07db6afb |
1 | Checklists for PuTTY administrative procedures |
2 | ============================================== |
3 | |
4 | Locations of the licence |
5 | ------------------------ |
6 | |
7 | The PuTTY copyright notice and licence are stored in quite a few |
8 | places. At the start of a new year, the copyright year needs |
9 | updating in all of them; and when someone sends a massive patch, |
10 | their name needs adding in all of them too. |
11 | |
12 | The LICENCE file in the main source distribution: |
13 | |
14 | - putty/LICENCE |
15 | |
16 | The resource files: |
17 | |
18 | - putty/pageant.rc |
19 | + the copyright date appears twice, once in the About box and |
20 | once in the Licence box. Don't forget to change both! |
21 | - putty/puttygen.rc |
22 | + the copyright date appears twice, once in the About box and |
23 | once in the Licence box. Don't forget to change both! |
24 | - putty/win_res.rc |
25 | + the copyright date appears twice, once in the About box and |
26 | once in the Licence box. Don't forget to change both! |
27 | - putty/mac/mac_res.r |
28 | |
29 | The documentation (both the preamble blurb and the licence appendix): |
30 | |
31 | - putty/doc/blurb.but |
32 | - putty/doc/licence.but |
33 | |
34 | The website: |
35 | |
36 | - putty-website/licence.html |
37 | |
38 | Before tagging a release |
39 | ------------------------ |
40 | |
41 | For a long time we got away with never checking the current version |
42 | number into CVS at all - all version numbers were passed into the |
43 | build system on the compiler command line, and the _only_ place |
44 | version numbers showed up in CVS was in the tag information. |
45 | |
46 | Unfortunately, those halcyon days are gone, and we do need the |
47 | version number in CVS in a couple of places. These must be updated |
48 | _before_ tagging a new release. |
49 | |
50 | The file used to generate the Unix snapshot version numbers (which |
51 | are <previousrelease>-<date> so that the Debian versioning system |
52 | orders them correctly with respect to releases): |
53 | |
54 | - putty/LATEST.VER |
55 | |
56 | And the Windows installer script: |
57 | |
58 | - putty/putty.iss |
59 | |
60 | The actual release procedure |
61 | ---------------------------- |
62 | |
63 | This is the procedure I (SGT) currently follow (or _should_ follow |
64 | :-) when actually making a release, once I'm happy with the position |
65 | of the tag. |
66 | |
67 | - Write a release announcement (basically a summary of the changes |
68 | since the last release). Squirrel it away in |
69 | ixion:src/putty/local/announce-<ver> in case it's needed again |
70 | within days of the release going out. |
71 | |
72 | - On my local machines, check out the release-tagged version of the |
73 | sources. |
1e7aebc9 |
74 | + Make sure to run mkfiles.pl _after_ this checkout, just in |
75 | case. |
07db6afb |
76 | |
77 | - Build the Windows/x86 release binaries. Don't forget to supply |
78 | VER=/DRELEASE=<ver>. Run them, or at least one or two of them, to |
79 | ensure that they really do report their version number correctly. |
80 | |
81 | - Acquire the Windows/alpha release binaries from Owen. |
82 | + Verify the snapshot-key signatures on these, to ensure they're |
83 | really the ones he built. If I'm going to snapshot-sign a zip |
84 | file I make out of these, I'm damn well going to make sure the |
85 | binaries that go _into_ it were snapshot-signed themselves. |
86 | |
87 | - Run Halibut to build the docs. |
88 | |
89 | - Build the .zip files. |
90 | + The binary archive putty.zip just contains all the .exe files |
91 | except PuTTYtel, and the .hlp and .cnt files. |
92 | + The source archive putty-src.zip is built by puttysnap.sh (my |
93 | cron script that also builds the nightly snapshot source |
94 | archive). |
95 | + The docs archive puttydoc.zip contains all the HTML files |
96 | output from Halibut. |
97 | |
98 | - Build the installer. |
99 | |
100 | - Sign the release (gpg --detach-sign). |
101 | + Sign the locally built x86 binaries, the locally built x86 |
102 | binary zipfile, and the locally built x86 installer, with the |
103 | release keys. |
104 | + The Alpha binaries should already have been signed with the |
105 | snapshot keys. Having checked that, sign the Alpha binary |
106 | zipfile with the snapshot keys too. |
107 | + The source archive should be signed with the release keys. |
108 | This was the most fiddly bit of the last release I did: the |
109 | script that built the source archive was on ixion, so I had to |
110 | bring the archive back to my local machine, check everything |
111 | in it was untampered-with, and _then_ sign it. Perhaps next |
112 | time I should arrange that puttysnap.sh can run on my local |
113 | box; it'd be a lot easier. |
114 | + Don't forget to sign with both DSA and RSA keys for absolutely |
115 | everything. |
116 | |
117 | - Begin to pull together the release directory structure. |
118 | + subdir `x86' containing the x86 binaries, x86 binary zip, x86 |
119 | installer, and all signatures on the above. |
120 | + subdir `alpha' containing the Alpha binaries, Alpha binary |
121 | zip, and all signatures on the above. |
122 | + top-level dir contains the source zip (plus signatures), |
123 | puttydoc.txt, the .hlp and .cnt files, and puttydoc.zip. |
124 | |
125 | - Create and sign md5sums files: one in the x86 subdir, one in the |
126 | alpha subdir, and one in the parent dir of both of those. |
127 | + The md5sums files need not list the .DSA and .RSA signatures, |
128 | and the top-level md5sums need not list the other two. |
129 | + Sign the md5sums files (gpg --clearsign). The Alpha md5sums |
130 | should be signed with the snapshot keys, but the other two |
131 | with the release keys (yes, the top-level one includes some |
132 | Alpha files, but I think people will understand). |
133 | |
134 | - Now double-check by verifying all the signatures on all the |
135 | files. |
136 | |
137 | - Create subdir `htmldoc' in the release directory, which should |
138 | contain exactly the same set of HTML files that went into |
139 | puttydoc.zip. |
140 | |
141 | - Now the whole release directory should be present and correct. |
142 | Upload to ixion:www/putty/<ver>, upload to |
143 | chiark:ftp/putty-<ver>, and upload to the:www/putty/<ver>. |
144 | |
145 | - Update the HTTP redirects. |
146 | + Update the one at the:www/putty/htaccess which points the |
147 | virtual subdir `latest' at the actual latest release dir. TEST |
148 | THIS ONE - it's quite important. |
149 | + ixion:www/putty/.htaccess has an individual redirect for each |
150 | version number. Add a new one. |
151 | |
152 | - Update the FTP symlink (chiark:ftp/putty-latest -> putty-<ver>). |
153 | |
154 | - Update web site. |
155 | + Adjust front page (`the latest version is <ver>'). |
156 | + Adjust filename of installer on links in Download page. |
157 | + Adjust header text on Changelog page. (That includes changing |
158 | `are new' in previous version to `were new'!) |
159 | |
160 | - Check the Docs page links correctly to the release docs. (It |
161 | should do this automatically, owing to the `latest' HTTP |
162 | redirect.) |
163 | |
164 | - Check that the web server attaches the right content type to .HLP |
165 | and .CNT files. |
166 | |
1e7aebc9 |
167 | - Run webupdate, so that all the changes on ixion propagate to |
168 | chiark. Important to do this _before_ announcing that the release |
169 | is available. |
170 | |
07db6afb |
171 | - Announce the release! |
172 | + Mail the announcement to putty-announce. |
173 | + Post it to comp.security.ssh. |
174 | + Mention it in <TDHIS> on mono. |
175 | |
176 | - All done. Probably best to run `cvs up -A' now, or I'll only |
177 | forget in a few days' time and get confused... |