diff options
| author | Sarah Boyce <42296566+sarahboyce@users.noreply.github.com> | 2026-05-06 12:47:26 +0200 |
|---|---|---|
| committer | Jacob Walls <jacobtylerwalls@gmail.com> | 2026-05-07 11:41:40 -0400 |
| commit | 0c05b1b09f67838af63a3e99655a83f9a65e4e82 (patch) | |
| tree | 47b7f17fdc161006b1b31161302767f5cf90ddb9 | |
| parent | 76a59c9e8c7f3e5128d1174696fa402ef58931b4 (diff) | |
[checklists] Minor corrections to security checklist bullets.
5 files changed, 8 insertions, 10 deletions
diff --git a/checklists/templates/checklists/_build_release_binaries.md b/checklists/templates/checklists/_build_release_binaries.md index 924e721e..16a86fb4 100644 --- a/checklists/templates/checklists/_build_release_binaries.md +++ b/checklists/templates/checklists/_build_release_binaries.md @@ -8,7 +8,7 @@ - [ ] Enable the venv dedicated to build releases: - `source ~/.venvs/djangorelease/bin/activate` -- [ ] Run release script from `scripts` folder: +- [ ] Run release script `scripts/do_django_release.py`: - `PGP_KEY_ID={{ releaser.key_id }} PGP_KEY_URL={{ releaser.key_url }} DEST_FOLDER=../releases scripts/do_django_release.py` - [ ] Execute ALL commands except for those to upload to Django admin and upload to PyPI, including: @@ -16,6 +16,8 @@ - `git tag --sign --message="Tag {{ release.version }}" {{ release.version }}` - `git tag --verify {{ release.version }}`{% if not release.is_pre_release %} +- [ ] Save the "15 minutes before" commands from the release script for later. + - [ ] BUMP **MINOR VERSION** in `django/__init__.py` - `VERSION = {{ release|next_version_tuple|format_version_tuple|safe }}` - `git commit -a -m '{{ release.commit_prefix }} Post-release version bump.'`{% endif %} diff --git a/checklists/templates/checklists/_make_release_public.md b/checklists/templates/checklists/_make_release_public.md index aa92d943..97c09571 100644 --- a/checklists/templates/checklists/_make_release_public.md +++ b/checklists/templates/checklists/_make_release_public.md @@ -8,11 +8,8 @@ - Save - Check at: https://www.djangoproject.com/admin/releases/release/{{ release }}/change/ -- [ ] Test the release locally with script from `scripts` folder: - - `VERSION={{ release }} scripts/test_new_version.sh` - -- [ ] Confirm the release signature with script from `scripts` folder: - - `VERSION={{ release }} scripts/confirm_release.sh` +- [ ] Test the release locally and confirm the release signature by running `scripts/verify_release.sh`: + - `VERSION={{ release }} scripts/verify_release.sh` - [ ] Upload to PyPI with Twine (use commands printed by release script) - `cd ../releases/{{ release }}` diff --git a/checklists/templates/checklists/release-security-skeleton.md b/checklists/templates/checklists/release-security-skeleton.md index 8fa4a0d3..a295b159 100644 --- a/checklists/templates/checklists/release-security-skeleton.md +++ b/checklists/templates/checklists/release-security-skeleton.md @@ -102,7 +102,7 @@ https://docs.djangoproject.com/en/dev/internals/security/#security-issue-severit ## Release Day -- [ ] Update security report and update patches for `main` and stable branches +- [ ] Update patches for `main` and stable branches - [ ] Empty push to private GH so actions are (re)run diff --git a/checklists/templates/checklists/release_security_blogpost.md b/checklists/templates/checklists/release_security_blogpost.md index ab397e94..78ed1c21 100644 --- a/checklists/templates/checklists/release_security_blogpost.md +++ b/checklists/templates/checklists/release_security_blogpost.md @@ -1,6 +1,6 @@ {% load checklist_extras %} In accordance with [our security release policy](https://docs.djangoproject.com/en/dev/internals/security/), -the Django team is issuing relases for +the Django team is issuing releases for {{ versions|format_versions_for_blogpost|safe|wordwrap:79 }}. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible. diff --git a/checklists/tests/test_models.py b/checklists/tests/test_models.py index 90fd719d..73ad4851 100644 --- a/checklists/tests/test_models.py +++ b/checklists/tests/test_models.py @@ -78,8 +78,7 @@ class BaseChecklistTestCaseMixin: "- Is active: False", f"- LTS: {release.is_lts}", f"- Release date: {release.date.isoformat()}", - f"- `VERSION={version} scripts/test_new_version.sh`", - f"- `VERSION={version} scripts/confirm_release.sh`", + f"- `VERSION={version} scripts/verify_release.sh`", "- `twine upload --repository django dist/*`", '- [ ] Mark the release as "active" in\n ' f"https://www.djangoproject.com/admin/releases/release/{version}/change/", |