From 8af6636f96fabf4141d17a340d47a049002d92ae Mon Sep 17 00:00:00 2001 From: Kortanul Date: Thu, 16 Aug 2018 20:58:27 -0400 Subject: [PATCH] [13.5.x] Update Readme --- README.md | 84 +++++++++++++++++++++++++++---------------------------- 1 file changed, 41 insertions(+), 43 deletions(-) diff --git a/README.md b/README.md index a307ff57d5..3e68ccf9fd 100644 --- a/README.md +++ b/README.md @@ -1,75 +1,73 @@ -# wren:AM +# Wren:AM +[Wiki](https://github.com/WrenSecurity/wrenam/wiki) \| +[Google Groups **Mailing List**](https://groups.google.com/forum/#!forum/wren-security) \| +[Gitter **Chat**](https://gitter.im/WrenSecurity/Lobby) +[![CDDL-licensed](https://img.shields.io/badge/license-CDDL-blue.svg)](license) +[![Build Status](https://semaphoreci.com/api/v1/wrensecurity/wrenam/branches/sustaining-13-5-x/badge.svg)](https://semaphoreci.com/wrensecurity/wrenam) +[![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/WrenSecurity/wrenam.svg)](http://isitmaintained.com/project/WrenSecurity/wrenam "Average time to resolve an issue") +[![Percentage of issues still open](http://isitmaintained.com/badge/open/WrenSecurity/wrenam.svg)](http://isitmaintained.com/project/WrenSecurity/wrenam "Percentage of issues still open") -[![Gitter chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/WrenSecurity/Lobby) - -wren:AM is a CDDL-licensed, community fork of ForgeRock's OpenAM product (which in turn was a fork of Sun's / Oracle's OpenSSO). Though our project originated with code that ForgeRock, Oracle and Sun previously released, we are not affiliated with them in any way. +Wren:AM is a CDDL-licensed, community fork of ForgeRock's OpenAM product. Though our project originated with code that ForgeRock previously released, we are not affiliated with ForgeRock in any way. ForgeRock no longer releases any of the most recent versions of their software under an open-source license. ForgeRock’s “Community Edition” versions are much older versions then their commercial offerings. Join our community for the latest and greatest. -See [wrensecurity.org](http://wrensecurity.org/) for more information or join us on [Gitter](https://gitter.im/WrenSecurity/Lobby) and have a chat with us! - -## sustaining/13.5 branch - -This branch, the `sustaining/13.5` branch, is a stable branch intended primarily for bug and security fixes. +See [wrensecurity.org](https://wrensecurity.org/) and [timeforafork.com](http://www.timeforafork.com/) for more information. -## Building wren:AM - -In order to build wren:AM from source you need the following software installed: +## Preparing Your Build Environment +In order to build Wren:AM from source you need the following software installed: * Java (OpenJDK) >= 1.7 * Apache Maven >= 3.1.0 -Because the fork is still young and we are still working on rebranding all the group ID's are still set to `org.forgerock`. It is advised to clear out your Maven artifact cache (`~/.m2/repository`) before building. Failing to do so will likely cause problems with non-wren artifacts being used which in turn will cause build failures. +## About This Branch (`sustaning/13.5.x`) +The `sustaining/13.5.x` branch is a stable branch, intended for bug and security fixes against versions of Wren:AM that were originally part of ForgeRock's OpenAM 13.5.0 half-point release. The code in this release was provided to subscribers through [ForgeRock Backstage](https://backstage.forgerock.com) under the CDDL license. -wren:AM can be build with the following command: +## Building Wren:AM +Wren:AM is fully buildable from source. -``` -$ mvn -Dignore-artifact-sigs clean install -``` +**If you have previously built OpenAM or other ForgeRock products from source, you are strongly encouraged to clear your local `~/.m2/repository` before building Wren:AM for the first time.** -We are working towards having all dependencies in wren:AM signed to make the use of decencies verifiable. However while this effort is still underway it is currently not complete yet. Therefor the signature check must be disabled by supplying the `-Dignore-artifact-sigs` flag to Maven. +This step is necessary because Wren artifacts in this version of AM have the same Maven artifact IDs that ForgeRock originally used for the corresponding artifacts, but our copies contain modifications to source from our Maven repositories. This was necessary because ForgeRock's repositories are no longer publicly accessible. -## Contributing - -Contributing to wren:AM is easy! Just create a GitHub pull request! - -We do however ask that you run the `precommit` Maven profile which checks your code style among things. +After clearing your local repository of conflicting ForgeRock artifacts, clone the `wrenam` repository and checkout the `sustaining/13.5.x` branch: ``` -$ mvn clean install -P precommit +$ git clone -b sustaining/13.5.x https://github.com/WrenSecurity/wrenam.git +$ cd wrenam +$ mvn clean install ``` -Some legacy code will fail, so if you are modifying an existing module you should run this profile before modifying the code, and then run the profile again after modifications to ensure the number of reported issues has not increased. +## How and Why to Contribute +Contributing to Wren:AM is easy! Please review our [contributor guidelines](https://github.com/WrenSecurity/wrensec-docs/wiki/Contributor-Guidelines). -## Authors +By contributing, you are helping to shape Wren:AM to meet your needs. Your contributions make the product more secure, more robust, and more flexible -- for your needs now, and other's needs in the future. If you find a bug, or have an enhancement request, consider contributing toward a solution. Every PR helps. -See the list of [contributors][contributors] who participated in this project. +## Past and Current Contributors +Wren:AM is a joint effort between _developers like you_, and the following Wren Security member organizations: +- [Orchitech Solutions, s.r.o.](https://orchi.tech/) -## License +See the full list of [contributors](https://github.com/WrenSecurity/wrenam/graphs/contributors) who have participated in this project so far. +## License This project is licensed under the Common Development and Distribution License (CDDL). The following text applies to both this file, and should also be included in all files in the project: -> The contents of this file are subject to the terms of the Common Development -> and Distribution License (the License). You may not use this file except in -> compliance with the License. -> You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License -> for the specific language governing permission and limitations under the -> License. +> The contents of this file are subject to the terms of the Common Development and Distribution License (the License). +> You may not use this file except in compliance with the License. > -> When distributing Covered Software, include this CDDL Header Notice in each -> file and include the License file at legal/CDDLv1.0.txt. If applicable, add -> the following below the CDDL Header, with the fields enclosed by brackets [] -> replaced by your own identifying information: "Portions copyright [year] -> [name of copyright owner]". +> You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the specific language governing +> permission and limitations under the License. > -> Copyright 2017 Wren Security. +> When distributing Covered Software, include this CDDL Header Notice in each file and include the License file at +> legal/CDDLv1.0.txt. If applicable, add the following below the CDDL Header, with the fields enclosed by brackets [] +> replaced by your own identifying information: "Portions copyright [year] [name of copyright owner]". +> +> Copyright 2017-2018 Wren Security. ## Acknowledgments - -The WrenSecurity community acknowledges the contributions made to the original OpenSSO and OpenAM products on which Wren:AM is based by the following organisations: +The Wren Security team acknowledges the contributions made to the original OpenSSO and OpenAM products on which Wren:AM is based by the following organizations: * Sun Microsystems * Oracle * ForgeRock -Although the WrenSecurity community acknowledges their contributions the above organisations are in no way affiliated with the WrenSecurity community, Wren:AM or any other WrenSecurity product. +Although the Wren Security team acknowledges their contributions, the above organizations are in no way affiliated with Wren Security, Wren:AM, or any other Wren Security project.