How‐to Create a SAF CLI Release

Important

If a Draft Release isn't available, it is because there hasn't been any human content (PR's) pushed to the repository or the dependabot has not made any updates to the Draft Release. Verify the Actions and ensure that all dependabot actions have executed successfully.

---

Tip

Executing Step 1 is conducted via the appropriate script, if executing the release in a Darwin or Linux platform use the release-prep.sh script, if using a Windows platform use the release-pre.sh1. The scripts are located at the root of the repository.

STEPS:

1. Run the appropriate script that prepares the repository for a release. The following are performed:
   • Retrieve the latest main content
   • Bump the SAF CLI version number in the package.json file (version tag)
   • Update MITRE dependencies to latest versions
   • Installs all supporting modules (removes if previously installed)
   • Build and run all tests
   • Add unstaged files to the staging area (package.json) or any other file with the modified flag (M) set
   • Commit previously staged files with 'signoff' tag (new version number)
   • Tag the commit with new release version
   • Push and updated the repository three references (new version number)

Manually Execute Step 1

a. Make sure you're on the most recent commit on the SAF CLI by running `git pull`.
b. Bump the SAF CLI version number in the `VERSION` file and `package.json`
  - It is a good idea to manually check and update the version of any `@mitre`  dependencies in the `package.json` file.
c. Run `npm install`
d. Validate the build and unit tests
  - Run `npm pack`
  - Does a fresh build, checks for type issues, etc.
  - Run `npm run test`
e. Add these changes, commit this change, associate a version tag with the commit (for example, "1.0.0"), and push them up
  - `git add` the relevant files ***(Do not add the .tgz file that may have been created by the `npm run prepack` step)***
  - `git commit -sm "[version]"`
  - `git tag -am "brief description of change" [version]`
  - `git push --atomic origin main [version]`

2. Github actions will fire to produce executable versions of the SAF CLI for several OSes. Wait for the workflows for the macOS builds (.pkg), Windows builds (.exe), Apt-based build (.deb) and Dnf-based builds (.rpm) to finish. Download, and unzip the artifacts (local directory):
   • Mac OS (zip file containing the following)
     • saf-v[version]-x64.pkg
     • saf-v[version]-arm64.pkg
   • Windows (individual downloads - not zipped)
     • saf-v[version]-x64.exe
     • saf-v[version]-x86.exe
   • APT-based distros like Debian (zip file containing the following)
     • saf-v[version]-amd64.deb
     • saf-v[version]-arm64.deb
     • saf-v[version]-armel.deb
   • DNF-based distros like RHEL (single file)
     • saf-v[version]-noarch.rpm
3. Go to the SA CLI GitHub Releases page
   • click on the Draft release edit button
   • Make sure that the appropriate tag number is selected
4. Associate the tags with the drafted release (Combine all updates, except for "## Dependency Updates", under a "## What's New" section in the description)
5. Attach the aforementioned, renamed artifacts to the draft release (Note: Attaching files using the drag and drop feature is much slower than attaching files by clicking on the link directly to upload files)
6. Make sure that the is selected
7. Publish release
8. Wait for push-to-npm on release to complete
9. Update the SAF Github Action Dependency by creating a release:
   • Follow SAF Action Release instructions
10. Validate that the Homebrew Formula at https://github.com/mitre/homebrew-saf was automatically updated
    • The Formula directory should have been updated by saf-cli <X.X.X>, where <X.X.X> is the current SAF CLI Tag number