1 Checklists for PuTTY administrative procedures
2 ==============================================
4 Locations of the licence
5 ------------------------
7 The PuTTY copyright notice and licence are stored in quite a few
8 places. At the start of a new year, the copyright year needs
9 updating in all of them; and when someone sends a massive patch,
10 their name needs adding in all of them too.
12 The LICENCE file in the main source distribution:
19 + the copyright date appears twice, once in the About box and
20 once in the Licence box. Don't forget to change both!
22 + the copyright date appears twice, once in the About box and
23 once in the Licence box. Don't forget to change both!
25 + the copyright date appears twice, once in the About box and
26 once in the Licence box. Don't forget to change both!
29 The documentation (both the preamble blurb and the licence appendix):
32 - putty/doc/licence.but
36 - putty-website/licence.html
38 Before tagging a release
39 ------------------------
41 For a long time we got away with never checking the current version
42 number into CVS at all - all version numbers were passed into the
43 build system on the compiler command line, and the _only_ place
44 version numbers showed up in CVS was in the tag information.
46 Unfortunately, those halcyon days are gone, and we do need the
47 version number in CVS in a couple of places. These must be updated
48 _before_ tagging a new release.
50 The file used to generate the Unix snapshot version numbers (which
51 are <previousrelease>-<date> so that the Debian versioning system
52 orders them correctly with respect to releases):
56 The Windows installer script:
60 The Mac resource file (used to generate the binary bit of the 'vers'
61 resources -- the strings are supplied by the usual means):
65 It might also be worth going through the documentation looking for
66 version numbers - we have a couple of transcripts showing the help
67 text from the command-line tools, and it would be nice to ensure the
68 whole transcripts (certainly including the version numbers) are up
73 - putty/doc/psftp.but (in case it ever acquires a similar thing)
75 The actual release procedure
76 ----------------------------
78 This is the procedure I (SGT) currently follow (or _should_ follow
79 :-) when actually making a release, once I'm happy with the position
82 - Write a release announcement (basically a summary of the changes
83 since the last release). Squirrel it away in
84 ixion:src/putty/local/announce-<ver> in case it's needed again
85 within days of the release going out.
87 - On my local machines, check out the release-tagged version of the
89 + Make sure to run mkfiles.pl _after_ this checkout, just in
92 - Build the Windows/x86 release binaries. Don't forget to supply
93 VER=/DRELEASE=<ver>. Run them, or at least one or two of them, to
94 ensure that they really do report their version number correctly.
96 - Acquire the Windows/alpha release binaries from Owen.
97 + Verify the snapshot-key signatures on these, to ensure they're
98 really the ones he built. If I'm going to snapshot-sign a zip
99 file I make out of these, I'm damn well going to make sure the
100 binaries that go _into_ it were snapshot-signed themselves.
102 - Run Halibut to build the docs.
104 - Build the .zip files.
105 + The binary archive putty.zip just contains all the .exe files
106 except PuTTYtel, and the .hlp and .cnt files.
107 + The source archive putty-src.zip is built by puttysnap.sh (my
108 cron script that also builds the nightly snapshot source
110 + The docs archive puttydoc.zip contains all the HTML files
113 - Build the installer.
115 - Sign the release (gpg --detach-sign).
116 + Sign the locally built x86 binaries, the locally built x86
117 binary zipfile, and the locally built x86 installer, with the
119 + The Alpha binaries should already have been signed with the
120 snapshot keys. Having checked that, sign the Alpha binary
121 zipfile with the snapshot keys too.
122 + The source archive should be signed with the release keys.
123 This was the most fiddly bit of the last release I did: the
124 script that built the source archive was on ixion, so I had to
125 bring the archive back to my local machine, check everything
126 in it was untampered-with, and _then_ sign it. Perhaps next
127 time I should arrange that puttysnap.sh can run on my local
128 box; it'd be a lot easier.
129 + Don't forget to sign with both DSA and RSA keys for absolutely
132 - Begin to pull together the release directory structure.
133 + subdir `x86' containing the x86 binaries, x86 binary zip, x86
134 installer, and all signatures on the above.
135 + subdir `alpha' containing the Alpha binaries, Alpha binary
136 zip, and all signatures on the above.
137 + top-level dir contains the source zip (plus signatures),
138 puttydoc.txt, the .hlp and .cnt files, and puttydoc.zip.
140 - Create and sign md5sums files: one in the x86 subdir, one in the
141 alpha subdir, and one in the parent dir of both of those.
142 + The md5sums files need not list the .DSA and .RSA signatures,
143 and the top-level md5sums need not list the other two.
144 + Sign the md5sums files (gpg --clearsign). The Alpha md5sums
145 should be signed with the snapshot keys, but the other two
146 with the release keys (yes, the top-level one includes some
147 Alpha files, but I think people will understand).
149 - Now double-check by verifying all the signatures on all the
152 - Create subdir `htmldoc' in the release directory, which should
153 contain exactly the same set of HTML files that went into
156 - Now the whole release directory should be present and correct.
157 Upload to ixion:www/putty/<ver>, upload to
158 chiark:ftp/putty-<ver>, and upload to the:www/putty/<ver>.
160 - Update the HTTP redirects.
161 + Update the one at the:www/putty/htaccess which points the
162 virtual subdir `latest' at the actual latest release dir. TEST
163 THIS ONE - it's quite important.
164 + ixion:www/putty/.htaccess has an individual redirect for each
165 version number. Add a new one.
167 - Update the FTP symlink (chiark:ftp/putty-latest -> putty-<ver>).
170 + Adjust front page (`the latest version is <ver>').
171 + Adjust filename of installer on links in Download page.
172 + Adjust header text on Changelog page. (That includes changing
173 `are new' in previous version to `were new'!)
175 - Check the Docs page links correctly to the release docs. (It
176 should do this automatically, owing to the `latest' HTTP
179 - Check that the web server attaches the right content type to .HLP
182 - Run webupdate, so that all the changes on ixion propagate to
183 chiark. Important to do this _before_ announcing that the release
186 - Announce the release!
187 + Mail the announcement to putty-announce.
188 + Post it to comp.security.ssh.
189 + Mention it in <TDHIS> on mono.
191 - All done. Probably best to run `cvs up -A' now, or I'll only
192 forget in a few days' time and get confused...