nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-04-20 20:45:02 -05:00
Code Issues Projects Releases Wiki Activity

Reorder a couple of points on the wishlist, and also add a few

Browse Source 
helpful chunks of `sh' to make life easier next time I make a release.

[originally from svn r4698]
This commit is contained in:
Simon Tatham 2004-10-26 18:44:42 +00:00
parent f30cf17afb
commit 4081fd7051
1 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CHECKLST.txt
View File

@ -142,6 +142,7 @@ of the tag.
+ The source archive should be signed with the release keys. + The source archive should be signed with the release keys.
+ Don't forget to sign with both DSA and RSA keys for absolutely + Don't forget to sign with both DSA and RSA keys for absolutely
everything. everything.
for i in <filenames>; do for t in DSA RSA; do gpg --load-extension=idea --detach-sign -u "Releases ($t)" -o $i.$t $i; done; done
- Begin to pull together the release directory structure. - Begin to pull together the release directory structure.
+ subdir `x86' containing the x86 binaries, x86 binary zip, x86 + subdir `x86' containing the x86 binaries, x86 binary zip, x86
@ -155,8 +156,11 @@ of the tag.
- Create and sign md5sums files: one in the x86 subdir, one in the - Create and sign md5sums files: one in the x86 subdir, one in the
alpha subdir, and one in the parent dir of both of those. alpha subdir, and one in the parent dir of both of those.
+ The md5sums files need not list the .DSA and .RSA signatures, + The md5sums files need not list the .DSA and .RSA signatures,
and the top-level md5sums need not list the other two. and the top-level md5sums need not list the other two. Easiest
thing is to run, in each directory, this command:
md5sum `\find * -name '*SA' -o -type f -print` > md5sums
+ Sign the md5sums files (gpg --clearsign). + Sign the md5sums files (gpg --clearsign).
for i in md5sums */md5sums; do for t in DSA RSA; do gpg --load-extension=idea --clearsign -u "Releases ($t)" -o $i.$t $i; done; done
- Now double-check by verifying all the signatures on all the - Now double-check by verifying all the signatures on all the
files, and running md5sum -c on all the md5sums files. files, and running md5sum -c on all the md5sums files.
@ -169,8 +173,16 @@ of the tag.
zipped form should be self-contained). zipped form should be self-contained).
- Now the whole release directory should be present and correct. - Now the whole release directory should be present and correct.
Upload to ixion:www/putty/<ver>, upload to Upload to ixion:www/putty/<ver>.
chiark:ftp/putty-<ver>, and upload to the:www/putty/<ver>.
- Do final checks on the release directory:
+ verify all the signatures. In each directory:
for i in *.*SA; do case $i in md5sums*) gpg --verify $i;; *) gpg --verify $i `echo $i | sed 's/\..SA$//'`;; esac; done
+ check the md5sums. In each directory:
md5sum -c md5sums
- Having double-checked the release, copy it from ixion to
chiark:ftp/putty-<ver> and to the:www/putty/<ver>.
- Check the permissions! Actually try downloading from the, to make - Check the permissions! Actually try downloading from the, to make
sure it really works. sure it really works.
@ -205,6 +217,9 @@ of the tag.
- Run webupdate, so that all the changes on ixion propagate to - Run webupdate, so that all the changes on ixion propagate to
chiark. Important to do this _before_ announcing that the release chiark. Important to do this _before_ announcing that the release
is available. is available.
* Don't forget to create the new directories on chiark -
~/www/putty/<ver>{,/x86,/alpha,/htmldoc} - before running
webupdate.
- After running webupdate, run update-rsync on chiark and verify - After running webupdate, run update-rsync on chiark and verify
that the rsync mirror package correctly identifies the new that the rsync mirror package correctly identifies the new