1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 09:27:59 +00:00
putty-source/CHECKLST.txt

234 lines
8.9 KiB
Plaintext
Raw Normal View History

Checklists for PuTTY administrative procedures
==============================================
Locations of the licence
------------------------
The PuTTY copyright notice and licence are stored in quite a few
places. At the start of a new year, the copyright year needs
updating in all of them; and when someone sends a massive patch,
their name needs adding in all of them too.
The LICENCE file in the main source distribution:
- putty/LICENCE
The resource files:
- putty/pageant.rc
+ the copyright date appears twice, once in the About box and
once in the Licence box. Don't forget to change both!
- putty/puttygen.rc
+ the copyright date appears twice, once in the About box and
once in the Licence box. Don't forget to change both!
- putty/win_res.rc
+ the copyright date appears twice, once in the About box and
once in the Licence box. Don't forget to change both!
- putty/mac/mac_res.r
- putty/unix/gtkdlg.c
+ the copyright date appears twice, once in the About box and
once in the Licence box. Don't forget to change both!
The documentation (both the preamble blurb and the licence appendix):
- putty/doc/blurb.but
- putty/doc/licence.but
The website:
- putty-website/licence.html
Before tagging a release
------------------------
- First of all, go through the source and remove anything tagged
with a comment containing the word XXX-REMOVE-BEFORE-RELEASE.
For a long time we got away with never checking the current version
number into CVS at all - all version numbers were passed into the
build system on the compiler command line, and the _only_ place
version numbers showed up in CVS was in the tag information.
Unfortunately, those halcyon days are gone, and we do need the
version number in CVS in a couple of places. These must be updated
_before_ tagging a new release.
The file used to generate the Unix snapshot version numbers (which
are <previousrelease>-<date> so that the Debian versioning system
orders them correctly with respect to releases):
- putty/LATEST.VER
The Windows installer script:
- putty/putty.iss
The Mac resource file (used to generate the binary bit of the 'vers'
resources -- the strings are supplied by the usual means):
- putty/mac/version.r
It might also be worth going through the documentation looking for
version numbers - we have a couple of transcripts showing the help
text from the command-line tools, and it would be nice to ensure the
whole transcripts (certainly including the version numbers) are up
to date.
- putty/doc/pscp.but
- putty/doc/plink.but
- putty/doc/psftp.but (in case it ever acquires a similar thing)
The actual release procedure
----------------------------
This is the procedure I (SGT) currently follow (or _should_ follow
:-) when actually making a release, once I'm happy with the position
of the tag.
- Double-check that we have removed anything tagged with a comment
containing the word XXX-REMOVE-BEFORE-RELEASE.
- Write a release announcement (basically a summary of the changes
since the last release). Squirrel it away in
ixion:src/putty/local/announce-<ver> in case it's needed again
within days of the release going out.
- On my local machines, check out the release-tagged version of the
sources. Do this in a _clean_ directory; don't depend on my usual
source dir.
+ Make sure to run mkfiles.pl _after_ this checkout, just in
case.
- Build the source archives now, while the directory is still
pristine.
+ run ./mksrcarc.sh to build the Windows source zip.
+ run `./mkunxarc.sh X.YZ' to build the Unix tarball.
- Build the Windows/x86 release binaries. Don't forget to supply
VER=/DRELEASE=<ver>. Run them, or at least one or two of them, to
ensure that they really do report their version number correctly.
+ Save the release link maps. Currently I keep these on ixion,
in src/putty/local/maps-<version>.
- Acquire the Windows/alpha release binaries from Owen.
+ Verify the signatures on these, to ensure they're really the
ones he built. If I'm going to sign a zip file I make out of
these, I'm damn well going to make sure the binaries that go
_into_ it are signed themselves.
+ Make sure Owen has kept the Alpha release link maps somewhere
useful.
- Run Halibut to build the docs.
- Build the binary archives putty.zip (one for each architecture):
each one just contains all the .exe files except PuTTYtel, and
the .hlp and .cnt files.
+ zip -k putty.zip `ls *.exe | grep -v puttytel` putty.hlp putty.cnt
+ same again for Alpha.
- Build the docs archive puttydoc.zip: it contains all the HTML
files output from Halibut.
+ zip puttydoc.zip *.html
- Build the installer.
- Sign the release (gpg --detach-sign).
+ Sign the locally built x86 binaries, the locally built x86
binary zipfile, and the locally built x86 installer, with the
release keys.
+ The Alpha binaries should already have been signed with the
release keys. Having checked that, sign the Alpha binary
zipfile with the release keys too.
+ The source archive should be signed with the release keys.
+ Don't forget to sign with both DSA and RSA keys for absolutely
everything.
for i in <filenames>; do for t in DSA RSA; do gpg --load-extension=idea --detach-sign -u "Releases ($t)" -o $i.$t $i; done; done
- Begin to pull together the release directory structure.
+ subdir `x86' containing the x86 binaries, x86 binary zip, x86
installer, and all signatures on the above.
+ subdir `alpha' containing the Alpha binaries, Alpha binary
zip, and all signatures on the above.
+ top-level dir contains the Windows source zip (plus
signatures), the Unix source tarball (plus signatures),
puttydoc.txt, the .hlp and .cnt files, and puttydoc.zip.
- Create and sign md5sums files: one in the x86 subdir, one in the
alpha subdir, and one in the parent dir of both of those.
+ The md5sums files need not list the .DSA and .RSA signatures,
and the top-level md5sums need not list the other two. Easiest
thing is to run, in each directory, this command:
md5sum `\find * -name '*SA' -o -type f -print` > md5sums
+ Sign the md5sums files (gpg --clearsign).
for i in md5sums */md5sums; do for t in DSA RSA; do gpg --load-extension=idea --clearsign -u "Releases ($t)" -o $i.$t $i; done; done
- Now double-check by verifying all the signatures on all the
files, and running md5sum -c on all the md5sums files.
- Create subdir `htmldoc' in the release directory, which should
contain exactly the same set of HTML files that went into
puttydoc.zip.
+ It also needs a copy of sitestyle.css, because the online
versions of the HTML docs will link to this (although the
zipped form should be self-contained).
- Now the whole release directory should be present and correct.
Upload to ixion:www/putty/<ver>.
- Do final checks on the release directory:
+ verify all the signatures. In each directory:
for i in *.*SA; do case $i in md5sums*) gpg --verify $i;; *) gpg --verify $i `echo $i | sed 's/\..SA$//'`;; esac; done
+ check the md5sums. In each directory:
md5sum -c md5sums
- Having double-checked the release, copy it from ixion to
chiark:ftp/putty-<ver> and to the:www/putty/<ver>.
- Check the permissions! Actually try downloading from the, to make
sure it really works.
- Update the HTTP redirects.
+ Update the one at the:www/putty/htaccess which points the
virtual subdir `latest' at the actual latest release dir. TEST
THIS ONE - it's quite important.
+ ixion:www/putty/.htaccess has an individual redirect for each
version number. Add a new one.
- Update the FTP symlink (chiark:ftp/putty-latest -> putty-<ver>).
- Update web site.
+ Adjust front page (`the latest version is <ver>').
+ Adjust Download page similarly.
+ Adjust filenames of installer and Unix tarball on links in
Download page.
+ Adjust header text on Changelog page. (That includes changing
`are new' in previous version to `were new'!)
- Update the wishlist. This can be done without touching individual
items by editing the @releases array in control/bugs2html.
- Check the Docs page links correctly to the release docs. (It
should do this automatically, owing to the `latest' HTTP
redirect.)
- Check that the web server attaches the right content type to .HLP
and .CNT files.
- Run webupdate, so that all the changes on ixion propagate to
chiark. Important to do this _before_ announcing that the release
is available.
* Don't forget to create the new directories on chiark -
~/www/putty/<ver>{,/x86,/alpha,/htmldoc} - before running
webupdate.
- After running webupdate, run update-rsync on chiark and verify
that the rsync mirror package correctly identifies the new
version.
- Announce the release!
+ Mail the announcement to putty-announce.
+ Post it to comp.security.ssh.
+ Mention it in <TDHTT> on mono.
- All done.