From: drakenclimber Date: Thu, 24 Mar 2022 13:53:29 +0000 (+0000) Subject: deploy: ebb44706fe81b20c6eb863337ac3f81124a14ce8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2f24fec32fa453bee7594c9caa6f6d1309d54e15;p=thirdparty%2Flibcgroup.git deploy: ebb44706fe81b20c6eb863337ac3f81124a14ce8 --- diff --git a/dir_bad69804d7d66cc6351273e8c931723c.html b/dir_bad69804d7d66cc6351273e8c931723c.html new file mode 100644 index 00000000..010db36e --- /dev/null +++ b/dir_bad69804d7d66cc6351273e8c931723c.html @@ -0,0 +1,78 @@ + + + + + + + +libcgroup: doc/internal Directory Reference + + + + + + + + + +
+
+ + + + + + +
+
libcgroup +
+
+
+ + + + + + + + +
+
+ + +
+ +
+ + +
+
+
internal Directory Reference
+
+
+
+ +
+Generated by doxygen 1.9.3 +
+ + diff --git a/dir_e68e8157741866f444e17edd764ebbae.html b/dir_e68e8157741866f444e17edd764ebbae.html new file mode 100644 index 00000000..4d00f1be --- /dev/null +++ b/dir_e68e8157741866f444e17edd764ebbae.html @@ -0,0 +1,78 @@ + + + + + + + +libcgroup: doc Directory Reference + + + + + + + + + +
+
+ + + + + + +
+
libcgroup +
+
+
+ + + + + + + + +
+
+ + +
+ +
+ + +
+
+
doc Directory Reference
+
+
+
+ +
+Generated by doxygen 1.9.3 +
+ + diff --git a/md_SECURITY.html b/md_SECURITY.html index 5d352c48..a1dc8555 100644 --- a/md_SECURITY.html +++ b/md_SECURITY.html @@ -67,17 +67,17 @@ $(function() {

https://github.com/libcgroup/libcgroup

This document describes the processes through which sensitive security relevant bugs can be responsibly disclosed to the libcgroup project and how the project maintainers should handle these reports. Just like the other libcgroup process documents, this document should be treated as a guiding document and not a hard, unyielding set of regulations; the bug reporters and project maintainers are encouraged to work together to address the issues as best they can, in a manner which works best for all parties involved.

-

+

Reporting Problems

Problems with the libcgroup library that are not suitable for immediate public disclosure should be emailed to the current libcgroup maintainers; see below. We typically request at most a 90 day time period to address the issue before it is made public, but we will make every effort to address the issue as quickly as possible and shorten the disclosure window.

-

+

Resolving Sensitive Security Issues

Upon disclosure of a bug, the maintainers should work together to investigate the problem and decide on a solution. In order to prevent an early disclosure of the problem, those working on the solution should do so privately and outside of the traditional libcgroup development practices. One possible solution to this is to leverage the GitHub "Security" functionality to create a private development fork that can be shared among the maintainers, and optionally the reporter. A placeholder GitHub issue may be created, but details should remain extremely limited until such time as the problem has been fixed and responsibly disclosed. If a CVE, or other tag, has been assigned to the problem, the GitHub issue title should include the vulnerability tag once the problem has been disclosed.

-

+

Public Disclosure

Whenever possible, responsible reporting and patching practices should be followed, including notification to the linux-distros and oss-security mailing lists.

    diff --git a/md_doc_internal_release_github.html b/md_doc_internal_release_github.html new file mode 100644 index 00000000..e59e0444 --- /dev/null +++ b/md_doc_internal_release_github.html @@ -0,0 +1,142 @@ + + + + + + + +libcgroup: The libcgroup Release Process + + + + + + + + + +
    +
    + + + + + + +
    +
    libcgroup +
    +
    +
    + + + + + + + + +
    +
    + + +
    + +
    + +
    +
    +
    The libcgroup Release Process
    +
    +
    +

    https://github.com/libcgroup/libcgroup

    +

    This is the process that should be followed when creating a new libcgroup release.

    +

    +1. Verify that all issues assigned to the release milestone have been resolved

    + +

    +2. Verify that the Github Actions are all passing

    +

    +3. Verify that the bundled test suite runs without error

    +
    # ./bootstrap.sh
+# make check
+

    +4. Verify that the packaging is correct

    +
    # make distcheck
+

    +5. Perform any distribution test builds

    +
      +
    • Oracle Linux
      • +
    • Fedora Rawhide
      • +
    • Red Hat Enterprise Linux
      • +
    • etc.
      • +
    +

    +6. If any problems were found up to this point that resulted in code changes, restart the process

    +

    +7. If this is a new major/minor release, create new 'release-X.Y' branch

    +
    # git branch "release-X.Y"
+

    +8. Update the version number in configure.ac AC_INIT(...) macro

    +

    +9. Tag the release in the local repository with a signed tag

    +
    # git tag -s -m "version X.Y.Z" vX.Y.Z
+

    +10. Build final release tarball

    +
    # make clean
+# ./bootstrap.sh
+# make dist-gzip
+

    +11. Verify the release tarball in a separate directory

    +
    <unpack the release tarball in a temporary directory>
+# ./configure --sysconfdir=/etc --localstatedir=/var \
+--enable-opaque-hierarchy="name=systemd" --enable-python
+# make check
+

    +12. Generate a checksum for the release tarball

    +
    # sha256sum <tarball> > libcgroup-X.Y.Z.tar.gz.SHA256SUM
+

    +13. GPG sign the release tarball and checksum using the maintainer's key

    +
    # gpg --armor --detach-sign libcgroup-X.Y.Z.tar.gz
+# gpg --clearsign libcgroup-X.Y.Z.tar.gz.SHA256SUM
+

    +14. Push the release tag to the main GitHub repository

    +
    # git push <repo> vX.Y.Z
+

    +15. Create a new GitHub release using the associated tag and upload the following files

    +
      +
    • libcgroup-X.Y.Z.tar.gz
      • +
    • libcgroup-X.Y.Z.tar.gz.asc
      • +
    • libcgroup-X.Y.Z.tar.gz.SHA256SUM
      • +
    • libcgroup-X.Y.Z.tar.gz.SHA256SUM.asc
      • +
    +

    +16. Update the GitHub release notes for older releases which are now unsupported

    +

    The following Markdown text is suggested at the top of the release note, see old GitHub releases for examples.

    +
    ***This release is no longer supported upstream, please use a more recent release***
    +
    +
    + +
    +Generated by doxygen 1.9.3 +
    + + diff --git a/pages.html b/pages.html index acbeaf31..16381aec 100644 --- a/pages.html +++ b/pages.html @@ -68,9 +68,10 @@ $(function() {
    Here is a list of all related documentation pages:
    - - - + + + +
     How to Contribute to the libcgroup Project
     README
     The libcgroup Security Vulnerability Handling Process
     Todo List
     The libcgroup Release Process
     README
     The libcgroup Security Vulnerability Handling Process
     Todo List
diff --git a/search/all_12.js b/search/all_12.js index 6128592e..3d06754f 100644 --- a/search/all_12.js +++ b/search/all_12.js @@ -1,6 +1,7 @@ var searchData= [ - ['the_20libcgroup_20security_20vulnerability_20handling_20process_0',['The libcgroup Security Vulnerability Handling Process',['../md_SECURITY.html',1,'']]], - ['todo_20list_1',['Todo List',['../todo.html',1,'']]], - ['type_2',['type',['../structcgroup__file__info.html#a955506601f440d05cb11e4ee6b455c55',1,'cgroup_file_info']]] + ['the_20libcgroup_20release_20process_0',['The libcgroup Release Process',['../md_doc_internal_release_github.html',1,'']]], + ['the_20libcgroup_20security_20vulnerability_20handling_20process_1',['The libcgroup Security Vulnerability Handling Process',['../md_SECURITY.html',1,'']]], + ['todo_20list_2',['Todo List',['../todo.html',1,'']]], + ['type_3',['type',['../structcgroup__file__info.html#a955506601f440d05cb11e4ee6b455c55',1,'cgroup_file_info']]] ]; diff --git a/search/pages_3.js b/search/pages_3.js index 09110e1a..4143b6d9 100644 --- a/search/pages_3.js +++ b/search/pages_3.js @@ -1,5 +1,6 @@ var searchData= [ - ['the_20libcgroup_20security_20vulnerability_20handling_20process_0',['The libcgroup Security Vulnerability Handling Process',['../md_SECURITY.html',1,'']]], - ['todo_20list_1',['Todo List',['../todo.html',1,'']]] + ['the_20libcgroup_20release_20process_0',['The libcgroup Release Process',['../md_doc_internal_release_github.html',1,'']]], + ['the_20libcgroup_20security_20vulnerability_20handling_20process_1',['The libcgroup Security Vulnerability Handling Process',['../md_SECURITY.html',1,'']]], + ['todo_20list_2',['Todo List',['../todo.html',1,'']]] ];