X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/39a938f7a5e16b4be9bee493251238710fbff396..HEAD:/CHECKLST.txt diff --git a/CHECKLST.txt b/CHECKLST.txt index 5c6d2cf1..f44838d4 100644 --- a/CHECKLST.txt +++ b/CHECKLST.txt @@ -21,10 +21,11 @@ The resource files: - putty/windows/puttygen.rc + the copyright date appears twice, once in the About box and once in the Licence box. Don't forget to change both! - - putty/windows/win_res.rc + - putty/windows/win_res.rc2 + the copyright date appears twice, once in the About box and once in the Licence box. Don't forget to change both! - - putty/mac/mac_res.r + - putty/windows/version.rc2 + + the copyright date appears once only. - putty/unix/gtkdlg.c + the copyright date appears twice, once in the About box and once in the Licence box. Don't forget to change both! @@ -41,8 +42,15 @@ The website: Before tagging a release ------------------------ - - First of all, go through the source and remove anything tagged - with a comment containing the word XXX-REMOVE-BEFORE-RELEASE. + - First of all, go through the source (including the documentation), + and the website, and review anything tagged with a comment + containing the word XXX-REVIEW-BEFORE-RELEASE. + (Any such comments should state clearly what needs to be done.) + + - Also, do some testing of the Windows version with Minefield, and + of the Unix version with valgrind or efence or both. In + particular, any headline features for the release should get a + workout with memory checking enabled! For a long time we got away with never checking the current version number in at all - all version numbers were passed into the build @@ -59,14 +67,14 @@ orders them correctly with respect to releases): - putty/LATEST.VER -The Windows installer script: +The Windows installer script (_four_ times, on consecutive lines): - putty/windows/putty.iss -The Mac resource file (used to generate the binary bit of the 'vers' -resources -- the strings are supplied by the usual means): +The Windows resource file (used to generate the binary bit of the +VERSIONINFO resources -- the strings are supplied by the usual means): - - putty/mac/version.r + - putty/windows/version.rc2 (BASE_VERSION; NB, _comma_-separated) It might also be worth going through the documentation looking for version numbers - we have a couple of transcripts showing the help @@ -87,105 +95,42 @@ This is the procedure I (SGT) currently follow (or _should_ follow of the tag. - Double-check that we have removed anything tagged with a comment - containing the word XXX-REMOVE-BEFORE-RELEASE. + containing the words XXX-REMOVE-BEFORE-RELEASE or + XXX-REVIEW-BEFORE-RELEASE. - Write a release announcement (basically a summary of the changes since the last release). Squirrel it away in - ixion:src/putty/local/announce- in case it's needed again + atreus:src/putty/local/announce- in case it's needed again within days of the release going out. - - On my local machines, check out the release-tagged version of the - sources. Do this in a _clean_ directory; don't depend on my usual - source dir. - + Make sure to run mkfiles.pl _after_ this checkout, just in - case. - - - Build the source archives now, while the directory is still - pristine. - + run ./mksrcarc.sh to build the Windows source zip. - + run `./mkunxarc.sh X.YZ' to build the Unix tarball. - - - Build the Windows/x86 release binaries. Don't forget to supply - VER=/DRELEASE=. Run them, or at least one or two of them, to - ensure that they really do report their version number correctly. - + Save the release link maps. Currently I keep these on ixion, - in src/putty/local/maps-. - - - Acquire the Windows/alpha release binaries from Owen. - + Verify the signatures on these, to ensure they're really the - ones he built. If I'm going to sign a zip file I make out of - these, I'm damn well going to make sure the binaries that go - _into_ it are signed themselves. - + Make sure Owen has kept the Alpha release link maps somewhere - useful. - - - Run Halibut to build the docs. Define VERSION on the make command - line to override the version strings, since Subversion revision - numbers are less meaningful on a tag. - + make -C doc VERSION="PuTTY release 0.XX" - - - Build the binary archives putty.zip (one for each architecture): - each one just contains all the .exe files except PuTTYtel, and - the .hlp and .cnt files. - + zip -k putty.zip `ls *.exe | grep -v puttytel` putty.hlp putty.cnt - + same again for Alpha. - - - Build the docs archive puttydoc.zip: it contains all the HTML - files output from Halibut. - + zip puttydoc.zip *.html - - - Build the installer. - - - Sign the release (gpg --detach-sign). - + Sign the locally built x86 binaries, the locally built x86 - binary zipfile, and the locally built x86 installer, with the - release keys. - + The Alpha binaries should already have been signed with the - release keys. Having checked that, sign the Alpha binary - zipfile with the release keys too. - + The source archive should be signed with the release keys. - + Don't forget to sign with both DSA and RSA keys for absolutely - everything. - for i in ; do for t in DSA RSA; do gpg --load-extension=idea --detach-sign -u "Releases ($t)" -o $i.$t $i; done; done - - - Begin to pull together the release directory structure. - + subdir `x86' containing the x86 binaries, x86 binary zip, x86 - installer, and all signatures on the above. - + subdir `alpha' containing the Alpha binaries, Alpha binary - zip, and all signatures on the above. - + top-level dir contains the Windows source zip (plus - signatures), the Unix source tarball (plus signatures), - puttydoc.txt, the .hlp and .cnt files, and puttydoc.zip. - - - Create subdir `htmldoc' in the release directory, which should - contain exactly the same set of HTML files that went into - puttydoc.zip. - + It also needs a copy of sitestyle.css, because the online - versions of the HTML docs will link to this (although the - zipped form should be self-contained). - - - Create and sign md5sums files: one in the x86 subdir, one in the - alpha subdir, and one in the parent dir of both of those. - + The md5sums files need not list the .DSA and .RSA signatures, - and the top-level md5sums need not list the other two. Easiest - thing is to run, in each directory, this command: - md5sum `\find * -name '*SA' -o -type f -print` > md5sums - + Sign the md5sums files (gpg --clearsign). - for i in md5sums */md5sums; do for t in DSA RSA; do gpg --load-extension=idea --clearsign -u "Releases ($t)" -o $i.$t $i; done; done - - - Now double-check by verifying all the signatures on all the - files, and running md5sum -c on all the md5sums files. + - Build the release: `bob putty-0.XX RELEASE=0.XX'. This should + generate a basically valid release directory as + `build.out/putty', and provide link maps and sign.sh alongside + that in build.out. + + - Do a bit of checking that the release binaries basically work, + report their version numbers accurately, and so on. Test the + installer and the Unix source tarball. + + - Save the link maps. Currently I keep these on atreus, in + src/putty/local/maps-. + + - Sign the release: in the `build.out' directory, type `./sign.sh + putty Releases', and enter the passphrases a lot of times. - Now the whole release directory should be present and correct. - Upload to ixion:www/putty/. + Upload it to atreus:www/putty/. - Do final checks on the release directory: - + verify all the signatures. In each directory: - for i in *.*SA; do case $i in md5sums*) gpg --verify $i;; *) gpg --verify $i `echo $i | sed 's/\..SA$//'`;; esac; done - + check the md5sums. In each directory: + + verify all the signatures: + for i in `find . -name '*.*SA'`; do case $i in *sums*) gpg --verify $i;; *) gpg --verify $i ${i%%.?SA};; esac; done + + check the checksum files: md5sum -c md5sums + sha1sum -c sha1sums + sha256sum -c sha256sums + sha512sum -c sha512sums - - Having double-checked the release, copy it from ixion to + - Having double-checked the release, copy it from atreus to chiark:ftp/putty- and to the:www/putty/. - Check the permissions! Actually try downloading from the, to make @@ -195,16 +140,21 @@ of the tag. + Update the one at the:www/putty/htaccess which points the virtual subdir `latest' at the actual latest release dir. TEST THIS ONE - it's quite important. - + ixion:www/putty/.htaccess has an individual redirect for each + + atreus:www/putty/.htaccess has an individual redirect for each version number. Add a new one. - Update the FTP symlink (chiark:ftp/putty-latest -> putty-). - Update web site. - + Adjust front page (`the latest version is '). - + Adjust Download page similarly. - + Adjust filenames of installer and Unix tarball on links in - Download page. + + Adjust front page to say 'The latest version is '. + + Adjust front page to add a news item. + + Adjust Download page to say 'The latest release version ()'. + + Adjust Download page to update filenames of installer and Unix + tarball (both in the hrefs themselves and the link text). + + Check over the Download page and remove any mention of + pre-releases, if there were any before this release. Comment out + the big pre-release section at the top, and also adjust the + sections about source archives at the bottom. + Adjust header text on Changelog page. (That includes changing `are new' in previous version to `were new'!) @@ -218,19 +168,22 @@ of the tag. - Check that the web server attaches the right content type to .HLP and .CNT files. - - Run webupdate, so that all the changes on ixion propagate to + - Run webupdate, so that all the changes on atreus propagate to chiark. Important to do this _before_ announcing that the release is available. - * Don't forget to create the new directories on chiark - - ~/www/putty/{,/x86,/alpha,/htmldoc} - before running - webupdate. - - After running webupdate, run update-rsync on chiark and verify - that the rsync mirror package correctly identifies the new - version. + - After running webupdate, run update-rsync on chiark and verify that + the rsync mirror package (~/ftp/putty-website-mirror) contains a + subdirectory for the new version and mentions it in its .htaccess. - Announce the release! - + Mail the announcement to putty-announce. + + Construct a release announcement email whose message body is the + announcement written above, and which includes the following + headers: + * Reply-To: + * Subject: PuTTY X.YZ is released + + Mail that release announcement to + . + Post it to comp.security.ssh. + Mention it in on mono.