joes 2003/06/12 23:02:22
Modified: . RELEASE
Log:
Added pgp instructions. Also, md5sum on Linux produces a different outformat
than md5 does on BSD. No need for the RM to upload the md5 checksum if we're
using pgp/gpg.
Revision Changes Path
1.2 +10 -8 httpd-apreq/RELEASE
Index: RELEASE
===================================================================
RCS file: /home/cvs/httpd-apreq/RELEASE,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- RELEASE 13 Jun 2003 04:59:43 -0000 1.1
+++ RELEASE 13 Jun 2003 06:02:22 -0000 1.2
@@ -35,22 +35,24 @@
% make dist
7. Test the release package, repeating step 2. If all tests pass,
- sign and (optionally) md5sum it:
+ sign it via gpg:
- % gpg --detach-sign --armor libapreq-1.X.tar.gz
- % md5sum libapreq-1.X.tar.gz > libapreq-1.X.tar.gz.md5
+ % gpg --detach-sign --armor libapreq-1.X.tar.gz
-8. Upload (scp) the package, signature, and md5 checksum to www.apache.org
+ or pgp:
+
+ % pgp -sba libapreq-1.X.tar.gz
+
+8. Upload (scp) the package and signature to www.apache.org
for distribution:
- % scp libapreq-1.X.tar.gz* \
+ % scp libapreq-1.X.tar.gz libapreq-1.X.tar.gz.asc \
<username>@www.apache.org:/www/httpd.apache.org/dist/httpd/libapreq/
- Get another developer to confirm the uploaded package signatures
- and md5 checksums are ok.
+ Get another developer to confirm the uploaded signature is ok.
% gpg --verify libapreq-1.X.tar.gz.asc
- % md5sum --check libapreq.1.X.tar.gz.md5
+ % pgp libapreq-1.X.tar.gz.asc
9. Upload the package to CPAN. Doublecheck that the md5 checksum
received from PAUSE is correct.
