Git Mailing List Archive on lore.kernel.org
 help / color / Atom feed
From: "Robin H. Johnson" <robbat2@gentoo.org>
To: Git Mailing List <git@vger.kernel.org>
Subject: Re: [PATCH v2 2/2] Document how we do embargoed releases - improving mail template
Date: Tue, 20 Apr 2021 22:45:32 +0000
Message-ID: <robbat2-20210420T223619-939869983Z@orbis-terrarum.net> (raw)
In-Reply-To: <xmqq5z0g4oc9.fsf@gitster.g>


[-- Attachment #1: Type: text/plain, Size: 1810 bytes --]

On Tue, Apr 20, 2021 at 02:51:02PM -0700, Junio C Hamano wrote:
> "Robin H. Johnson" <robbat2@gentoo.org> writes:
> > As one of the Gentoo maintainer for Git, I was wondering if the
> > embargoed-releases process could be tweaked slightly.
> >
> > Specifically, in the embargo email, could you please publishing the
> > exact size & digests of the to-be-released tarballs, esp. the htmldocs &
> > manpages tarballs.
> 
> HTMLdocs and Manpages are as far as I am concerned part of SOURCES.
> 
> They are generated from the true sources, I do not give signed tags
> to them, and as a source-based distribution, Gentoo shouldn't
> consider them as such, either.  When release tags are signed, their
> sizes or digests are simply unavailable, since they have not even
> been generated yet (I tag the releases, run make in the tagged
> release tarball extract and that is what is tarred up as HTMLdocs
> and or Manpages).
I didn't say that those tarballs were tagged independently, as your mail
seems to imply.

As part of the embargo process, you're sending the tags out already.
All 3 tarballs are artifacts derived from those tags, directly or
indirectly, and you presumably have the same process to generate the
final tarballs if the tags are embargoed or not. I'm just asking that
the final tarballs are generated when the tags are, and the sizes &
digests of the tarballs are shared in the embargo email.

Alternatively, publish byte-exact reproduction steps from the tags to
the tarballs, so that we can generate them locally for co-ordinated
release.

-- 
Robin Hugh Johnson
Gentoo Linux: Dev, Infra Lead, Foundation Treasurer
E-Mail   : robbat2@gentoo.org
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 1113 bytes --]

  reply index

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-26 22:12 [PATCH 0/2] Describe Git's security policy Johannes Schindelin via GitGitGadget
2021-03-26 22:12 ` [PATCH 1/2] SECURITY: describe how to report vulnerabilities Johannes Schindelin via GitGitGadget
2021-03-27  0:00   ` Denton Liu
2021-03-29 13:37     ` Johannes Schindelin
2021-03-27  6:34   ` Bagas Sanjaya
2021-03-29 13:41     ` Johannes Schindelin
2021-03-26 22:12 ` [PATCH 2/2] Document how we do embargoed releases Johannes Schindelin via GitGitGadget
2021-03-29 13:43 ` [PATCH v2 0/2] Describe Git's security policy Johannes Schindelin via GitGitGadget
2021-03-29 13:43   ` [PATCH v2 1/2] SECURITY: describe how to report vulnerabilities Johannes Schindelin via GitGitGadget
2021-03-29 13:43   ` [PATCH v2 2/2] Document how we do embargoed releases Johannes Schindelin via GitGitGadget
2021-04-20 19:50     ` [PATCH v2 2/2] Document how we do embargoed releases - improving mail template Robin H. Johnson
2021-04-20 21:51       ` Junio C Hamano
2021-04-20 22:45         ` Robin H. Johnson [this message]
2021-04-20 23:34           ` Junio C Hamano
2021-04-20 23:31         ` Junio C Hamano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=robbat2-20210420T223619-939869983Z@orbis-terrarum.net \
    --to=robbat2@gentoo.org \
    --cc=git@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Git Mailing List Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/git/0 git/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 git git/ https://lore.kernel.org/git \
		git@vger.kernel.org
	public-inbox-index git

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.git


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git