diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md index ffafbae..e2f8009 100644 --- a/DEVELOPMENT.md +++ b/DEVELOPMENT.md @@ -53,6 +53,16 @@ Typical workflow: 3. When ready for release, `dev` is merged into `source`. 4. CI builds the script and pushes it to `master` for production. +## Versioning + +The project follows semantic versioning in the format `X.Y.Z`: + +- **X** = the current year, in `YY` format. +- **Y** = the number of CVEs supported by the script, which corresponds to the number of files under `src/vulns/`. +- **Z** = `MMDDVAL`, where `MMDD` is the UTC build date and `VAL` is a 3-digit value (000–999) that increases monotonically throughout the day, computed as `seconds_since_midnight_UTC * 1000 / 86400`. + +The version is patched automatically by `build.sh` into the `VERSION=` variable of the assembled script. The source file (`src/libs/001_core_header.sh`) carries a placeholder value that is overwritten at build time. + ## Linting and Testing ```bash diff --git a/build.sh b/build.sh index 073d2f0..97eab60 100755 --- a/build.sh +++ b/build.sh @@ -46,4 +46,15 @@ for pattern in $SECTIONS; do done >"$OUTPUT" chmod +x "$OUTPUT" -echo "Assembled $OUTPUT ($(wc -l <"$OUTPUT") lines)" + +# Patch VERSION= with semantic version: X.Y.Z +# X=YY, Y=number of CVE files in src/vulns/, Z=MMDDVAL +# VAL is a 3-digit (000-999) value derived from seconds since midnight UTC +cve_count=$(find "$SRCDIR/vulns" -maxdepth 1 -name '*.sh' -type f | wc -l | tr -d ' ') +epoch=$(date -u +%s) +secs_since_midnight=$((epoch % 86400)) +val=$(printf '%03d' $((secs_since_midnight * 1000 / 86400))) +version="$(date -u +%y).${cve_count}.$(date -u +%m%d)${val}" +sed -i "s/^VERSION=.*/VERSION='${version}'/" "$OUTPUT" + +echo "Assembled $OUTPUT ($(wc -l <"$OUTPUT") lines, version $version)" diff --git a/src/libs/001_core_header.sh b/src/libs/001_core_header.sh index bd197e3..6c3de60 100644 --- a/src/libs/001_core_header.sh +++ b/src/libs/001_core_header.sh @@ -13,7 +13,7 @@ # # Stephane Lesimple # -VERSION='0.46+' +VERSION='1.0.0' # --- Common paths and basedirs --- readonly VULN_SYSFS_BASE="/sys/devices/system/cpu/vulnerabilities"