11Release Checklist
22-----------------------------------------
3- [ ] Update __version__ string
4- [ ] Update classifiers in setup.py to include the latest supported Python
3+ [ ] Update classifiers in setup.cfg to include the latest supported Python
54 versions.
65[ ] Update the metadata in zonefile_metadata.json to include the latest tzdata
76 release from https://www.iana.org/time-zones.
87[ ] If necessary, update the tzdata mirror at https://github.com/dateutil/tzdata
9- [ ] Update NEWS with list of changes, giving credit to contributors.
10- [ ] Build the source distribution as, at a minimum, .tar.gz and .zip
11- [ ] Verify that the source distribution contains all necessary components.
12- [ ] Build the binary distribution as a wheel
13- [ ] Verify that the binary distribution can be installed and works.
14- [ ] Generate MD5 hashes for the source and binary distributions
15- [ ] Sign the source and binary distributions with a GPG key (if not the one
16- that made the release, then one signed by the one that made the last
17- release)
8+ [ ] Update NEWS with list of changes:
9+ [ ] Invoke `tox -e towncrier -- --version <NEXT_VERSION>`
10+ [ ] Make sure that only `template.rst` remains in changelog.d/
11+ [ ] Manually clean up the new NEWS file.
12+ [ ] Replace entries in the "Misc" section that are not likely to be
13+ interesting to anyone consuming the package (e.g. changes to CI) with
14+ a reference to the Github PR.
1815[ ] Commit the changes in git and make a pull request.
1916[ ] Accept the pull request and tag the repository with the release number.
20- [ ] Add the contents of the NEWS file to the github release notes for the
17+ [ ] Add the contents of the NEWS file to the Github release notes for the
2118 release.
22- [ ] Upload the source and binary distributions along with hashes and signatures
23- to pypi.
19+ [ ] Upload the source and binary distributions with `tox -e release`.
2420
2521Optional:
2622----------
@@ -36,60 +32,34 @@ for more details.
3632
3733Versioning
3834----------
39- Try and keep to a semantic versioning scheme (http://semver.org/).
35+ Try and keep to a semantic versioning scheme (http://semver.org/). The versions
36+ are managed with `setuptools_scm`, so to update the version, simply tag the
37+ relevant commit with the new version number.
4038
4139
42- Source releases
43- ----------
44- Release the sources with, at a minimum, .tar.gz and .zip. Make sure you have a
45- relatively recent version of setuptools when making the source distribution, as
46- earlier version will not include the tests. Other formats are
47- optional. They can be generated using:
48-
49- python setup.py sdist --formats=zip,gztar
50-
51- To verify that a source release is correct, inspect it using whatever archive
52- utility you have and make sure it contains all the modules and the tests. Also
53- make sure that the zoneinfo file is included in the You
54- may also want to generate a new clean virtualenv and run the tests from the
55- source distribution (python setup.py test).
56-
57-
58- Binary releases
59- ----------
60- It should always be possible to generate a universal wheel binary distribution
61- for each release. Generally we do not generate .egg files. In order to generate
62- a wheel, you need the wheel package (https://wheel.readthedocs.io/en/latest/)
63- installed, which can be installed with:
64-
65- pip install wheel
66-
67- Once this is done, generate the wheel with:
68-
69- python setup.py bdist_wheel
70-
71-
72- Signing and generate checksums
73- ----------
74- Since all the outputs are generated in the dist/ directory, can generate all the
75- md5 checksums at once from the base directory by executing:
76-
77- md5sum dist/*
78-
79- Save these for when uploading the files. Following this, go into the dist
80- directory and sign each of the results with the relevant key:
40+ Building and Releasing
41+ ----------------------
42+ Building and releasing can be done using the `release.py` script, which
43+ automates building, signing and uploading. Since it uses GPG for signing and
44+ for decrypting a stored token, it requires that `gpg` be installed on your
45+ system. Because it has python dependencies, the best way to use the
46+ `release.py` script is to invoke it using `tox`. To build the source and binary
47+ distributions, use:
8148
82- gpg --armor --output <fname>.asc --detach-sig <fname>
49+ tox -e build
8350
84- To automate this for all files, you can use the following command:
51+ This will build the distributions in `dist/`. Once that is done, you can release
52+ them with:
8553
86- for f in dist/*; do gpg --armor --output $f.asc --detach-sig $f; done
54+ tox -e release
8755
88- Save these .asc files for when uploading to pypi. Before uploading them, verify
89- that they are valid signatures :
56+ if you have the token stored in your `~/.pypirc` file. If you have stored the
57+ relevant token in an encrypted file, use the `--passfile` argument :
9058
91- gpg --verify <fname>.asc <fname>
59+ tox -e release -- --passfile .token.gpg
9260
93- To do this in bulk, you can use the command:
61+ The `release` command defaults to uploading to test.pypi.org. To upload to
62+ pypi.org, use the `--release` flag, so putting it all together, we have:
9463
95- for f in $(find ./dist -type f | grep -v '.asc$'); do gpg --verify $f.asc $f; done
64+ tox -e build
65+ tox -e release -- --passfile .token.gpg --release
0 commit comments