Commit 047f8c7c authored by iwakeh's avatar iwakeh Committed by Karsten Loesing
Browse files

Rename jar files and release tarball.

parent 0d4898df
......@@ -2,8 +2,8 @@ classes/
cobertura.ser
generated/
lib/
descriptor-*.jar
descriptor-*.tar.gz
metrics-lib-*.jar
metrics-lib-*.tar.gz
.classpath
.project
build.properties
......
......@@ -7,6 +7,7 @@
* Minor changes
- Replace custom ImplementationNotAccessibleException thrown by
DescriptorSourceFactory with generic RuntimeException.
- Rename jar files and release tarball to start with "metrics-lib".
# Changes in version 1.9.0 - 2017-06-21
......
......@@ -219,7 +219,7 @@ Sign the produced tarball using GnuPG:
```
gpg --detach-sign --armor --local-user 0x4EFD4FDC3F46D41E \
descriptor-1.0.0.tar.gz
metrics-lib-2.0.0.tar.gz
```
Verify the signed tarball, ideally on a different system, as described in
......@@ -228,20 +228,20 @@ Verify the signed tarball, ideally on a different system, as described in
Create a signed Git tag for the new release:
```
git tag -s descriptor-1.0.0 -m "DescripTor 1.0.0"
git tag -s metrics-lib-2.0.0 -m "Tor Metrics Library 2.0.0"
```
Push the branch. Ideally, verify the tag signature by cloning it on
another system and running the following command:
```
git verify-tag descriptor-1.0.0
git verify-tag metrics-lib-2.0.0
```
Upload the tarball and signature file and announce the new version.
Edit `build.xml` again and raise `release.version` to the current release
plus `-dev`, e.g., `1.0.0-dev`.
plus `-dev`, e.g., `2.0.0-dev`.
Development
-----------
......
......@@ -43,14 +43,17 @@ verification process by example.
Download the release tarball and the separate signature file:
```
wget https://dist.torproject.org/descriptor/1.0.0/descriptor-1.0.0.tar.gz
wget https://dist.torproject.org/descriptor/1.0.0/descriptor-1.0.0.tar.gz.asc
wget https://dist.torproject.org/metrics-lib/2.0.0/metrics-lib-2.0.0.tar.gz
wget https://dist.torproject.org/metrics-lib/2.0.0/metrics-lib-2.0.0.tar.gz.asc
```
(Note that earlier tarballs were named descriptor-VERSION.tar.gz and could
be found in https://dist.torproject.org/descriptor/.)
Attempt to verify the signature on the tarball:
```
gpg --verify descriptor-1.0.0.tar.gz.asc
gpg --verify metrics-lib-2.0.0.tar.gz.asc
```
If the signature cannot be verified due to the public key of the signer
......@@ -59,7 +62,7 @@ servers and retry:
```
gpg --keyserver pgp.mit.edu --recv-key 0x4EFD4FDC3F46D41E
gpg --verify descriptor-1.0.0.tar.gz.asc
gpg --verify metrics-lib-2.0.0.tar.gz.asc
```
If the signature still cannot be verified, something is wrong!
......@@ -85,8 +88,8 @@ Verify the signatures on the contained .jar files using Java's jarsigner
tool:
```
jarsigner -verify descriptor-1.0.0.jar
jarsigner -verify descriptor-1.0.0-sources.jar
jarsigner -verify metrics-lib-2.0.0.jar
jarsigner -verify metrics-lib-2.0.0-sources.jar
```
......
......@@ -4,13 +4,13 @@
<!ENTITY base SYSTEM "src/build/java/base.xml">
]>
<project default="usage" name="descriptor" basedir=".">
<project default="usage" name="metrics-lib" basedir=".">
<property name="release.version" value="1.9.0-dev" />
<property name="javadoc-title" value="Tor Metrics Library API Documentation"/>
<property name="javadoc-excludes" value="**/impl/** **/index/**" />
<property name="implementation-title" value="Tor Metrics Library" />
<property name="name" value="descriptor" />
<property name="name" value="metrics-lib" />
<property name="jarpatternprop" value="empty" />
<patternset id="runtime" >
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment