New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds details on how to run a manual file integrity check #1446
Conversation
RELEASE.md
Outdated
1. Commit and push directly to master | ||
1. Run the `script/release` script to cut a release | ||
1. Draft a new release at https://github.com/octokit/octokit.rb/releases/new containing the curated changelog | ||
2. Run the "File integrity check" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It feels like this would make more sense as a separate step, rather than a sub-step of updating the version. What do you think of doing it directly before running script/release
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure that sounds good.
RELEASE.md
Outdated
Use the version from the build in the next commands | ||
|
||
``` | ||
> tar -x -f octokit-#.##.#.gem |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It'd be really nice to have a more automated way to do these checks recursively down the directory tree - but not essential for now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed. I made note of that in the details above and will sketch up an issue for it once done with the releases.
Adds details on how to check the files that are packed in the gem to help anyone who intends on releasing this make sure they are building and releasing this as intended.
This adds a script that is executed when the release or package scripts are run to naively check the permissions of the files in the gem - just as a safeguard.
Additionally, this adds parameters to script/release so that dry runs can be performed
Hopefully, we'll be able to automate this, but for now, if anyone tries to release from something like a code space, for instance, then the gem will be released with world writeable files. We need to make sure that this is verified before release.