X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/47e4e7359053574f16061e9d692394fc9f2f3b74..976374cdc06f5adb4217cb816f9bfe928d0809e6:/CHECKLST.txt diff --git a/CHECKLST.txt b/CHECKLST.txt index b5d13191..608d578e 100644 --- a/CHECKLST.txt +++ b/CHECKLST.txt @@ -15,16 +15,23 @@ The LICENCE file in the main source distribution: The resource files: - - putty/pageant.rc + - putty/windows/pageant.rc + the copyright date appears twice, once in the About box and once in the Licence box. Don't forget to change both! - - putty/puttygen.rc + - putty/windows/puttygen.rc + the copyright date appears twice, once in the About box and once in the Licence box. Don't forget to change both! - - putty/win_res.rc + - putty/windows/win_res.rc2 + the copyright date appears twice, once in the About box and once in the Licence box. Don't forget to change both! + - putty/windows/version.rc2 + + the copyright date appears once only. - putty/mac/mac_res.r + + the copyright date appears twice, once in the About box and + once in the Licence box. Don't forget to change both! + - putty/mac/macpgen.r + + the copyright date appears twice, once in the About box and + once in the Licence box. Don't forget to change both! - putty/unix/gtkdlg.c + the copyright date appears twice, once in the About box and once in the Licence box. Don't forget to change both! @@ -41,13 +48,17 @@ The website: Before tagging a release ------------------------ + - First of all, go through the source (including the documentation) + and remove anything tagged with a comment containing the word + XXX-REMOVE-BEFORE-RELEASE. + For a long time we got away with never checking the current version -number into CVS at all - all version numbers were passed into the -build system on the compiler command line, and the _only_ place -version numbers showed up in CVS was in the tag information. +number in at all - all version numbers were passed into the build +system on the compiler command line, and the _only_ place version +numbers showed up in the source files was in the tag information. Unfortunately, those halcyon days are gone, and we do need the -version number in CVS in a couple of places. These must be updated +version number checked in in a couple of places. These must be updated _before_ tagging a new release. The file used to generate the Unix snapshot version numbers (which @@ -56,12 +67,18 @@ orders them correctly with respect to releases): - putty/LATEST.VER -The Windows installer script: +The Windows installer script (_three_ times, on consecutive lines, +and again in a subsequent comment): + + - putty/windows/putty.iss + +The Windows resource file (used to generate the binary bit of the +VERSIONINFO resources -- the strings are supplied by the usual means): - - putty/putty.iss + - putty/windows/version.rc2 (BASE_VERSION; NB, _comma_-separated) The Mac resource file (used to generate the binary bit of the 'vers' -resources -- the strings are supplied by the usual means): +resources): - putty/mac/version.r @@ -69,7 +86,8 @@ It might also be worth going through the documentation looking for version numbers - we have a couple of transcripts showing the help text from the command-line tools, and it would be nice to ensure the whole transcripts (certainly including the version numbers) are up -to date. +to date. Sometimes these are marked in between releases as `0.XX', so +it's worth grepping for that too. - putty/doc/pscp.but - putty/doc/plink.but @@ -82,40 +100,54 @@ This is the procedure I (SGT) currently follow (or _should_ follow :-) when actually making a release, once I'm happy with the position of the tag. + - Double-check that we have removed anything tagged with a comment + containing the word XXX-REMOVE-BEFORE-RELEASE. + - Write a release announcement (basically a summary of the changes since the last release). Squirrel it away in ixion:src/putty/local/announce- in case it's needed again within days of the release going out. - On my local machines, check out the release-tagged version of the - sources. + sources. Do this in a _clean_ directory; don't depend on my usual + source dir. + Make sure to run mkfiles.pl _after_ this checkout, just in case. + - Build the source archives now, while the directory is still + pristine. + + run ./mksrcarc.sh to build the Windows source zip. + + run `./mkunxarc.sh X.YZ' to build the Unix tarball. + - Build the Windows/x86 release binaries. Don't forget to supply VER=/DRELEASE=. Run them, or at least one or two of them, to - ensure that they really do report their version number correctly. + ensure that they really do report their version number correctly, + and sanity-check the version info reported on the files by Windows. + Save the release link maps. Currently I keep these on ixion, in src/putty/local/maps-. - Acquire the Windows/alpha release binaries from Owen. - + Verify the snapshot-key signatures on these, to ensure they're - really the ones he built. If I'm going to snapshot-sign a zip - file I make out of these, I'm damn well going to make sure the - binaries that go _into_ it were snapshot-signed themselves. + + Verify the signatures on these, to ensure they're really the + ones he built. If I'm going to sign a zip file I make out of + these, I'm damn well going to make sure the binaries that go + _into_ it are signed themselves. + Make sure Owen has kept the Alpha release link maps somewhere useful. - - Run Halibut to build the docs. + - Run Halibut to build the docs. Define VERSION on the make command + line to override the version strings, since Subversion revision + numbers are less meaningful on a tag. + + make -C doc VERSION="PuTTY release 0.XX" + + - Build the binary archives putty.zip (one for each architecture): + each one just contains all the .exe files except PuTTYtel, and + the .hlp and .cnt files. + + zip -k putty.zip `ls *.exe | grep -v puttytel` putty.hlp putty.cnt + + same again for Alpha. - - Build the .zip files. - + The binary archive putty.zip just contains all the .exe files - except PuTTYtel, and the .hlp and .cnt files. - + The source archive putty-src.zip is built by puttysnap.sh (my - cron script that also builds the nightly snapshot source - archive). - + The docs archive puttydoc.zip contains all the HTML files - output from Halibut. + - Build the docs archive puttydoc.zip: it contains all the HTML + files output from Halibut. + + zip puttydoc.zip *.html - Build the installer. @@ -124,45 +156,55 @@ of the tag. binary zipfile, and the locally built x86 installer, with the release keys. + The Alpha binaries should already have been signed with the - snapshot keys. Having checked that, sign the Alpha binary - zipfile with the snapshot keys too. + release keys. Having checked that, sign the Alpha binary + zipfile with the release keys too. + The source archive should be signed with the release keys. - This was the most fiddly bit of the last release I did: the - script that built the source archive was on ixion, so I had to - bring the archive back to my local machine, check everything - in it was untampered-with, and _then_ sign it. Perhaps next - time I should arrange that puttysnap.sh can run on my local - box; it'd be a lot easier. + Don't forget to sign with both DSA and RSA keys for absolutely everything. + for i in ; do for t in DSA RSA; do gpg --load-extension=idea --detach-sign -u "Releases ($t)" -o $i.$t $i; done; done - Begin to pull together the release directory structure. + subdir `x86' containing the x86 binaries, x86 binary zip, x86 installer, and all signatures on the above. + subdir `alpha' containing the Alpha binaries, Alpha binary zip, and all signatures on the above. - + top-level dir contains the source zip (plus signatures), + + top-level dir contains the Windows source zip (plus + signatures), the Unix source tarball (plus signatures), puttydoc.txt, the .hlp and .cnt files, and puttydoc.zip. + - Create subdir `htmldoc' in the release directory, which should + contain exactly the same set of HTML files that went into + puttydoc.zip. + + It also needs a copy of sitestyle.css, because the online + versions of the HTML docs will link to this (although the + zipped form should be self-contained). + - Create and sign md5sums files: one in the x86 subdir, one in the alpha subdir, and one in the parent dir of both of those. + The md5sums files need not list the .DSA and .RSA signatures, - and the top-level md5sums need not list the other two. - + Sign the md5sums files (gpg --clearsign). The Alpha md5sums - should be signed with the snapshot keys, but the other two - with the release keys (yes, the top-level one includes some - Alpha files, but I think people will understand). + and the top-level md5sums need not list the other two. Easiest + thing is to run, in each directory, this command: + md5sum `\find * -name '*SA' -o -type f -print` > md5sums + + Sign the md5sums files (gpg --clearsign). + for i in md5sums */md5sums; do for t in DSA RSA; do gpg --load-extension=idea --clearsign -u "Releases ($t)" -o $i.$t $i; done; done - Now double-check by verifying all the signatures on all the - files. - - - Create subdir `htmldoc' in the release directory, which should - contain exactly the same set of HTML files that went into - puttydoc.zip. + files, and running md5sum -c on all the md5sums files. - Now the whole release directory should be present and correct. - Upload to ixion:www/putty/, upload to - chiark:ftp/putty-, and upload to the:www/putty/. + Upload to ixion:www/putty/. + + - Do final checks on the release directory: + + verify all the signatures. In each directory: + for i in *.*SA; do case $i in md5sums*) gpg --verify $i;; *) gpg --verify $i `echo $i | sed 's/\..SA$//'`;; esac; done + + check the md5sums. In each directory: + md5sum -c md5sums + + - Having double-checked the release, copy it from ixion to + chiark:ftp/putty- and to the:www/putty/. + + - Check the permissions! Actually try downloading from the, to make + sure it really works. - Update the HTTP redirects. + Update the one at the:www/putty/htaccess which points the @@ -175,10 +217,15 @@ of the tag. - Update web site. + Adjust front page (`the latest version is '). - + Adjust filename of installer on links in Download page. + + Adjust Download page similarly. + + Adjust filenames of installer and Unix tarball on links in + Download page. + Adjust header text on Changelog page. (That includes changing `are new' in previous version to `were new'!) + - Update the wishlist. This can be done without touching individual + items by editing the @releases array in control/bugs2html. + - Check the Docs page links correctly to the release docs. (It should do this automatically, owing to the `latest' HTTP redirect.) @@ -189,11 +236,28 @@ of the tag. - Run webupdate, so that all the changes on ixion propagate to chiark. Important to do this _before_ announcing that the release is available. + * Don't forget to create the new directories on chiark - + ~/www/putty/{,/x86,/alpha,/htmldoc} - before running + webupdate. + + - After running webupdate, run update-rsync on chiark and verify + that the rsync mirror package correctly identifies the new + version. - Announce the release! + Mail the announcement to putty-announce. + * Set a Reply-To on the mail so that people don't keep + replying to my personal address. + Post it to comp.security.ssh. - + Mention it in on mono. + + Mention it in on mono. + + - Relax (slightly). + +After the release +----------------- + +The following want doing some time soon after a release has been made: - - All done. Probably best to run `cvs up -A' now, or I'll only - forget in a few days' time and get confused... + - If the release was made from a branch, make sure the version number + on the _trunk_ is up to date in all the locations listed above, so + that (e.g.) Unix snapshots come out right.