New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds details on how to run a manual file integrity check #1446
Changes from 1 commit
f499f69
3da85b1
c9a2e52
121fafc
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,16 +2,47 @@ | |
|
||
1. Create a list of all the changes since the prior release | ||
1. Compare the latest release to master using https://github.com/octokit/octokit.rb/compare/`${latest}`...master | ||
1. Open the linked pull requests from all the `Merge pull request #...` commits | ||
1. For all non-documentation PRs, copy title (including pull request number) into markdown list items | ||
1. (optional, but nice) Sort into logical buckets, like "support for additional endpoints", "enhancements", "bugfixes" | ||
1. Reorganize to put the pull request number at the start of the line | ||
1. Ensure there are no breaking changes _(if there are breaking changes you'll need to create a release branch without those changes or bump the major version)_ | ||
1. Update the version | ||
2. Open the linked pull requests from all the `Merge pull request #...` commits | ||
3. For all non-documentation PRs, copy title (including pull request number) into markdown list items | ||
4. (optional, but nice) Sort into logical buckets, like "support for additional endpoints", "enhancements", "bugfixes" | ||
5. Reorganize to put the pull request number at the start of the line | ||
2. Ensure there are no breaking changes _(if there are breaking changes you'll need to create a release branch without those changes or bump the major version)_ | ||
3. Update the version | ||
1. Update the constant in `lib/octokit/version.rb` | ||
1. Commit and push directly to master | ||
1. Run the `script/release` script to cut a release | ||
1. Draft a new release at https://github.com/octokit/octokit.rb/releases/new containing the curated changelog | ||
2. Run the "File integrity check" | ||
3. Commit the version change and push directly to master | ||
4. Run the `script/release` script to cut a release | ||
5. Draft a new release at https://github.com/octokit/octokit.rb/releases/new containing the curated changelog | ||
|
||
---- | ||
|
||
## File integrity check | ||
|
||
(Given octokit.rb is currently shipped "manually") | ||
|
||
Because different environments behave differently, it is recommended that the integrity and file permissions of the files packed in the gem are verified. This is to help prevent things like releasing world writeable files in the gem. As we get things a little more automated, this will become unnecessary. | ||
|
||
Until then, it is recommended that if you are preparing a release you run the following prior to releasing the gem: | ||
|
||
From the root of octokit.rb | ||
|
||
``` | ||
> gem build *.gemspec | ||
``` | ||
|
||
Use the version from the build in the next commands | ||
|
||
``` | ||
> tar -x -f octokit-#.##.#.gem | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It'd be really nice to have a more automated way to do these checks recursively down the directory tree - but not essential for now. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Agreed. I made note of that in the details above and will sketch up an issue for it once done with the releases. |
||
> tar -t -v --numeric-owner -f data.tar.gz |head -n 10 | ||
``` | ||
|
||
The files in the output should have the following permessions set: | ||
`-rw-r--r--` | ||
|
||
(optional) Once verified, you can run `git clean -dfx` to clean things up before packing | ||
|
||
---- | ||
|
||
## Prerequisites | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It feels like this would make more sense as a separate step, rather than a sub-step of updating the version. What do you think of doing it directly before running
script/release
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure that sounds good.