Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-04-02 05:22:14 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
link2xt/remove-mvbox_move
chatmail-core/RELEASE.md

3.2 KiB
Raw Permalink Blame History

Releasing a new version of chatmail core

For example, to release version 1.116.0 of the core, do the following steps.

  1. Resolve all blocker issues.

  2. Update the changelog: git cliff --unreleased --tag 1.116.0 --prepend CHANGELOG.md or git cliff -u -t 1.116.0 -p CHANGELOG.md.

  3. add a link to compare previous with current version to the end of CHANGELOG.md: [1.116.0]: https://github.com/chatmail/core/compare/v1.115.2...v1.116.0

  4. Update the version by running scripts/set_core_version.py 1.116.0.

  5. Commit the changes as chore(release): prepare for 1.116.0. Optionally, use a separate branch like prep-1.116.0 for this commit and open a PR for review.

  6. Push the commit to the main branch.

  7. Once the commit is on the main branch and passed CI, tag the release: git tag --annotate v1.116.0.

  8. Push the release tag: git push origin v1.116.0.

  9. Create a GitHub release: gh release create v1.116.0 --notes ''.

  10. Update the version to the next development version: scripts/set_core_version.py 1.117.0-dev.

  11. Commit and push the change: git commit -m "chore: bump version to 1.117.0-dev" && git push origin main.

  12. Once the binaries are generated and published, check Windows binaries for false positive detections at VirusTotal. Either upload the binaries directly or submit a direct link to the artifact. You can use old browsers interface if there are problems with using the default website. If you submit a direct link and get to the page saying "No security vendors flagged this URL as malicious", it does not mean that the file itself is not detected. You need to go to the "details" tab and click on the SHA-256 hash in the "Body SHA-256" section. If any false positive is detected, open an issue to track removing it. See https://github.com/chatmail/core/issues/7847 for an example of false positive detection issue. If there is a false positive "Microsoft" detection, mark the issue as a blocker.

Dealing with antivirus false positives

If Windows release is incorrectly detected by some antivirus, submit requests to remove detection.

"Microsoft" antivirus is built in Windows and will break user setups so removing its detection should be highest priority. To submit false positive to Microsoft, go to https://www.microsoft.com/en-us/wdsi/filesubmission and select "Submit file as a ... Software developer" option.

False positive contacts for other vendors can be found at https://docs.virustotal.com/docs/false-positive-contacts. Not all of them may be up to date, so check the links below first. Previously we successfully used the following contacts:

Dealing with failed releases

Once you make a GitHub release, CI will try to build and publish PyPI and npm packages. If this fails for some reason, do not modify the failed tag, do not delete it and do not force-push to the main branch. Fix the build process and tag a new release instead.