feat: rewrite old release posts for more information

.github/workflows/build_deploy.yml

@@ -4,7 +4,6 @@ on:
   push:
     branches:
     - main
-    # - staging
   pull_request:
   repository_dispatch:
   workflow_dispatch:
@@ -22,50 +21,35 @@ concurrency:
   cancel-in-progress: false
 
 jobs:
-  # set_environment:
-  #   outputs:
-  #     my_env: ${{ steps.setenv.outputs.my_env }}
-  #     my_url: ${{ steps.setenv.outputs.my_url }}
-  #   runs-on: ubuntu-latest
-  #   steps:
-  #   - id: setenv
-  #     run: |
-  #       if [ "$GITHUB_REF" = "refs/heads/main" ]
-  #       then
-  #         echo "::set-output name=my_env::production"
-  #         echo "::set-output name=my_url::https://www.tebako.org"
-  #       elif [ "$GITHUB_REF" = "refs/heads/staging" ]
-  #       then
-  #         echo "::set-output name=my_env::staging"
-  #         echo "::set-output name=my_url::https://staging-www.tebako.org"
-  #       fi
 
   build:
     runs-on: ubuntu-latest
-    # needs: [set_environment]
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup Ruby
         uses: ruby/setup-ruby@v1
         with:
-          ruby-version: '3.1'
+          ruby-version: '3.3'
           bundler-cache: true
-          cache-version: 0 # Increment this number if you need to re-download cached gems
+
       - name: Setup Pages
         id: pages
-        uses: actions/configure-pages@v3
+        uses: actions/configure-pages@v5
+        with:
+          enablement: true
 
       - name: Build with Jekyll
         # Outputs to the './_site' directory by default
-        run: make _site
+        run: bundle exec jekyll build --verbose --trace --baseurl "${{ steps.pages.outputs.base_path }}"
         env:
           JEKYLL_ENV: production
+          JEKYLL_LOG_LEVEL: debug
 
       - name: Upload artifact
         # Automatically uploads an artifact from the './_site' directory by default
-        uses: actions/upload-pages-artifact@v2
+        uses: actions/upload-pages-artifact@v3
 
   # Deployment job
   deploy:
@@ -78,4 +62,4 @@ jobs:
     steps:
       - name: Deploy to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v2
+        uses: actions/deploy-pages@v4

.github/workflows/links.yml

@@ -4,43 +4,42 @@ on:
   push:
     branches:
     - main
-    - staging
   pull_request:
 
 jobs:
   link_checker:
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout
-      uses: actions/checkout@v4
+    - uses: actions/checkout@v4
 
-    - name: Setup Ruby
-      uses: ruby/setup-ruby@v1
+    - uses: ruby/setup-ruby@v1
       with:
-        ruby-version: '3.1'
+        ruby-version: '3.3'
         bundler-cache: true
-        cache-version: 0 # Increment this number if you need to re-download cached gems
+
     - name: Setup Pages
       id: pages
       uses: actions/configure-pages@v5
+      with:
+        enablement: true
 
     - name: Build with Jekyll
       # Outputs to the './_site' directory by default
-      run: make _site
+      run: bundle exec jekyll build --verbose --trace --baseurl "${{ steps.pages.outputs.base_path }}"
       env:
         JEKYLL_ENV: production
 
     - name: Link Checker
-      uses: lycheeverse/[email protected]
+      id: lychee
+      uses: lycheeverse/lychee-action@v2
       with:
-        args: --verbose --no-progress -- _site/**/*.html
+        args: --base _site/ --verbose --no-progress '_site/**/*.html'
         fail: true
-      env:
-        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
 
-      # - name: Create Issue From File
-      #   uses: peter-evans/create-issue-from-file@v2
-      #   with:
-      #     title: Link Checker Report
-      #     content-filepath: ./lychee/out.md
-      #     labels: report, automated issue
+    # - name: Create Issue From File
+    #   if: steps.lychee.outputs.exit_code != 0
+    #   uses: peter-evans/create-issue-from-file@v5
+    #   with:
+    #     title: Link Checker Report
+    #     content-filepath: ./lychee/out.md
+    #     labels: report, automated issue

_posts/2018-08-20-rnp-010-released.adoc

@@ -5,76 +5,204 @@ date:   2018-08-20 20:37:38 +0700
 categories: release
 authors:
   - name: Ronald Tse
+    email: [email protected]
+    social_links:
+      - https://github.com/ronaldtse
+  - name: Nickolay Olshevsky
     email: [email protected]
     social_links:
       - https://github.com/ni4
 excerpt: >-
-  After a year since it stemmed off NetPGP, the OpenPGP library
-  shares little code in common with its ancestor.
-  Enjoy new features, better performance, and better
-  compatibility with other implementations.
+  RNP has evolved into a powerful, modern OpenPGP library with
+  significant improvements in features, performance, and compatibility.
+  This release marks a major milestone in RNP's development,
+  delivering a robust and versatile cryptographic solution.
 redirect_from:
   - /blog/08-20-2018/rnp-010-released/
 ---
 
 :cpp: C++
 
+== What is RNP?
+
 Meet RNP, an https://datatracker.ietf.org/doc/html/rfc4880[RFC 4880]-compliant
-OpenPGP library written in {cpp}.
+OpenPGP library written in {cpp}. As a modern implementation of the OpenPGP standard,
+RNP provides a robust foundation for secure communications and data protection.
+
+=== Origins and development
+
+RNP was born at https://www.ribose.com[Ribose] and is continuously maintained under
+its initiative. While it originally stemmed from NetPGP, RNP has evolved significantly
+through a year of active development, resulting in a complete transformation of the
+codebase.
+
+=== Key improvements
+
+The development team has:
+
+* Thoroughly rewritten legacy code for modern systems
+* Resolved compatibility issues with GnuPG and other OpenPGP implementations
+* Enhanced performance across all operations
+* Added support for cutting-edge cryptographic features
+* Maintained strict RFC 4880 compliance
+
+=== Licensing benefits
+
+RNP stands out with its http://opensource.org/licenses/BSD-3-Clause[BSD 3-clause license],
+offering unique advantages for both academic and commercial projects:
 
-RNP was born at Ribose and is continuously maintained under its initiative.
+* Intentionally non-copyleft to enable broad integration options
 
-Originally stemmed from NetPGP, it now shares little in common with its
-ancestor after a year of active development. A thorough rewrite of legacy code,
-resolving compatibility issues with GnuPG and other implementations,
-with improved performance and added cutting-edge features.
+* Compatible with https://opensource.org/licenses/GPL-3.0[GPL],
+https://opensource.org/licenses/MPL-2.0[MPL],
+https://opensource.org/licenses/MIT[MIT], and most other open-source licenses
 
-RNP also differs from other implementations -- it is offered under a
-http://opensource.org/licenses/BSD-3-Clause[BSD 3-clause license],
-which means it is compatible for embedded distribution within GPL,
-MPL, MIT and most other open-source licenses, as well as being
-included in commercial binary distributions.
+* Suitable for commercial binary distributions
 
-Feel free to use RNP in your software!
+* Flexible embedding options in academic research and proprietary software
+
+* No reciprocal licensing requirements unlike copyleft licenses
+
+Whether you're developing research software, an open-source tool, or a
+commercial application, RNP provides a reliable, well-maintained OpenPGP
+implementation that you can freely integrate into your software without
+licensing constraints.
 
 
 == Getting started with RNP
 
-If you are deploying OpenPGP in a Ruby-based application,
-there are bindings
+RNP is both a library for direct integration into applications and a set of
+command-line tools. You can use it in several ways:
+
+=== As a library
+
+If you are developing a Ruby application, there are official bindings
 (see https://www.rubydoc.info/github/rnpgp/ruby-rnp[ruby-rnp RubyDocs]).
 
-Since RNP written in {cpp}, you can call it from Objective-C code,
-or with `ctypes` under Python.
+Since RNP is written in {cpp}, you can also integrate it directly into:
+
+* C/C++ applications
+* Objective-C code
+* Python applications using `ctypes`
 
-The RNP binaries `rnp` and `rnpkeys` can be installed via https://brew.sh[Homebrew]
-or YUM,
-with Debian packages coming next.
-You can use the binaries similarly to GnuPG's command-line tools
+=== As command-line tools
+
+The CLI tools `rnp` and `rnpkeys` can be installed via:
+
+* https://brew.sh[Homebrew] on macOS
+* YUM on RPM-based Linux distributions
+* Debian packages (coming soon)
+
+These tools provide similar functionality to GnuPG's command-line interface
 (see supported flags and use cases in the https://github.com/rnpgp/rnp[README]).
 
 
 == Why RNP?
+=== True library architecture
+
+RNP is designed as a proper library from the ground up, unlike GnuPG/GPGME which
+historically developed as a monolithic application (see
+https://news.ycombinator.com/item?id=5180217[GnuPG is not a library (2013)]).
+
+This architectural choice means you can easily integrate RNP into your
+applications without wrestling with process management or complex IPC
+mechanisms. The library provides clean APIs that allow direct integration at the
+code level.
+
+=== Extensive language support
+
+While RNP's core is written in {cpp}, it offers seamless integration across
+multiple programming languages. Official
+https://www.rubydoc.info/github/rnpgp/ruby-rnp[Ruby bindings] are available and
+actively maintained. Python and Go bindings are under development, making RNP
+accessible to a wider range of developers. Thanks to its {cpp} foundation, you
+can also integrate RNP into any environment that supports native code calling
+conventions.
+
+=== Optimized memory management
+
+Built with modern {cpp}, RNP implements efficient memory management that
+maintains a constant memory footprint even when processing large amounts of
+data. This makes it particularly suitable for environments with memory
+constraints or when handling large encrypted files. The implementation follows
+best practices for secure memory handling of cryptographic material.
+
+=== Comprehensive cipher support
+
+RNP stands out with its extensive cryptographic algorithm support, including
+unique implementation of the SM algorithm family - making it one of
+the few OpenPGP implementations suitable for deployment in mainland China. The
+SM series (including SM2, SM3, and SM4) meets Chinese national standards for
+cryptographic algorithms, opening opportunities for applications that need to
+comply with Chinese regulatory requirements.
+
+=== Active development and innovation
+
+The project maintains an active development cycle, focusing on implementing
+cutting-edge cryptographic features while ensuring backwards compatibility.
+Regular updates bring performance improvements, security enhancements, and
+support for new standards as they emerge. The development team actively engages
+with the community and responds to security considerations in the evolving
+cryptographic landscape.
+
+
+== Algorithm support in RNP
+
+RNP provides comprehensive support for various cryptographic algorithms, ensuring compatibility with different security requirements and standards.
+
+=== Symmetric encryption
+
+RNP implements a wide range of symmetric encryption algorithms, offering different security levels and performance characteristics:
+
+* https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm[IDEA] - A block cipher that was once used in early versions of PGP
+* https://en.wikipedia.org/wiki/Triple_DES[Triple DES] - A triple-application of the DES cipher, providing additional security over single DES
+* https://en.wikipedia.org/wiki/CAST-128[CAST5] - A block cipher offering good performance and security for legacy systems
+* https://en.wikipedia.org/wiki/Blowfish_(cipher)[Blowfish] - A fast block cipher suitable for environments with limited resources
+* https://en.wikipedia.org/wiki/Advanced_Encryption_Standard[AES] variants (128, 192, 256-bit) - The current industry standard for symmetric encryption
+* https://en.wikipedia.org/wiki/Twofish[Twofish] - A highly secure alternative to AES, offering excellent performance
+* https://en.wikipedia.org/wiki/Camellia_(cipher)[Camellia] variants (128, 192, 256-bit) - A cipher widely used in Japan and compatible with many international standards
+* https://en.wikipedia.org/wiki/SM4_(cipher)[SM4] - The Chinese national standard block cipher, essential for applications requiring Chinese regulatory compliance
+
+=== Symmetric encryption modes
+
+RNP supports multiple encryption modes that provide different security properties:
 
-* It is a proper library, in contrast to GnuPG/GPGME (see https://news.ycombinator.com/item?id=5180217[GnuPG is not a library (2013)]).
+* CFB (Cipher Feedback) - A traditional mode that converts block ciphers into stream ciphers
+* AEAD-EAX - An authenticated encryption mode providing both confidentiality and authenticity
+* AEAD-OCB - A high-performance authenticated encryption mode offering parallel processing capabilities
 
-* Ruby bindings are available with Python & Go bindings in the works, and you can use it wherever you can call {cpp} code.
+=== Hash functions
 
-* Implemented in {cpp} and offers constant memory footprint with large amounts of data.
+RNP implements various cryptographic hash functions for different use cases:
 
-* It offers comprehensive cipher support, including (uniquely) the SM algorithm family -- a desirable feature if you deploy cryptography in mainland Chinese market.
+* MD5 - While cryptographically broken, maintained for legacy compatibility
+* SHA1 - Maintained for backwards compatibility with older systems
+* https://en.wikipedia.org/wiki/RIPEMD[RIPEMD160] - A hash function developed in Europe as an open alternative
+* SHA-2 family (SHA-224, SHA-256, SHA-384, SHA-512) - The current industry standard hash functions providing different security levels
+* https://en.wikipedia.org/wiki/SM3_(hash_function)[SM3] - The Chinese national standard hash function, required for Chinese market compliance
 
-* Active development and focused on adding cutting-edge features.
+=== Asymmetric cryptography
 
+RNP supports a comprehensive set of public-key algorithms:
 
-== Which algorithms does RNP support?
+* https://en.wikipedia.org/wiki/RSA_(cryptosystem)[RSA] - The widely-used public-key cryptosystem for encryption and digital signatures
+* https://en.wikipedia.org/wiki/ElGamal_encryption[ElGamal] - An asymmetric algorithm particularly useful for encryption operations
+* https://en.wikipedia.org/wiki/Digital_Signature_Algorithm[DSA] - The Digital Signature Algorithm, including support for key sizes beyond 1024 bits (DSA2)
+* https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm[ECDSA]/ECDH - Elliptic curve cryptography offering strong security with shorter key lengths
+* https://en.wikipedia.org/wiki/EdDSA[EdDSA] - Modern elliptic curve signatures providing high security and performance
+* https://datatracker.ietf.org/doc/html/draft-openpgp-oscca-02[SM2] - The Chinese national standard for public-key cryptography, essential for Chinese market compliance
 
-The following ciphers, encryption modes and hash functions are supported:
 
-* Symmetric: IDEA, Triple DES, CAST5, Blowfish, AES-128, AES-192, AES-256, Twofish, Camellia-128, Camellia-192, Camellia-256, SM4
+== Summary
 
-* Symmetric encryption modes: CFB, AEAD-EAX, AEAD-OCB
+RNP stands out as a unique solution in the OpenPGP ecosystem by combining:
 
-* Hash: MD5, SHA1, RIPEMD160, SHA-256, SHA-384, SHA-512, SHA-224, SM3
+* True library architecture enabling direct integration without IPC overhead
+* High-performance implementation in modern {cpp}
+* BSD 3-clause license allowing both open-source and commercial use
+* Comprehensive algorithm support including Chinese SM standards
+* Active development with regular updates and security improvements
 
-* Asymmetric: RSA, ElGamal, DSA, so-called DSA2 (i.e. DSA with keys larger then 1024 bits), ECDSA/ECDH (with some subset of curves which later on will be expanded), EdDSA, SM2.
+Whether you're building an open-source tool or a commercial application, RNP
+offers a reliable, high-performance OpenPGP implementation that seamlessly
+integrates into your software stack.