From 8571b3551c6bbb032503c7c301c13d3d961923b5 Mon Sep 17 00:00:00 2001 From: Ebrahim Byagowi Date: Sat, 6 Jun 2020 20:16:50 +0430 Subject: [PATCH] [releasing] Remove tar signing procedure https://github.com/harfbuzz/harfbuzz/issues/2449#issuecomment-639898473 --- Makefile.am | 11 ----------- RELEASING.md | 6 ++---- 2 files changed, 2 insertions(+), 15 deletions(-) diff --git a/Makefile.am b/Makefile.am index 4a2a8c8eb..766b2cca4 100644 --- a/Makefile.am +++ b/Makefile.am @@ -81,15 +81,4 @@ dist-hook: dist-clear-sticky-bits dist-clear-sticky-bits: chmod -R a-s $(distdir) -tar_file = $(PACKAGE_TARNAME)-$(VERSION).tar.xz -sha256_file = $(tar_file).sha256 -gpg_file = $(sha256_file).asc -$(sha256_file): $(tar_file) - sha256sum $^ > $@ -$(gpg_file): $(sha256_file) - @echo "Please enter your GPG password to sign the checksum." - gpg --armor --sign $^ - -release-files: $(tar_file) $(sha256_file) $(gpg_file) - -include $(top_srcdir)/git.mk diff --git a/RELEASING.md b/RELEASING.md index a26350b36..e28d5d195 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -37,12 +37,10 @@ HarfBuzz release walk-through checklist: as well as any REPLACEME changes you made. The commit message is simply the release number. Eg. "1.4.7" -8. "make dist" again to get a tarball with your new commit in the ChangeLog. Then - "make release-files". Enter your GPG password. This creates a sha256 hash - and signs it. Check the size of the three resulting files. +8. "make dist" again to get a tarball with your new commit in the ChangeLog. 9. Tag the release and sign it: Eg. "git tag -s 1.4.7 -m 1.4.7". Enter your - GPG password again. + GPG password. 10. Build win32 bundle. See [README.mingw.md](README.mingw.md).