we support 1.58.
Pinning it is not a big deal since it's development dependecy for
tests and examples.

* rust: Regenerate and update lib.rs

bindgen was updated again and changed something which resulted in
new output (seems like some internal constants are removed).

* Pythemis: introduce `pyproject.toml` (#1006)

* pythemis: Add pyproject.toml

Since setup.py is deprecated, let's try moving to the pyproject.toml
and configuring it with the same data as in setup.py.

Use setuptools as a backend for no particular reasons ¯\_(ツ)_/¯,
just because the name is familiar and we have no reasons to not use
it or use something else.

Keep the old setup.py for backward compatibility so old systems can
try to build the package.

For now, keep 0.14.0, we will bump the version in another PR.

* makefile: Use pyproject.toml for installing pythemis

According to this [1] article, the correct command is

    pip install .

in the project's root. Let's try that. Also, the other option is

    python -m build --wheel

which builds the package but doesn't install it. We can provide
something like `pythemis_build` for it for example.

[1]: https://godatadriven.com/blog/a-practical-guide-to-setuptools-and-pyproject-toml/

* pythemis: Update classifiers to Python3.6+

With many hours and docker containers I tested that themis actually
works up to python 3.4. The other versions require some changes in
makefile so they are more like "grey area".

However, python3.5 is deprecated and it produces warning like
"DEPRECATION: Python 3.5 reached the end of its life on..." so many
libraries don't support it. Instead they start with 3.6 which will
do as well, I guess.

Though, actually python3.6 is also deprecated [1]. The same will be
true for python3.7 in a couple of days (Jun 27 2023), so the question
is, should we declare support of these versions?

[1]: https://devguide.python.org/versions/

* pythemis: Extend range of supported py versions

* Update changelog

* Run and pin bindgen (#1008)

* rust-themis: Update bindgen

It updated and broke something again 🤦

* rust-themis: Pin bindgen version

It is pretty unstable with its frequent releases, so let's pin it.

* Update changelog

* Bump wrapper versions to 0.15.0 (#1007)

* changelog: Add 0.15.0 summary

* themis-core: Update version

* pythemis: Update version

* pythemis: Fix 8-year old typo in AUTHORS :)

* rbthemis: Update version

* jsthemis: Update versions

* wasm-themis: Update versions

* android-themis: Update version

* rust-themis: Update versions

* react-native-themis: Update versions

* pythemis: https in AUTHORS

Co-authored-by: vixentael <vixentael@users.noreply.github.com>

* rust-themis: Update bench versions

Somehow missed that.

* changelog: Forgot to mention rust 1.58

* changelog: Mention the new iteration count

---------

Co-authored-by: vixentael <vixentael@users.noreply.github.com>

* Bump embedded BoringSSL (#1004)

* Bump BoringSSL and fix makefile

This is not the latest BoringSSL version yet, because there are
a couple of fixes. So, treat it as the first. Here we also fix
our makefile because the BoringSSL team fixed bug with the strange
behaviour of absolute path to symbols.txt [1].

[1]: https://boringssl.googlesource.com/boringssl/+/8c75ed046f799f1d8b805036b1dea9c5ec0a0fb5%5E%21/#F0

* Bump BoringSSL and fix opaque EVP

As OpenSSL, BoringSSL made many types opaque, so it will require
updating some of the code to not use fields.

* Bump BoringSSL again and fix RSA

The same issue - RSA type became opaque, so we need to use accessors
similar to what Openssl had.

* Bump BoringSSL once more

This is (hoperfully) the last bump. This time without issues but
we will see what CI says.

* Make bignum_to_bytes accept const bignum*

It will prevent some of the warnings. This function doesn't mutate
bignum anyway.

* Update changelog

* boringssl: Bump once again

* msys2: Update hashes temporarily

This are test values because we will move the tag. But for now,
let's just test it.

* phpthemis: Update version for the sake of testing

They will fail probably, but just out of curiosity let's try to run
the tests.

* Update date of the release

Solstice!

---------

Co-authored-by: vixentael <vixentael@users.noreply.github.com>

* msys2: Update checksums (#1012)

It's the egg-chicken problem: we can update those hashes only
after the release. But then, the release tag will not point to
the updated hashes.

* Squashed commit of the following:

commit 784033b
Author: Anatolii Lishchynskyi <anatolii.lishchynskyi@cossacklabs.com>
Date:   Tue Nov 28 21:45:12 2023 +0200

    New methods of building/installing PyThemis (#1023)

    Refactor Makefile:
    * new target pythemis_make_wheel to create a .whl Python package,
      current modern format to be installed into virtual environmants
    * new target pythemis_install_wheel to install it in currently active virtualenv
    * new target deb_python that builds a .deb package for system-wide
      installation of PyThemis
    * new target pythemis_install_deb, alias for pythemis_deb + apt install of
      the created pkg
    * new target rpm_python, similar to deb_python
    * new target pythemis_install_rpm, pythemis_install_deb

    Update GitHub Actions workflow, test .whl and .deb installation

    See cossacklabs/product-docs/pull/317 for related docs update

commit 30578c8
Author: Anatolii Lishchynskyi <anatolii.lishchynskyi@cossacklabs.com>
Date:   Mon Nov 27 17:53:02 2023 +0200

    Fix clippy and fmt issues, update MSRV (#1039)

    Fix clippy and fmt issues

    Update MSRV to 1.60

    Freeze test deps so they compile on Rust 1.60, with no effect on
    themis itself (does not use those frozen crates)

commit 6111766
Author: Anatolii Lishchynskyi <anatolii.lishchynskyi@cossacklabs.com>
Date:   Tue Nov 21 17:08:51 2023 +0200

    Update emscripten requirements and WASM CI job (#1036)

    * Bump emsdk version to 3.1.47
      Produces module importable in Node v18
      With older (emsdk 3.0.0) version, generated `libthemis.js` that should
      load `libthemis.wasm` fails due to some internal autogenerated code
      working differently on v16 and v18

    * Add link flag for WASM builds
      Needed to make new emscripten produce working module

    * Update Node testing versions
      Add v18 that should now work, also add v20 that is in active development
      as of now, but if tests are green then why not?

    * Switched integration tests to use v16

    * Removed testing of quite old and deprecated v10

    * Updated version of BoringSSL submodule to a newer one (not the latest though)

commit 05cac26
Author: Anatolii Lishchynskyi <anatolii.lishchynskyi@cossacklabs.com>
Date:   Thu Nov 9 22:24:35 2023 +0200

    CI fixes (#1034)

    Rix Rust CI builds (#1032)

    * Pin log dependency to 0.4.17
    * Pin byteorder dependency to 1.4.3

    Last versions that still work with current MSRV 1.58.

    Fix sanitizers CI job (#1033)

    * Switch to GCC 10
    * Install `libgcc-10-dev` that provides file `libtsan_preinit.o` needed
      for thread sanitizer

    Change priority of PREFIX in CFLAGS and LDFLAGS (#1031)

    * Change include dir priority in CFLAGS
    Move 'CFLAGS += -I/usr/local/include' below engine selection macros,
    so that if OS have OpenSSL header files installed in /usr/local/include,
    it won't mess with vendored BoringSSL or any other selected engine.

    * Put /usr/local/lib in separate LDFLAGS
    Introduce ADDITIONAL_LDFLAGS macro and put it after both LDFLAGS
    and CRYPTO_ENGINE_LDFLAGS during linking.

    * Add optional verbose logging to Makefile
    Add VERBOSE option to Makefile. If set, print executed command
    (compiler, linker etc) even for successful runs, and run ldd on created
    shared libraries.

    * Enable verbose builds on macOS jobs

commit 06d52f4
Author: Anatolii Lishchynskyi <anatolii.lishchynskyi@cossacklabs.com>
Date:   Tue Sep 26 13:15:37 2023 +0300

    Fix make target rbthemis_uninstall (#1022)

    * Fix make target rbthemis_uninstall
    * Add RbThemis uninstall step to CI

commit 8609650
Author: Nazar Serhiichuk <43041209+G1gg1L3s@users.noreply.github.com>
Date:   Mon Jul 10 22:57:46 2023 +0300

    Avoid specific versions in README (#1016)

    Just to avoid responsibility of updating it during release

    (•_•)
    ( •_•)>⌐■-■
    (⌐■_■)

commit 3219654
Author: Martin Arista <hello@mrtnrst.com>
Date:   Mon Jul 10 11:54:25 2023 -0400

    Update README.md (#1015)

    update links for maven and java/kotlin links

* Bump boringssl

* Revert "Bump boringssl"

This reverts commit dee8388.

Okay, this time I checked, the previous commit of boiringssl was
newer than one in the master.

* msys2: Fix hashes for 0.15.0 release (#1040)

Since we already have 0.15.0 assets on GitHub, we can specify those
and expect successful builds on stable.

---------

Co-authored-by: vixentael <vixentael@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants