flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Tynjala <joshtynj...@gmail.com>
Subject Re: [DISCUSS] Discuss Release Apache FlexJS 0.7.0 RC1
Date Fri, 09 Sep 2016 16:51:40 GMT
Okay, I think I have everything set up properly, and I'm ready to commit
the updated binaries to SVN. However, as a final test just to be sure, I
tried to extract the new binary and manually run ant -f installer.xml.
Unfortunately, it failed. I noticed that installer.xml still references
0.6.0, so it was trying to download the wrong files:

<property name="flexjs.version" value="0.6.0"/>
<property name="falcon.version" value="0.6.0"/>

If I manually change them to 0.7.0, the installation script finishes
successfully. Should I update those values too, before I upload?

By the way, I double-checked, and these values are incorrect in the 0.7.0
source packages too. I don't know how serious an issue that is.

- Josh

On Thu, Sep 8, 2016 at 9:15 PM, Alex Harui <aharui@adobe.com> wrote:

> You will need a PGP key, if you don't have one already:
> https://www.apache.org/dev/release-signing
>
> I would create an "out" folder in a flex-asjs working copy, and unzip the
> binary package in there, then add the missing file.
>
> Then I would run:
> ant binary-package-tgz binary-package-zip
>
> That should create a tar.gz and .zip file in the out folder.   I would
> copy the source packages into the out folder".
>
> Then:
> ant create-md5
>
> Then finally:
> ant sign
>
> In theory, the -src.* files will be untouched and you will have new -bin.*
> files.  6 of them to be exact.
>
> These files go up on dist.apache.org via SVN (not Git).  The URL is:
> https://dist.apache.org/repos/dist/release/flex/flexjs
>
>
>
> I can probably do it, but I'm hoping you will just so we have another PMC
> member set up with the pieces to do releases.
>
> Thanks,
> -Alex
>
>
>
> On 9/8/16, 5:48 PM, "Josh Tynjala" <joshtynjala@gmail.com> wrote:
>
> >I can probably do that tomorrow. Can you point me to instructions? I don't
> >know where to upload the updated binaries or what the Apache process is to
> >do the signing. Is there an easy way to generate an md5 for a file on Mac?
> >
> >- Josh
> >
> >On Thu, Sep 8, 2016 at 5:24 PM, Alex Harui <aharui@adobe.com> wrote:
> >
> >>
> >>
> >> On 9/8/16, 4:12 PM, "Josh Tynjala" <joshtynjala@gmail.com> wrote:
> >>
> >> >To avoid this issue in the future, whichever ant target is used to
> >>create
> >> >a
> >> >binary release should probably clean everything first. Another
> >>potential
> >> >issue is that someone might modify their downloaded files to test
> >> >something
> >> >locally and forget to revert them. In other words, local modifications
> >> >could end up in a binary release without any kind of warning. If the
> >>full
> >> >binary release build forced a clean and re-downloaded dependencies,
> >>that
> >> >would handle both issues.
> >>
> >> For me, the GCL files are outside the ant folders so a clean wouldn't
> >> help.  It is an interesting Apache-ism that they recommend building
> >> artifacts locally.  It would be way more safe IMO to just ship something
> >> from the CI server.  But that's also a reason that only the source
> >> artifact is an official release.  The binary artifacts are harder to
> >> verify and thus aren't official releases, just a convenience.
> >>
> >> >
> >> >Can we update the binary release of 0.7.0? Or do we need to do a
> >>0.7.1? As
> >> >far as I can tell, the source bits are fine because the downloads are
> >>part
> >> >of building from source.
> >>
> >> In this case, I think you can add that one file to the binary package,
> >> update the md5 files and sign it and push it back up there.
> >>
> >> -Alex
> >>
> >>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message