Week 41, October 2022

.github/workflows/ci.yaml

@@ -204,3 +204,34 @@ jobs:
     steps:
       - name: HTTP request
         run: curl -sS "http://nivlheim-test.uio.no/hook.pl?commit=${GITHUB_SHA}&branch=${GITHUB_REF_NAME}"
+
+  release:
+    if: ${{ github.ref == 'refs/heads/master' }}
+    name: Tag and release
+    needs: [test-scripts]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 50
+      - name: Create a version tag
+        id: tagstep
+        uses: salsify/action-detect-and-tag-new-version@v2
+        with:
+          version-command: cat VERSION
+      - name: Generate changelog
+        if: steps.tagstep.outputs.tag != ''
+        id: changelog
+        uses: jaywcjlove/changelog-generator@main
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          filter: '[R|r]elease[d]\s+[v|V]\d(\.\d+){0,2}'
+      - name: Create a new release
+        if: steps.tagstep.outputs.tag != ''
+        uses: softprops/action-gh-release@v1
+        with:
+          body: ${{ steps.changelog.outputs.changelog }}
+          draft: false
+          prerelease: false
+          tag_name: ${{ steps.tagstep.outputs.tag }}
+          generate_release_notes: true

VERSION

@@ -1 +1 @@
-2.7.14
+2.7.15

client/nivlheim_client

@@ -67,7 +67,7 @@ my $NAME    = 'nivlheim_client';
 my $AUTHOR  = 'Øyvind Hagberg';
 my $CONTACT = '[email protected]';
 my $RIGHTS  = 'USIT/IT-DRIFT/GD/GID, University of Oslo, Norway';
-my $VERSION = '2.7.14';
+my $VERSION = '2.7.15';
 
 # Usage text
 my $USAGE = <<"END_USAGE";

client/windows/nivlheim_client.ps1

@@ -31,7 +31,7 @@ param(
 	[bool]$nosleep = $false
 )
 
-Set-Variable version -option Constant -value "2.7.14"
+Set-Variable version -option Constant -value "2.7.15"
 Set-Variable useragent -option Constant -value "NivlheimPowershellClient/$version"
 Set-PSDebug -strict
 Set-StrictMode -version "Latest"	# http://technet.microsoft.com/en-us/library/hh849692.aspx

debian/changelog

@@ -1,8 +1,8 @@
-nivlheim (2.7.14-1) buster; urgency=low
+nivlheim (2.7.15-1) buster; urgency=low
 
   * Upstream changes, no changes in the client
 
- -- Øyvind Hagberg <[email protected]>  Fri, 16 Sep 2022 15:59:00 +0200
+ -- Øyvind Hagberg <[email protected]>  Mon, 10 Oct 2022 13:55:00 +0200
 
 nivlheim (2.7.13-1) buster; urgency=low
 

server/httpd.conf

@@ -91,6 +91,9 @@ Header set Strict-Transport-Security "max-age=3600"
 Header set Content-Security-Policy "default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; upgrade-insecure-requests"
 Header set X-Frame-Options "deny"
 
+# Prevent Cross Site Tracing attacks. See also: https://owasp.org/www-community/attacks/Cross_Site_Tracing
+TraceEnable off
+
 #
 # ServerAdmin: Your address, where problems with the server should be
 # e-mailed.  This address appears on some server-generated pages, such