1 Checklists for PuTTY administrative procedures
2 ==============================================
4 Locations of the licence
5 ------------------------
7 The PuTTY copyright notice and licence are stored in quite a few
8 places. At the start of a new year, the copyright year needs
9 updating in all of them; and when someone sends a massive patch,
10 their name needs adding in all of them too.
12 The LICENCE file in the main source distribution:
19 + the copyright date appears twice, once in the About box and
20 once in the Licence box. Don't forget to change both!
22 + the copyright date appears twice, once in the About box and
23 once in the Licence box. Don't forget to change both!
25 + the copyright date appears twice, once in the About box and
26 once in the Licence box. Don't forget to change both!
29 The documentation (both the preamble blurb and the licence appendix):
32 - putty/doc/licence.but
36 - putty-website/licence.html
38 Before tagging a release
39 ------------------------
41 For a long time we got away with never checking the current version
42 number into CVS at all - all version numbers were passed into the
43 build system on the compiler command line, and the _only_ place
44 version numbers showed up in CVS was in the tag information.
46 Unfortunately, those halcyon days are gone, and we do need the
47 version number in CVS in a couple of places. These must be updated
48 _before_ tagging a new release.
50 The file used to generate the Unix snapshot version numbers (which
51 are <previousrelease>-<date> so that the Debian versioning system
52 orders them correctly with respect to releases):
56 And the Windows installer script:
60 The actual release procedure
61 ----------------------------
63 This is the procedure I (SGT) currently follow (or _should_ follow
64 :-) when actually making a release, once I'm happy with the position
67 - Write a release announcement (basically a summary of the changes
68 since the last release). Squirrel it away in
69 ixion:src/putty/local/announce-<ver> in case it's needed again
70 within days of the release going out.
72 - On my local machines, check out the release-tagged version of the
74 + Make sure to run mkfiles.pl _after_ this checkout, just in
77 - Build the Windows/x86 release binaries. Don't forget to supply
78 VER=/DRELEASE=<ver>. Run them, or at least one or two of them, to
79 ensure that they really do report their version number correctly.
81 - Acquire the Windows/alpha release binaries from Owen.
82 + Verify the snapshot-key signatures on these, to ensure they're
83 really the ones he built. If I'm going to snapshot-sign a zip
84 file I make out of these, I'm damn well going to make sure the
85 binaries that go _into_ it were snapshot-signed themselves.
87 - Run Halibut to build the docs.
89 - Build the .zip files.
90 + The binary archive putty.zip just contains all the .exe files
91 except PuTTYtel, and the .hlp and .cnt files.
92 + The source archive putty-src.zip is built by puttysnap.sh (my
93 cron script that also builds the nightly snapshot source
95 + The docs archive puttydoc.zip contains all the HTML files
98 - Build the installer.
100 - Sign the release (gpg --detach-sign).
101 + Sign the locally built x86 binaries, the locally built x86
102 binary zipfile, and the locally built x86 installer, with the
104 + The Alpha binaries should already have been signed with the
105 snapshot keys. Having checked that, sign the Alpha binary
106 zipfile with the snapshot keys too.
107 + The source archive should be signed with the release keys.
108 This was the most fiddly bit of the last release I did: the
109 script that built the source archive was on ixion, so I had to
110 bring the archive back to my local machine, check everything
111 in it was untampered-with, and _then_ sign it. Perhaps next
112 time I should arrange that puttysnap.sh can run on my local
113 box; it'd be a lot easier.
114 + Don't forget to sign with both DSA and RSA keys for absolutely
117 - Begin to pull together the release directory structure.
118 + subdir `x86' containing the x86 binaries, x86 binary zip, x86
119 installer, and all signatures on the above.
120 + subdir `alpha' containing the Alpha binaries, Alpha binary
121 zip, and all signatures on the above.
122 + top-level dir contains the source zip (plus signatures),
123 puttydoc.txt, the .hlp and .cnt files, and puttydoc.zip.
125 - Create and sign md5sums files: one in the x86 subdir, one in the
126 alpha subdir, and one in the parent dir of both of those.
127 + The md5sums files need not list the .DSA and .RSA signatures,
128 and the top-level md5sums need not list the other two.
129 + Sign the md5sums files (gpg --clearsign). The Alpha md5sums
130 should be signed with the snapshot keys, but the other two
131 with the release keys (yes, the top-level one includes some
132 Alpha files, but I think people will understand).
134 - Now double-check by verifying all the signatures on all the
137 - Create subdir `htmldoc' in the release directory, which should
138 contain exactly the same set of HTML files that went into
141 - Now the whole release directory should be present and correct.
142 Upload to ixion:www/putty/<ver>, upload to
143 chiark:ftp/putty-<ver>, and upload to the:www/putty/<ver>.
145 - Update the HTTP redirects.
146 + Update the one at the:www/putty/htaccess which points the
147 virtual subdir `latest' at the actual latest release dir. TEST
148 THIS ONE - it's quite important.
149 + ixion:www/putty/.htaccess has an individual redirect for each
150 version number. Add a new one.
152 - Update the FTP symlink (chiark:ftp/putty-latest -> putty-<ver>).
155 + Adjust front page (`the latest version is <ver>').
156 + Adjust filename of installer on links in Download page.
157 + Adjust header text on Changelog page. (That includes changing
158 `are new' in previous version to `were new'!)
160 - Check the Docs page links correctly to the release docs. (It
161 should do this automatically, owing to the `latest' HTTP
164 - Check that the web server attaches the right content type to .HLP
167 - Run webupdate, so that all the changes on ixion propagate to
168 chiark. Important to do this _before_ announcing that the release
171 - Announce the release!
172 + Mail the announcement to putty-announce.
173 + Post it to comp.security.ssh.
174 + Mention it in <TDHIS> on mono.
176 - All done. Probably best to run `cvs up -A' now, or I'll only
177 forget in a few days' time and get confused...