From 39e1d8b91f61f7d94f3e67b75330d1483c382047 Mon Sep 17 00:00:00 2001 From: Jean-Marie Burel Date: Mon, 19 Aug 2024 10:40:05 +0100 Subject: [PATCH] add cve --- docs/omero-release-process.rst | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/omero-release-process.rst b/docs/omero-release-process.rst index a8ee762..4b56daf 100644 --- a/docs/omero-release-process.rst +++ b/docs/omero-release-process.rst @@ -14,7 +14,9 @@ The release process uses GitHub actions, make sure that the actions are active b Register CVE ^^^^^^^^^^^^ -To be added +As soon as a CVE is identified, create a security advisory on `GitHub `_. +The work to fix the CVE will be done using the private copy of `ome/openmicroscopy `_ and the private copies of the Java components. +The release process needs to eb adjusted in that case. Release process ^^^^^^^^^^^^^^^ @@ -22,11 +24,16 @@ Release process Source code release ------------------- -To make a new release: +To make a new public release: - Merge all contributions on the ``develop`` branch. - Ensure that all the dependencies have been bumped via the `update `_ GitHub action which is run hourly. The action will open a Pull Request that updates the `omero.properties `_ file. Merge the Pull Request. You can also execute locally the script `update_dependencies.sh `_ manually if you wish. - Add an entry to `history.rst `_. + To make a private release: + - Squash all the commits + - Ensure that all the dependencies have been bumped using the script :file:update_dependencies.sh + - Add an entry to :file:history.rst + After committing the changes, a signed tag must be created for the released version using :command:`git tag -s`::