Note:

If you want to create a new page for developers, you should create it on the Moodle Developer Resource site.

Archive release process

From MoodleDocs
Revision as of 11:32, 10 November 2012 by Eloy Lafuente (stronk7) (talk | contribs) (updated for next minor releases)

This page describes the standard procedures for making Moodle releases.

For a stable release on an existing branch XY with point value Z (eg. X.Y.Z)

One week before

  1. Notify Moodle developers and Moodle Partners about the upcoming release
  2. Identify security issues that need to be integrated.
    • Integrate from provided patches into supported branches (including branches supported only for security issues).
    • Ensure security issues are given priority in weekly integration and testing.
  3. Freeze stable development and post in the General developer forum to inform everyone of the freeze
  4. Review and complete the release notes of the upcoming version using the template
    • Ensure all issues labelled with "ui_change" or "api_change" are listed as functional or API changes respectively in the release notes.
  5. Begin preparing the security advisories to be sent on release day.
  6. Test / QA etc.

During the week prior release

  1. Normal integration / testing / upstream / weekly cycle. It will constitute, somehow, the "release candidate" to be packaged and released.
  2. Determine which security issues will be integrated.
    • Request CVE Identifiers by emailing issue descriptions to distros@vs.openwall.org with a message like... The following security issues have been discovered in Moodle. We request CVE Identifiers for these issues. We will be releasing the security announcements for these on moodle.org on XXX at 12noon AWST which is 04:00 UTC. The email subject should include the characters [vs]. The format needs to be plain text or encrypted. When granted CVE Identifiers, our issues should appear in the CVE list. More instructions are available.

Packaging day

This should happen immediately before the next integration cycle begins on Monday (i.e., some days after last weekly, 2 days prior to official release).

  1. Make sure there are not real blockers introduced by last weekly (install / upgrade ...)
  2. Make sure all the Unit tests pass!
  3. Run the mdlrelease process, that will do, for a release:
    • Edit version.php, update release and version to new point release and commit in the integration repository
    • Tag the integration repository with a tag name vX.Y.Z using "MOODLE_XYZ" as a tag message
    • push change to main git repo, github and Gitorious
    • sync CVS mirror (copy the version.php file and update githash.php to point to the release commit)
    • cvs tag -FR MOODLE_XYZ to tag everything in the release
    • cvs tag -FR MOODLE_XY_WEEKLY to make the weekly version match the release
  4. cvs -q update -dP all code on download server
  5. Run moodle-makenightlystableXY
  6. Go to download/stableXY
  7. Copy current daily as release package:
    • cp moodle-latest-XY.zip moodle-X.Y.Z.zip
    • cp moodle-latest-XY.tgz moodle-X.Y.Z.tgz
  8. Edit download index.php page with new release info and links
  9. Run moodle-makewindowspackages so all the windows packages will be rebuilt
  10. Edit download windows/index.php page with new release info (always keeping the "+")
  11. Run SF's mirror script
  12. Visit releases page on tracker and make the release, bumping all remaining open bugs to the next point release. This must be done both for the Moodle Project and the Non-core contributed modules project. Archive every released version > 6mo ago.
  13. Add the release date, build number and link to Releases
  14. Clone MDL-36495, MDL-36496, MDL-36497 for next minor release X.Y.(Z+1) handling of security issues & security advisories.
  15. Post an "advanced release" message on the Partner forum

Release day

  1. Verify packaging has happened.
  2. Notify all registered sys admins, including security notes with CVE idenifiers.
  3. (deprecated) Update the Latest Release block on Moodle.org news
  4. Post about the release in the moodle.org news

One week after release day

  1. Update the version.php in git to be X.Y.Z+ during the next weekly integration process
  2. Add all security advisories to Security news and release notes with links to security advisories
  3. Create a new release notes page for the next version X.Y.(Z+1) (here you can find one template for that)
  4. Send a plain text email to the following email list: oss-security@lists.openwall.com An appropriate message when sending the issues is... The following security notifications have now been made public. Thanks to OSS members for their cooperation. ...followed by the security notes.

See also

Retrieved from "https://docs.moodle.org/dev/index.php?title=Archive_release_process&oldid=36287"
Powered by MediaWiki