| 1 | Checklists for PuTTY administrative procedures |
| 2 | ============================================== |
| 3 | |
| 4 | Locations of the licence |
| 5 | ------------------------ |
| 6 | |
| 7 | The PuTTY copyright notice and licence are stored in quite a few |
| 8 | places. At the start of a new year, the copyright year needs |
| 9 | updating in all of them; and when someone sends a massive patch, |
| 10 | their name needs adding in all of them too. |
| 11 | |
| 12 | The LICENCE file in the main source distribution: |
| 13 | |
| 14 | - putty/LICENCE |
| 15 | |
| 16 | The resource files: |
| 17 | |
| 18 | - putty/windows/pageant.rc |
| 19 | + the copyright date appears twice, once in the About box and |
| 20 | once in the Licence box. Don't forget to change both! |
| 21 | - putty/windows/puttygen.rc |
| 22 | + the copyright date appears twice, once in the About box and |
| 23 | once in the Licence box. Don't forget to change both! |
| 24 | - putty/windows/win_res.rc2 |
| 25 | + the copyright date appears twice, once in the About box and |
| 26 | once in the Licence box. Don't forget to change both! |
| 27 | - putty/windows/version.rc2 |
| 28 | + the copyright date appears once only. |
| 29 | - putty/mac/mac_res.r |
| 30 | + the copyright date appears twice, once in the About box and |
| 31 | once in the Licence box. Don't forget to change both! |
| 32 | - putty/mac/macpgen.r |
| 33 | + the copyright date appears twice, once in the About box and |
| 34 | once in the Licence box. Don't forget to change both! |
| 35 | - putty/unix/gtkdlg.c |
| 36 | + the copyright date appears twice, once in the About box and |
| 37 | once in the Licence box. Don't forget to change both! |
| 38 | |
| 39 | The documentation (both the preamble blurb and the licence appendix): |
| 40 | |
| 41 | - putty/doc/blurb.but |
| 42 | - putty/doc/licence.but |
| 43 | |
| 44 | The website: |
| 45 | |
| 46 | - putty-website/licence.html |
| 47 | |
| 48 | Before tagging a release |
| 49 | ------------------------ |
| 50 | |
| 51 | - First of all, go through the source (including the documentation), |
| 52 | and the website, and review anything tagged with a comment |
| 53 | containing the word XXX-REVIEW-BEFORE-RELEASE. |
| 54 | (Any such comments should state clearly what needs to be done.) |
| 55 | |
| 56 | - Also, do some testing of the Windows version with Minefield, and |
| 57 | of the Unix version with valgrind or efence or both. In |
| 58 | particular, any headline features for the release should get a |
| 59 | workout with memory checking enabled! |
| 60 | |
| 61 | For a long time we got away with never checking the current version |
| 62 | number in at all - all version numbers were passed into the build |
| 63 | system on the compiler command line, and the _only_ place version |
| 64 | numbers showed up in the source files was in the tag information. |
| 65 | |
| 66 | Unfortunately, those halcyon days are gone, and we do need the |
| 67 | version number checked in in a couple of places. These must be updated |
| 68 | _before_ tagging a new release. |
| 69 | |
| 70 | The file used to generate the Unix snapshot version numbers (which |
| 71 | are <previousrelease>-<date> so that the Debian versioning system |
| 72 | orders them correctly with respect to releases): |
| 73 | |
| 74 | - putty/LATEST.VER |
| 75 | |
| 76 | The Windows installer script (_four_ times, on consecutive lines): |
| 77 | |
| 78 | - putty/windows/putty.iss |
| 79 | |
| 80 | The Windows resource file (used to generate the binary bit of the |
| 81 | VERSIONINFO resources -- the strings are supplied by the usual means): |
| 82 | |
| 83 | - putty/windows/version.rc2 (BASE_VERSION; NB, _comma_-separated) |
| 84 | |
| 85 | The Mac resource file (used to generate the binary bit of the 'vers' |
| 86 | resources): |
| 87 | |
| 88 | - putty/mac/version.r |
| 89 | |
| 90 | It might also be worth going through the documentation looking for |
| 91 | version numbers - we have a couple of transcripts showing the help |
| 92 | text from the command-line tools, and it would be nice to ensure the |
| 93 | whole transcripts (certainly including the version numbers) are up |
| 94 | to date. Sometimes these are marked in between releases as `0.XX', so |
| 95 | it's worth grepping for that too. |
| 96 | |
| 97 | - putty/doc/pscp.but |
| 98 | - putty/doc/plink.but |
| 99 | - putty/doc/psftp.but (in case it ever acquires a similar thing) |
| 100 | |
| 101 | The actual release procedure |
| 102 | ---------------------------- |
| 103 | |
| 104 | This is the procedure I (SGT) currently follow (or _should_ follow |
| 105 | :-) when actually making a release, once I'm happy with the position |
| 106 | of the tag. |
| 107 | |
| 108 | - Double-check that we have removed anything tagged with a comment |
| 109 | containing the words XXX-REMOVE-BEFORE-RELEASE or |
| 110 | XXX-REVIEW-BEFORE-RELEASE. |
| 111 | |
| 112 | - Write a release announcement (basically a summary of the changes |
| 113 | since the last release). Squirrel it away in |
| 114 | ixion:src/putty/local/announce-<ver> in case it's needed again |
| 115 | within days of the release going out. |
| 116 | |
| 117 | - On my local machines, check out the release-tagged version of the |
| 118 | sources. Do this in a _clean_ directory; don't depend on my usual |
| 119 | source dir. |
| 120 | + Make sure to run mkfiles.pl _after_ this checkout, just in |
| 121 | case. |
| 122 | |
| 123 | - Build the source archives now, while the directory is still |
| 124 | pristine. |
| 125 | + run ./mksrcarc.sh to build the Windows source zip. |
| 126 | + run `./mkunxarc.sh X.YZ' to build the Unix tarball. |
| 127 | |
| 128 | - Build the Windows/x86 release binaries. Don't forget to supply |
| 129 | VER=/DRELEASE=<ver>. Run them, or at least one or two of them, to |
| 130 | ensure that they really do report their version number correctly, |
| 131 | and sanity-check the version info reported on the files by Windows. |
| 132 | + Save the release link maps. Currently I keep these on ixion, |
| 133 | in src/putty/local/maps-<version>. |
| 134 | |
| 135 | - Run Halibut to build the docs. Define VERSION on the make command |
| 136 | line to override the version strings, since Subversion revision |
| 137 | numbers are less meaningful on a tag. |
| 138 | + change into the doc subdir |
| 139 | + run `make VERSION="PuTTY release 0.XX" chm', then run `hhc |
| 140 | putty.hhp' to build the .CHM |
| 141 | + then run `make mostlyclean' (destroys the hhc input files but |
| 142 | _not_ the .CHM) |
| 143 | + then `make VERSION="PuTTY release 0.XX"' |
| 144 | |
| 145 | - Build the binary archive putty.zip: all the .exe files except |
| 146 | PuTTYtel, and the .hlp, .cnt and .chm files. |
| 147 | + zip -k putty.zip `ls *.exe | grep -v puttytel` putty.hlp putty.cnt putty.chm |
| 148 | |
| 149 | - Build the docs archive puttydoc.zip: it contains all the HTML |
| 150 | files output from Halibut. |
| 151 | + zip puttydoc.zip *.html |
| 152 | |
| 153 | - Build the installer. |
| 154 | |
| 155 | - Sign the release (gpg --detach-sign). |
| 156 | + Sign the locally built x86 binaries, the locally built x86 |
| 157 | binary zipfile, and the locally built x86 installer, with the |
| 158 | release keys. |
| 159 | + The source archive should be signed with the release keys. |
| 160 | + Don't forget to sign with both DSA and RSA keys for absolutely |
| 161 | everything. |
| 162 | for i in <filenames>; do for t in DSA RSA; do gpg --load-extension=idea --detach-sign -u "Releases ($t)" -o $i.$t $i; done; done |
| 163 | |
| 164 | - Begin to pull together the release directory structure. |
| 165 | + subdir `x86' containing the x86 binaries, x86 binary zip, x86 |
| 166 | installer, and all signatures on the above. |
| 167 | + top-level dir contains the Windows source zip (plus |
| 168 | signatures), the Unix source tarball (plus signatures), |
| 169 | puttydoc.txt, the .hlp, .cnt and .chm files, and puttydoc.zip. |
| 170 | |
| 171 | - Create subdir `htmldoc' in the release directory, which should |
| 172 | contain exactly the same set of HTML files that went into |
| 173 | puttydoc.zip. |
| 174 | + It also needs a copy of sitestyle.css, because the online |
| 175 | versions of the HTML docs will link to this (although the |
| 176 | zipped form should be self-contained). |
| 177 | |
| 178 | - Create and sign an md5sums file in the top-level directory. |
| 179 | + The md5sums files need not list the .DSA and .RSA signatures. |
| 180 | Easiest thing is to run this command: |
| 181 | md5sum `\find * -name '*SA' -o -type f -print` > md5sums |
| 182 | + Sign the md5sums file (gpg --clearsign). |
| 183 | for t in DSA RSA; do gpg --load-extension=idea --clearsign -u "Releases ($t)" -o md5sums.$t md5sums; done |
| 184 | |
| 185 | - Now double-check by verifying all the signatures on all the |
| 186 | files, and running md5sum -c on the md5sums file. |
| 187 | |
| 188 | - Now the whole release directory should be present and correct. |
| 189 | Upload to ixion:www/putty/<ver>. |
| 190 | |
| 191 | - Do final checks on the release directory: |
| 192 | + verify all the signatures. In each directory: |
| 193 | for i in *.*SA; do case $i in md5sums*) gpg --verify $i;; *) gpg --verify $i `echo $i | sed 's/\..SA$//'`;; esac; done |
| 194 | + check the md5sums: |
| 195 | md5sum -c md5sums |
| 196 | |
| 197 | - Having double-checked the release, copy it from ixion to |
| 198 | chiark:ftp/putty-<ver> and to the:www/putty/<ver>. |
| 199 | |
| 200 | - Check the permissions! Actually try downloading from the, to make |
| 201 | sure it really works. |
| 202 | |
| 203 | - Update the HTTP redirects. |
| 204 | + Update the one at the:www/putty/htaccess which points the |
| 205 | virtual subdir `latest' at the actual latest release dir. TEST |
| 206 | THIS ONE - it's quite important. |
| 207 | + ixion:www/putty/.htaccess has an individual redirect for each |
| 208 | version number. Add a new one. |
| 209 | |
| 210 | - Update the FTP symlink (chiark:ftp/putty-latest -> putty-<ver>). |
| 211 | |
| 212 | - Update web site. |
| 213 | + Adjust front page (`the latest version is <ver>'). |
| 214 | + Adjust Download page similarly. |
| 215 | + Adjust filenames of installer and Unix tarball on links in |
| 216 | Download page. |
| 217 | + Adjust header text on Changelog page. (That includes changing |
| 218 | `are new' in previous version to `were new'!) |
| 219 | |
| 220 | - Update the wishlist. This can be done without touching individual |
| 221 | items by editing the @releases array in control/bugs2html. |
| 222 | |
| 223 | - Check the Docs page links correctly to the release docs. (It |
| 224 | should do this automatically, owing to the `latest' HTTP |
| 225 | redirect.) |
| 226 | |
| 227 | - Check that the web server attaches the right content type to .HLP |
| 228 | and .CNT files. |
| 229 | |
| 230 | - Run webupdate, so that all the changes on ixion propagate to |
| 231 | chiark. Important to do this _before_ announcing that the release |
| 232 | is available. |
| 233 | |
| 234 | - After running webupdate, run update-rsync on chiark and verify |
| 235 | that the rsync mirror package correctly identifies the new |
| 236 | version. |
| 237 | |
| 238 | - Announce the release! |
| 239 | + Mail the announcement to putty-announce. |
| 240 | * Set a Reply-To on the mail so that people don't keep |
| 241 | replying to my personal address. |
| 242 | + Post it to comp.security.ssh. |
| 243 | + Mention it in <TDHTT> on mono. |
| 244 | |
| 245 | - Relax (slightly). |
| 246 | |
| 247 | After the release |
| 248 | ----------------- |
| 249 | |
| 250 | The following want doing some time soon after a release has been made: |
| 251 | |
| 252 | - If the release was made from a branch, make sure the version number |
| 253 | on the _trunk_ is up to date in all the locations listed above, so |
| 254 | that (e.g.) Unix snapshots come out right. |