-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Shipping a new release
Only core w3af developers and package maintainers (like Debian, Fedora, FreeBSD package maintainers) will find this section useful, these are the main steps that we'll go through:
- Run initial
git flowcommands to merge the corresponding branches - Set release w3af's version
- Update the CHANGELOG file
- Create the source code documentation using Sphinx
- Run the make_bz2.sh script that will create the bz2 file from the tag
- Upload the files to w3af.org
- Run final
git flowcommands - Community tasks related to a release
Setting the version is a two step process. First you want to make sure that the tag has the version it's supposed to have (rc4 in this example) and then you want to set the master's version to the next planned release. In the first step go to the trunk and edit trunk/core/controllers/misc/get_w3af_version.py file and change this section:
res = 'w3af - Web Application Attack and Audit Framework'
res += '\nVersion: 1.0-rc5'
if revision != -1:
res += ' (from SVN server)'
res += '\nRevision: ' + str(revision)
So it points to the next release. Then, go to tags/1.0-rc4/core/controllers/misc/get_w3af_version.py and make sure it says rc4.
While updating the CHANGELOG file might seem like a very bureaucratic task, we need to perform this in order to give visibility to our work and inform new users about the project's activity. The file that we need to edit is in "readme/CHANGELOG". If possible, please follow this template:
(10 Jan 2011) 1.0 - release candidate 5
==========================================
* Using bloom filters instead of disk_list: increased performance ~15%
* Fixed most of the bugs that cause w3afMustStopExceptions
* Updated XML output plugin
* Added doctests and unittests with pymock
* Updated all scripts in order to pass the ./w3af_console -t test
* Added new plugin to measure the number of hops for port 80 vs 443
Details can be found by reading all issues at these Github milestones:
* https://github.com/andresriancho/w3af/issues?milestone=2&state=open
* https://github.com/andresriancho/w3af/issues?milestone=3&state=open
Creating the '''git tag''' is easy, just run the following command replacing 1.0-rc4 with the correct version.
git tag -a v1.4 -m "Tagging the 1.0-rc4 release of the 'w3af' project."
This will create a tag for the current working copy, you can list all the tags in a repository using git tag.
- Run Sphinx
- Upload the generated code to w3af.org
Create the bz2 package:
cd ~/w3af/extras/pkg-generation/
./make_bz2.sh 1.0-rc4
After running this command we have a new file named "w3af-1.0-rc4.tar.bz2" in the "pkg-generation" directory. We recommend you to copy this file to "/tmp/", extract it, and run w3af at least once before you upload it to w3af.org.
Create the Windows installer following this guide.
scp w3af-v1.5.bz2 [email protected]:/var/www/...
scp w3af-v1.5.bz2.md5 [email protected]:/var/www/...And update the downloads page.
Let the community know about this new release!
- Send an email to w3af-users and w3af-develop
- Create a new blog entry to http://www.w3af.org/
- Send an email to full-disclosure
- Tweet about it