Release securedrop-client 0.10.2
Closed this issue · 2 comments
This issue tracks the SecureDrop Client release 0.10.2. It will be organized by:
This will be a hotfix release based on 0.10.1, including the following changes:
- Update signing key for Qubes 4.1 (bullseye), with same expiry as #2035
To reduce testing overhead, the securedrop-keyring package may be released independently, leaving other deployed securedrop-client packages at 0.10.1.
SecureDrop maintainers and testers: As you QA this release, please report back your testing results as comments on this ticket. File GitHub issues for any problems found, tag them "QA: Release", and associate them with the release milestone for tracking (or ask a maintainer to do so).
Test plan
See freedomofpress/securedrop-workstation#1057
Release tasks
- Check if there are any security bug fixes waiting to be pulled into the RC
- Check if there are any translations:
- pending merge into
main - pending inclusion as a supported language in
MANIFEST.in
- pending merge into
- Update changelog
- Create test plan
- Refresh nightlies
- Begin formal QA using nightlies; refresh nightlies as needed
- Build production package in standard build environment
- Sign production package
- Perform final pre-flight testing using apt-qa.freedom.press
- Localization: In a dispVM, change your locale (e.g.:
export LANG=es_ES.utf-8; dpkg-reconfigure locales), run the Client, and confirm that the application is translated.
- Localization: In a dispVM, change your locale (e.g.:
- Publish production package
- Publicize release via support channels
Testing will be in conjunction with freedomofpress/securedrop-workstation#1057, see test plan in that ticket
Closed by https://github.com/freedomofpress/securedrop-apt-prod/pull/140, comms have gone out