Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release v1.8.3 (Lombiq Technologies: OCORE-162) #15826

Merged
merged 7 commits into from
Apr 25, 2024
Merged

Release v1.8.3 (Lombiq Technologies: OCORE-162) #15826

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
4a9f91a
Updating SixLabors.ImageSharp.Web to v3.1.2
Piedone Apr 25, 2024
74e81fe
More docs
Piedone Apr 25, 2024
af556f4
Update ManifestConstants
Piedone Apr 25, 2024
0afa278
Update VersionPrefix
Piedone Apr 25, 2024
d353d10
Update Azure.Identity to v1.11.2
Piedone Apr 25, 2024
b9ef6b5
Release notes
Piedone Apr 25, 2024
5e8f91a
Spelling
Piedone Apr 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ Orchard Core consists of two distinct projects:

## Build Status

Stable (release/1.8.2):
Stable (release/1.8.3):

[![Build status](https://github.com/OrchardCMS/OrchardCore/actions/workflows/release_ci.yml/badge.svg)](https://github.com/OrchardCMS/OrchardCore/actions?query=workflow%3A%22Release+-+CI%22)
[![NuGet](https://img.shields.io/nuget/v/OrchardCore.Application.Cms.Targets.svg)](https://www.nuget.org/packages/OrchardCore.Application.Cms.Targets)
Expand All @@ -30,7 +30,7 @@ Nightly (main):

## Status

### 1.8.2
### 1.8.3

The software is finished -- and by finished, we mean there are no show-stopping, little-children-killing bugs in it. That we know of. There are probably numerous lower-priority bugs triaged into the next point release or service pack, as well.

Expand Down
1 change: 1 addition & 0 deletions mkdocs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,7 @@ nav:
- Owners: docs/resources/owners/README.md
- Workshops: docs/resources/workshops/README.md
- Releases:
- 1.8.3: docs/releases/1.8.3.md
- 1.8.2: docs/releases/1.8.2.md
- 1.8.1: docs/releases/1.8.1.md
- 1.8.0: docs/releases/1.8.0.md
Expand Down
4 changes: 2 additions & 2 deletions src/OrchardCore.Build/Dependencies.props
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
<PackageManagement Include="AWSSDK.SecurityToken" Version="3.7.101.60" />
<PackageManagement Include="Azure.Extensions.AspNetCore.Configuration.Secrets" Version="1.3.0" />
<PackageManagement Include="Azure.Extensions.AspNetCore.DataProtection.Blobs" Version="1.3.2" />
<PackageManagement Include="Azure.Identity" Version="1.10.4" />
<PackageManagement Include="Azure.Identity" Version="1.11.2" />
<PackageManagement Include="Azure.Storage.Blobs" Version="12.19.1" />
<PackageManagement Include="BenchmarkDotNet" Version="0.13.11" />
<PackageManagement Include="Castle.Core" Version="5.1.1" />
Expand Down Expand Up @@ -54,7 +54,7 @@
<PackageManagement Include="PdfPig" Version="0.1.8" />
<PackageManagement Include="Serilog.AspNetCore" Version="7.0.0" />
<PackageManagement Include="Shortcodes" Version="1.3.3" />
<PackageManagement Include="SixLabors.ImageSharp.Web" Version="3.1.0" />
<PackageManagement Include="SixLabors.ImageSharp.Web" Version="3.1.2" />
<PackageManagement Include="StackExchange.Redis" Version="2.7.10" />
<PackageManagement Include="StyleCop.Analyzers" Version="1.1.118" />
<PackageManagement Include="System.Linq.Async" Version="6.0.1" />
Expand Down
2 changes: 1 addition & 1 deletion src/OrchardCore.Build/OrchardCore.Commons.props
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

<PropertyGroup>
<LangVersion>12.0</LangVersion>
<VersionPrefix>1.8.1</VersionPrefix>
<VersionPrefix>1.8.3</VersionPrefix>
<VersionSuffix></VersionSuffix>
<VersionSuffix Condition="'$(VersionSuffix)'!='' AND '$(BuildNumber)' != ''">$(VersionSuffix)-$(BuildNumber)</VersionSuffix>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
Expand Down
2 changes: 1 addition & 1 deletion src/OrchardCore/OrchardCore.Abstractions/Modules/Manifest/ManifestConstants.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ public static class ManifestConstants
{
public const string OrchardCoreTeam = "The Orchard Core Team";

public const string OrchardCoreVersion = "1.8.2";
public const string OrchardCoreVersion = "1.8.3";

public const string OrchardCoreWebsite = "https://orchardcore.net";

Expand Down
4 changes: 2 additions & 2 deletions src/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,8 +64,8 @@ Orchard Core CMS supports all major site building strategies:

## Status

The latest released version of Orchard Core is `1.8.2`.
The release notes can be found on <https://github.com/OrchardCMS/OrchardCore/releases/tag/v1.8.2>
The latest released version of Orchard Core is `1.8.3`.
The release notes can be found on <https://github.com/OrchardCMS/OrchardCore/releases/tag/v1.8.3>

Here is a more detailed [roadmap](https://github.com/OrchardCMS/OrchardCore/wiki/Roadmap).

Expand Down
10 changes: 5 additions & 5 deletions src/docs/getting-started/templates/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ More information about `dotnet new` can be found at <https://docs.microsoft.com/
Once the .NET Core SDK has been installed, type the following command to install the templates for creating Orchard Core web applications:

```CMD
dotnet new install OrchardCore.ProjectTemplates::1.8.2
dotnet new install OrchardCore.ProjectTemplates::1.8.3
```

This will use the most stable release of Orchard Core. In order to use the latest `main` branch of Orchard Core, the following command can be used:

```CMD
dotnet new install OrchardCore.ProjectTemplates::1.8.2-* --nuget-source https://nuget.cloudsmith.io/orchardcore/preview/v3/index.json
dotnet new install OrchardCore.ProjectTemplates::1.8.3-* --nuget-source https://nuget.cloudsmith.io/orchardcore/preview/v3/index.json
```

## Create a new website
Expand All @@ -25,7 +25,7 @@ dotnet new install OrchardCore.ProjectTemplates::1.8.2-* --nuget-source https://
#### Generate an Orchard Cms Web Application

!!! warning
Due to a bug in the current published version, the following `dotnet new` commands will require the extra argument `--orchard-version 1.8.2`. For instance, instead of typing `dotnet new occms` use `dotnet new occms --orchard-version 1.8.2`
Due to a bug in the current published version, the following `dotnet new` commands will require the extra argument `--orchard-version 1.8.3`. For instance, instead of typing `dotnet new occms` use `dotnet new occms --orchard-version 1.8.3`

```CMD
dotnet new occms
Expand All @@ -47,7 +47,7 @@ Options:

-ov|--orchard-version Specifies which version of Orchard Core packages to use.
string - Optional
Default: 1.8.2
Default: 1.8.3
```

Logging can be ignored with this command:
Expand Down Expand Up @@ -134,7 +134,7 @@ Options:

-ov|--orchard-version Specifies which version of Orchard Core packages to use.
string - Optional
Default: 1.8.2
Default: 1.8.3
```

```CMD
Expand Down
6 changes: 3 additions & 3 deletions src/docs/guides/add-admin-menu/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ There are different ways to create sites and modules for Orchard Core. You can l

You can install the latest released templates using this command:

```dotnet new install OrchardCore.ProjectTemplates::1.8.2-*```
```dotnet new install OrchardCore.ProjectTemplates::1.8.3-*```

!!! note
To use the development branch of the template add `--nuget-source https://nuget.cloudsmith.io/orchardcore/preview/v3/index.json`
Expand All @@ -40,10 +40,10 @@ The next step is to reference the module from the application, by adding a proje

We also need a reference to the `OrchardCore.Admin` package in order to be able to implement the required interfaces:

```dotnet add .\MyModule\MyModule.csproj package OrchardCore.Admin --version 1.8.2-*```
```dotnet add .\MyModule\MyModule.csproj package OrchardCore.Admin --version 1.8.3-*```

!!! note
To use the development branch of the template add ` --source https://nuget.cloudsmith.io/orchardcore/preview/v3/index.json --version 1.8.2-*`
To use the development branch of the template add ` --source https://nuget.cloudsmith.io/orchardcore/preview/v3/index.json --version 1.8.3-*`

## Adding our controller and views

Expand Down
2 changes: 1 addition & 1 deletion src/docs/guides/create-cms-application/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ There are different ways to create sites and modules for Orchard Core. You can l

In this guide we will use our "Code Generation Templates". You can install the latest stable release of the templates using this command:

```dotnet new install OrchardCore.ProjectTemplates::1.8.2-*```
```dotnet new install OrchardCore.ProjectTemplates::1.8.3-*```

!!! note
To use the development branch of the template add `--nuget-source https://nuget.cloudsmith.io/orchardcore/preview/v3/index.json`
Expand Down
2 changes: 1 addition & 1 deletion src/docs/guides/create-modular-application-mvc/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ There are different ways to create sites and modules for Orchard Core. You can l

In this guide we will use our [Code Generation Templates](../../getting-started/templates/). You can install the latest stable release of the templates using this command:

```dotnet new install OrchardCore.ProjectTemplates::1.8.2-*```
```dotnet new install OrchardCore.ProjectTemplates::1.8.3-*```

!!! note
To use the development branch of the template add `--nuget-source https://nuget.cloudsmith.io/orchardcore/preview/v3/index.json`
Expand Down
2 changes: 1 addition & 1 deletion src/docs/guides/decoupled-cms/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ This will allow for the Razor Pages to be reloaded without the need to recompile

```xml
<ItemGroup>
<PackageReference Include="OrchardCore.Application.Cms.Core.Targets" Version="1.8.2" />
<PackageReference Include="OrchardCore.Application.Cms.Core.Targets" Version="1.8.3" />
</ItemGroup>
```

Expand Down
12 changes: 12 additions & 0 deletions src/docs/releases/1.8.3.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Orchard Core 1.8.3

Release date: April 25, 2024

**This is a security release.** We recommend you update your application immediately.

## What's Changed

* Update `SixLabors.ImageSharp` to v3.1.2 with a fix for [CVE-2024-27929](https://nvd.nist.gov/vuln/detail/CVE-2024-27929).
* Update `Azure.Identity` to v1.11.2 with a fix for [CVE-2024-29992](https://nvd.nist.gov/vuln/detail/CVE-2024-29992).

**Full Changelog**: <https://github.com/OrchardCMS/OrchardCore/compare/v1.8.2...v1.8.3>
4 changes: 2 additions & 2 deletions src/docs/resources/libraries/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ The below table lists the different .NET libraries used in Orchard Core:
| [AWSSDK S3](https://github.com/aws/aws-sdk-net) | AWS SDK for .NET. | 3.7.104.11 |[Apache-2.0 license](https://github.com/aws/aws-sdk-net/blob/master/License.txt) |
| [AWSSDK SecurityToken](https://github.com/aws/aws-sdk-net) | AWS SDK for .NET. | 3.7.101.60 |[Apache-2.0 license](https://github.com/aws/aws-sdk-net/blob/master/License.txt) |
| [AWSSDK Extensions Setup](https://github.com/aws/aws-sdk-net) | AWS SDK for .NET. | 3.7.7 |[Apache-2.0 license](https://github.com/aws/aws-sdk-net/blob/master/License.txt) |
| [Azure Identity](https://github.com/Azure/azure-sdk-for-net/blob/master/sdk/identity/Azure.Identity/README.md) | Azure Active Directory token authentication support. | 1.10.4 |[MIT](https://github.com/Azure/azure-sdk-for-net/blob/master/LICENSE.txt) |
| [Azure Identity](https://github.com/Azure/azure-sdk-for-net/blob/master/sdk/identity/Azure.Identity/README.md) | Azure Active Directory token authentication support. | 1.11.2 |[MIT](https://github.com/Azure/azure-sdk-for-net/blob/master/LICENSE.txt) |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If these changes are coming from an existing PR. I think you should backport that PR into this branch. The Release v1.8.3 PR should contain only administration docs.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see much point in finding those PRs and cherry-picking them for changes in version numbers.

| [Azure Configuration Secrets](https://github.com/Azure/azure-sdk-for-net/blob/Azure.Extensions.AspNetCore.Configuration.Secrets_1.3.0/sdk/extensions/Azure.Extensions.AspNetCore.Configuration.Secrets/README.md) | Azure Key Vault configuration provider implementation for Microsoft.Extensions.Configuration. | 1.2.2 |[MIT](https://github.com/Azure/azure-sdk-for-net/blob/master/LICENSE.txt) |
| [Azure Storage Blobs](https://github.com/Azure/azure-sdk-for-net/blob/master/sdk/storage/Azure.Storage.Blobs/README.md) | Azure Storage Blobs client library for .NET. | 12.19.1 |[MIT](https://github.com/Azure/azure-sdk-for-net/blob/master/LICENSE.txt) |
| [Azure Storage Blobs for DataProtection](https://github.com/Azure/azure-sdk-for-net/blob/Azure.Extensions.AspNetCore.DataProtection.Blobs_1.3.2/sdk/extensions/Azure.Extensions.AspNetCore.DataProtection.Blobs/README.md) | Allows storing ASP.NET Core DataProtection keys in Azure Blob Storage. | 1.3.2 |[MIT](https://github.com/Azure/azure-sdk-for-net/blob/master/LICENSE.txt) |
Expand All @@ -17,7 +17,7 @@ The below table lists the different .NET libraries used in Orchard Core:
| [Fluid.Core](https://github.com/sebastienros/fluid) | .NET Liquid template engine. | 2.5.0 | [MIT](https://github.com/sebastienros/fluid/blob/dev/LICENSE) |
| [GraphQL](https://github.com/graphql/graphiql) | GraphiQL & GraphQL. | 4.6.1 | [MIT](https://github.com/graphql/graphiql/blob/main/LICENSE) |
| [HtmlSanitizer](https://github.com/mganss/HtmlSanitizer) | Cleans HTML to avoid XSS attacks. | 8.1.812-beta | [MIT](https://github.com/mganss/HtmlSanitizer/blob/master/LICENSE.md) |
| [Image Sharp](https://github.com/SixLabors/ImageSharp.Web) | Middleware for ASP.NET-Core for image manipulation. | 3.1.0 |[Apache-2.0](https://github.com/SixLabors/ImageSharp.Web/blob/master/LICENSE) |
| [ImageSharp](https://github.com/SixLabors/ImageSharp.Web) | Middleware for ASP.NET-Core for image manipulation. | 3.1.2 |[Apache-2.0](https://github.com/SixLabors/ImageSharp.Web/blob/master/LICENSE) |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest merging this PR #15822 too

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's not applicable since those packages are only used in main.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While ImageSharp version is 3.1.2 I think it's updated recently, right?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I don't understand. Note that this is a patch release on top of 1.8.2. Anything done in main since that is intentionally not included.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Anything done in the main since that is intentionally not included.

I see, but how was the ImageShape version updated above, while it was merged last week #15767

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That PR was merged to main. This PR is not started from main, but release/1.8.3. We don't want to release main, since that contains a lot of stuff for 1.9 and it's not ready yet. We do want to release the two dependency updates in this PR ASAP and not wait for anything else, since they're security vulnerabilities. So, the update to the version of these needed to be done a second time here too.

| [Irony.Core](https://github.com/daxnet/irony) | A modified version of the Irony project with .NET Core support | 1.0.7 | [MIT](https://github.com/daxnet/irony/blob/master/LICENSE) |
| [Jint](https://github.com/sebastienros/jint) | Javascript Interpreter for .NET. | 3.0.0-beta-2058 | [MIT](https://github.com/sebastienros/jint/blob/dev/LICENSE) |
| [libphonenumber-csharp](https://github.com/twcclegg/libphonenumber-csharp) | .NET library for parsing, formatting, and validating international phone numbers | 8.13.27 | [Apache-2.0](https://github.com/twcclegg/libphonenumber-csharp/blob/main/LICENSE) |
Expand Down
Loading