good to share our tricks :-) My diff: diff -rqZ folder-with-svn folder-from-zip r=recursive, q=small output Z=ignore trailing spaces
(the Z is because I typically run on windows, and the sources-release has different line endings) I get the svn version to compare with using svn -export the-tag-version. -export omits those .svn files. I don't bother to exclude anything; and just quickly eyeball the results. But if you have a script, the -x option looks useful! the dependencies diff looks useful. (no attached script due to our email system...) Instead of using the lftp command (not on my windows machine :-) ), I use svn export, which works fine now because our staging spot is typically an svn spot in dist.apache.org/ ... / dev nice little one-liner for checking asc sigs! One other thing I do is comparing sources (including license files, etc.) between a new version and a previous version. I have a project in Eclipse called "t" (for testing), where I have folders where I use the "advanced" option to link to the unzipped source-release directories for the current and past release. Then I select each folder, and tell Eclipse to compare to each other. This gives an easily navigable view of all the different files, which I find useful sometimes. -Marshall On 7/23/2017 8:11 PM, Richard Eckart de Castilho wrote: > Hi all, > > is there any way we can improve the release process? > E.g. could we automatize it more? > > To make a start, I am sharing here some commands that I find useful. > Maybe we could set up a place in the SVN to collect/build scripts. > > === Comparing SVN (ruta-2.6.1) vs. ZIP (ruta-2.6.1-svn) > > diff -r -b -x DEPENDENCIES -x .svn -x issuesFixed -x '.project' -x > 'MANIFEST.MF' -x 'META-INF' -x 'feature.xml' ruta-2.6.1 ruta-2.6.1-svn > > === Checking if versions have changed since a previous release > > See attached script: mvn-diff-dependencies > > === Verify signature (because I always have to look it up) > > gpg --verify --armor <ASC file> > > === Download all staged artifacts for a signature bulk-check > > $ lftp <stage URL> >> mirror . >> exit > $ find . -name "*.asc" | xargs -n1 gpg --verify --armor > > What is kind of annoying here is that the output needs to be checked > by eye. gpg --verify does not produce a proper exit code if the > signature verification fails :( > > Cheers, > > -- Richard >
