mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-09 17:38:00 +00:00
172 lines
6.5 KiB
Plaintext
172 lines
6.5 KiB
Plaintext
|
Checklists for PuTTY administrative procedures
|
||
|
==============================================
|
||
|
|
||
|
Locations of the licence
|
||
|
------------------------
|
||
|
|
||
|
The PuTTY copyright notice and licence are stored in quite a few
|
||
|
places. At the start of a new year, the copyright year needs
|
||
|
updating in all of them; and when someone sends a massive patch,
|
||
|
their name needs adding in all of them too.
|
||
|
|
||
|
The LICENCE file in the main source distribution:
|
||
|
|
||
|
- putty/LICENCE
|
||
|
|
||
|
The resource files:
|
||
|
|
||
|
- putty/pageant.rc
|
||
|
+ the copyright date appears twice, once in the About box and
|
||
|
once in the Licence box. Don't forget to change both!
|
||
|
- putty/puttygen.rc
|
||
|
+ the copyright date appears twice, once in the About box and
|
||
|
once in the Licence box. Don't forget to change both!
|
||
|
- putty/win_res.rc
|
||
|
+ the copyright date appears twice, once in the About box and
|
||
|
once in the Licence box. Don't forget to change both!
|
||
|
- putty/mac/mac_res.r
|
||
|
|
||
|
The documentation (both the preamble blurb and the licence appendix):
|
||
|
|
||
|
- putty/doc/blurb.but
|
||
|
- putty/doc/licence.but
|
||
|
|
||
|
The website:
|
||
|
|
||
|
- putty-website/licence.html
|
||
|
|
||
|
Before tagging a release
|
||
|
------------------------
|
||
|
|
||
|
For a long time we got away with never checking the current version
|
||
|
number into CVS at all - all version numbers were passed into the
|
||
|
build system on the compiler command line, and the _only_ place
|
||
|
version numbers showed up in CVS was in the tag information.
|
||
|
|
||
|
Unfortunately, those halcyon days are gone, and we do need the
|
||
|
version number in CVS in a couple of places. These must be updated
|
||
|
_before_ tagging a new release.
|
||
|
|
||
|
The file used to generate the Unix snapshot version numbers (which
|
||
|
are <previousrelease>-<date> so that the Debian versioning system
|
||
|
orders them correctly with respect to releases):
|
||
|
|
||
|
- putty/LATEST.VER
|
||
|
|
||
|
And the Windows installer script:
|
||
|
|
||
|
- putty/putty.iss
|
||
|
|
||
|
The actual release procedure
|
||
|
----------------------------
|
||
|
|
||
|
This is the procedure I (SGT) currently follow (or _should_ follow
|
||
|
:-) when actually making a release, once I'm happy with the position
|
||
|
of the tag.
|
||
|
|
||
|
- Write a release announcement (basically a summary of the changes
|
||
|
since the last release). Squirrel it away in
|
||
|
ixion:src/putty/local/announce-<ver> in case it's needed again
|
||
|
within days of the release going out.
|
||
|
|
||
|
- On my local machines, check out the release-tagged version of the
|
||
|
sources.
|
||
|
|
||
|
- Build the Windows/x86 release binaries. Don't forget to supply
|
||
|
VER=/DRELEASE=<ver>. Run them, or at least one or two of them, to
|
||
|
ensure that they really do report their version number correctly.
|
||
|
|
||
|
- Acquire the Windows/alpha release binaries from Owen.
|
||
|
+ Verify the snapshot-key signatures on these, to ensure they're
|
||
|
really the ones he built. If I'm going to snapshot-sign a zip
|
||
|
file I make out of these, I'm damn well going to make sure the
|
||
|
binaries that go _into_ it were snapshot-signed themselves.
|
||
|
|
||
|
- Run Halibut to build the docs.
|
||
|
|
||
|
- Build the .zip files.
|
||
|
+ The binary archive putty.zip just contains all the .exe files
|
||
|
except PuTTYtel, and the .hlp and .cnt files.
|
||
|
+ The source archive putty-src.zip is built by puttysnap.sh (my
|
||
|
cron script that also builds the nightly snapshot source
|
||
|
archive).
|
||
|
+ The docs archive puttydoc.zip contains all the HTML files
|
||
|
output from Halibut.
|
||
|
|
||
|
- Build the installer.
|
||
|
|
||
|
- Sign the release (gpg --detach-sign).
|
||
|
+ Sign the locally built x86 binaries, the locally built x86
|
||
|
binary zipfile, and the locally built x86 installer, with the
|
||
|
release keys.
|
||
|
+ The Alpha binaries should already have been signed with the
|
||
|
snapshot keys. Having checked that, sign the Alpha binary
|
||
|
zipfile with the snapshot keys too.
|
||
|
+ The source archive should be signed with the release keys.
|
||
|
This was the most fiddly bit of the last release I did: the
|
||
|
script that built the source archive was on ixion, so I had to
|
||
|
bring the archive back to my local machine, check everything
|
||
|
in it was untampered-with, and _then_ sign it. Perhaps next
|
||
|
time I should arrange that puttysnap.sh can run on my local
|
||
|
box; it'd be a lot easier.
|
||
|
+ Don't forget to sign with both DSA and RSA keys for absolutely
|
||
|
everything.
|
||
|
|
||
|
- Begin to pull together the release directory structure.
|
||
|
+ subdir `x86' containing the x86 binaries, x86 binary zip, x86
|
||
|
installer, and all signatures on the above.
|
||
|
+ subdir `alpha' containing the Alpha binaries, Alpha binary
|
||
|
zip, and all signatures on the above.
|
||
|
+ top-level dir contains the source zip (plus signatures),
|
||
|
puttydoc.txt, the .hlp and .cnt files, and puttydoc.zip.
|
||
|
|
||
|
- Create and sign md5sums files: one in the x86 subdir, one in the
|
||
|
alpha subdir, and one in the parent dir of both of those.
|
||
|
+ The md5sums files need not list the .DSA and .RSA signatures,
|
||
|
and the top-level md5sums need not list the other two.
|
||
|
+ Sign the md5sums files (gpg --clearsign). The Alpha md5sums
|
||
|
should be signed with the snapshot keys, but the other two
|
||
|
with the release keys (yes, the top-level one includes some
|
||
|
Alpha files, but I think people will understand).
|
||
|
|
||
|
- Now double-check by verifying all the signatures on all the
|
||
|
files.
|
||
|
|
||
|
- Create subdir `htmldoc' in the release directory, which should
|
||
|
contain exactly the same set of HTML files that went into
|
||
|
puttydoc.zip.
|
||
|
|
||
|
- Now the whole release directory should be present and correct.
|
||
|
Upload to ixion:www/putty/<ver>, upload to
|
||
|
chiark:ftp/putty-<ver>, and upload to the:www/putty/<ver>.
|
||
|
|
||
|
- Update the HTTP redirects.
|
||
|
+ Update the one at the:www/putty/htaccess which points the
|
||
|
virtual subdir `latest' at the actual latest release dir. TEST
|
||
|
THIS ONE - it's quite important.
|
||
|
+ ixion:www/putty/.htaccess has an individual redirect for each
|
||
|
version number. Add a new one.
|
||
|
|
||
|
- Update the FTP symlink (chiark:ftp/putty-latest -> putty-<ver>).
|
||
|
|
||
|
- Update web site.
|
||
|
+ Adjust front page (`the latest version is <ver>').
|
||
|
+ Adjust filename of installer on links in Download page.
|
||
|
+ Adjust header text on Changelog page. (That includes changing
|
||
|
`are new' in previous version to `were new'!)
|
||
|
|
||
|
- Check the Docs page links correctly to the release docs. (It
|
||
|
should do this automatically, owing to the `latest' HTTP
|
||
|
redirect.)
|
||
|
|
||
|
- Check that the web server attaches the right content type to .HLP
|
||
|
and .CNT files.
|
||
|
|
||
|
- Announce the release!
|
||
|
+ Mail the announcement to putty-announce.
|
||
|
+ Post it to comp.security.ssh.
|
||
|
+ Mention it in <TDHIS> on mono.
|
||
|
|
||
|
- All done. Probably best to run `cvs up -A' now, or I'll only
|
||
|
forget in a few days' time and get confused...
|