| 1 | Checklists for PuTTY administrative procedures |
| 2 | ============================================== |
| 3 | |
| 4 | Locations of the licence |
| 5 | ------------------------ |
| 6 | |
| 7 | The PuTTY copyright notice and licence are stored in quite a few |
| 8 | places. At the start of a new year, the copyright year needs |
| 9 | updating in all of them; and when someone sends a massive patch, |
| 10 | their name needs adding in all of them too. |
| 11 | |
| 12 | The LICENCE file in the main source distribution: |
| 13 | |
| 14 | - putty/LICENCE |
| 15 | |
| 16 | The resource files: |
| 17 | |
| 18 | - putty/windows/pageant.rc |
| 19 | + the copyright date appears twice, once in the About box and |
| 20 | once in the Licence box. Don't forget to change both! |
| 21 | - putty/windows/puttygen.rc |
| 22 | + the copyright date appears twice, once in the About box and |
| 23 | once in the Licence box. Don't forget to change both! |
| 24 | - putty/windows/win_res.rc2 |
| 25 | + the copyright date appears twice, once in the About box and |
| 26 | once in the Licence box. Don't forget to change both! |
| 27 | - putty/windows/version.rc2 |
| 28 | + the copyright date appears once only. |
| 29 | - putty/unix/gtkdlg.c |
| 30 | + the copyright date appears twice, once in the About box and |
| 31 | once in the Licence box. Don't forget to change both! |
| 32 | |
| 33 | The documentation (both the preamble blurb and the licence appendix): |
| 34 | |
| 35 | - putty/doc/blurb.but |
| 36 | - putty/doc/licence.but |
| 37 | |
| 38 | The website: |
| 39 | |
| 40 | - putty-website/licence.html |
| 41 | |
| 42 | Before tagging a release |
| 43 | ------------------------ |
| 44 | |
| 45 | - First of all, go through the source (including the documentation), |
| 46 | and the website, and review anything tagged with a comment |
| 47 | containing the word XXX-REVIEW-BEFORE-RELEASE. |
| 48 | (Any such comments should state clearly what needs to be done.) |
| 49 | |
| 50 | - Also, do some testing of the Windows version with Minefield, and |
| 51 | of the Unix version with valgrind or efence or both. In |
| 52 | particular, any headline features for the release should get a |
| 53 | workout with memory checking enabled! |
| 54 | |
| 55 | For a long time we got away with never checking the current version |
| 56 | number in at all - all version numbers were passed into the build |
| 57 | system on the compiler command line, and the _only_ place version |
| 58 | numbers showed up in the source files was in the tag information. |
| 59 | |
| 60 | Unfortunately, those halcyon days are gone, and we do need the |
| 61 | version number checked in in a couple of places. These must be updated |
| 62 | _before_ tagging a new release. |
| 63 | |
| 64 | The file used to generate the Unix snapshot version numbers (which |
| 65 | are <previousrelease>-<date> so that the Debian versioning system |
| 66 | orders them correctly with respect to releases): |
| 67 | |
| 68 | - putty/LATEST.VER |
| 69 | |
| 70 | The Windows installer script (_four_ times, on consecutive lines): |
| 71 | |
| 72 | - putty/windows/putty.iss |
| 73 | |
| 74 | The Windows resource file (used to generate the binary bit of the |
| 75 | VERSIONINFO resources -- the strings are supplied by the usual means): |
| 76 | |
| 77 | - putty/windows/version.rc2 (BASE_VERSION; NB, _comma_-separated) |
| 78 | |
| 79 | It might also be worth going through the documentation looking for |
| 80 | version numbers - we have a couple of transcripts showing the help |
| 81 | text from the command-line tools, and it would be nice to ensure the |
| 82 | whole transcripts (certainly including the version numbers) are up |
| 83 | to date. Sometimes these are marked in between releases as `0.XX', so |
| 84 | it's worth grepping for that too. |
| 85 | |
| 86 | - putty/doc/pscp.but |
| 87 | - putty/doc/plink.but |
| 88 | - putty/doc/psftp.but (in case it ever acquires a similar thing) |
| 89 | |
| 90 | The actual release procedure |
| 91 | ---------------------------- |
| 92 | |
| 93 | This is the procedure I (SGT) currently follow (or _should_ follow |
| 94 | :-) when actually making a release, once I'm happy with the position |
| 95 | of the tag. |
| 96 | |
| 97 | - Double-check that we have removed anything tagged with a comment |
| 98 | containing the words XXX-REMOVE-BEFORE-RELEASE or |
| 99 | XXX-REVIEW-BEFORE-RELEASE. |
| 100 | |
| 101 | - Write a release announcement (basically a summary of the changes |
| 102 | since the last release). Squirrel it away in |
| 103 | atreus:src/putty/local/announce-<ver> in case it's needed again |
| 104 | within days of the release going out. |
| 105 | |
| 106 | - Build the release: `bob putty-0.XX RELEASE=0.XX'. This should |
| 107 | generate a basically valid release directory as |
| 108 | `build.out/putty', and provide link maps and sign.sh alongside |
| 109 | that in build.out. |
| 110 | |
| 111 | - Do a bit of checking that the release binaries basically work, |
| 112 | report their version numbers accurately, and so on. Test the |
| 113 | installer and the Unix source tarball. |
| 114 | |
| 115 | - Save the link maps. Currently I keep these on atreus, in |
| 116 | src/putty/local/maps-<version>. |
| 117 | |
| 118 | - Sign the release: in the `build.out' directory, type `./sign.sh |
| 119 | putty Releases', and enter the passphrases a lot of times. |
| 120 | |
| 121 | - Now the whole release directory should be present and correct. |
| 122 | Upload it to atreus:www/putty/<ver>. |
| 123 | |
| 124 | - Do final checks on the release directory: |
| 125 | + verify all the signatures: |
| 126 | for i in `find . -name '*.*SA'`; do case $i in *sums*) gpg --verify $i;; *) gpg --verify $i ${i%%.?SA};; esac; done |
| 127 | + check the checksum files: |
| 128 | md5sum -c md5sums |
| 129 | sha1sum -c sha1sums |
| 130 | sha256sum -c sha256sums |
| 131 | sha512sum -c sha512sums |
| 132 | |
| 133 | - Having double-checked the release, copy it from atreus to |
| 134 | chiark:ftp/putty-<ver> and to the:www/putty/<ver>. |
| 135 | |
| 136 | - Check the permissions! Actually try downloading from the, to make |
| 137 | sure it really works. |
| 138 | |
| 139 | - Update the HTTP redirects. |
| 140 | + Update the one at the:www/putty/htaccess which points the |
| 141 | virtual subdir `latest' at the actual latest release dir. TEST |
| 142 | THIS ONE - it's quite important. |
| 143 | + atreus:www/putty/.htaccess has an individual redirect for each |
| 144 | version number. Add a new one. |
| 145 | |
| 146 | - Update the FTP symlink (chiark:ftp/putty-latest -> putty-<ver>). |
| 147 | |
| 148 | - Update web site. |
| 149 | + Adjust front page to say 'The latest version is <ver>'. |
| 150 | + Adjust front page to add a news item. |
| 151 | + Adjust Download page to say 'The latest release version (<ver>)'. |
| 152 | + Adjust Download page to update filenames of installer and Unix |
| 153 | tarball (both in the hrefs themselves and the link text). |
| 154 | + Check over the Download page and remove any mention of |
| 155 | pre-releases, if there were any before this release. Comment out |
| 156 | the big pre-release section at the top, and also adjust the |
| 157 | sections about source archives at the bottom. |
| 158 | + Adjust header text on Changelog page. (That includes changing |
| 159 | `are new' in previous version to `were new'!) |
| 160 | |
| 161 | - Update the wishlist. This can be done without touching individual |
| 162 | items by editing the @releases array in control/bugs2html. |
| 163 | |
| 164 | - Check the Docs page links correctly to the release docs. (It |
| 165 | should do this automatically, owing to the `latest' HTTP |
| 166 | redirect.) |
| 167 | |
| 168 | - Check that the web server attaches the right content type to .HLP |
| 169 | and .CNT files. |
| 170 | |
| 171 | - Run webupdate, so that all the changes on atreus propagate to |
| 172 | chiark. Important to do this _before_ announcing that the release |
| 173 | is available. |
| 174 | |
| 175 | - After running webupdate, run update-rsync on chiark and verify that |
| 176 | the rsync mirror package (~/ftp/putty-website-mirror) contains a |
| 177 | subdirectory for the new version and mentions it in its .htaccess. |
| 178 | |
| 179 | - Announce the release! |
| 180 | + Construct a release announcement email whose message body is the |
| 181 | announcement written above, and which includes the following |
| 182 | headers: |
| 183 | * Reply-To: <putty@projects.tartarus.org> |
| 184 | * Subject: PuTTY X.YZ is released |
| 185 | + Mail that release announcement to |
| 186 | <putty-announce@lists.tartarus.org>. |
| 187 | + Post it to comp.security.ssh. |
| 188 | + Mention it in <TDHTT> on mono. |
| 189 | |
| 190 | - Relax (slightly). |
| 191 | |
| 192 | After the release |
| 193 | ----------------- |
| 194 | |
| 195 | The following want doing some time soon after a release has been made: |
| 196 | |
| 197 | - If the release was made from a branch, make sure the version number |
| 198 | on the _trunk_ is up to date in all the locations listed above, so |
| 199 | that (e.g.) Unix snapshots come out right. |