-
Notifications
You must be signed in to change notification settings - Fork 56
Release Instructions and Checklist
Erik Jaegervall (Jägervall) edited this page Nov 15, 2024
·
3 revisions
Unless otherwise specified vss-tools follows the VSS release instruction.
There can be benefits in updating dependencies before each release, some tasks to do:
- Check (detailed) output for GitHub Actions - are there any warnings concerning deprecated functionality (like using an old Node.js)
- As a committer, check the security tab if there are any reported vulnerabilities
We have two files specifying dependencies, pyproject.toml and uv.lock. The latter is generated from the first. If there is a vulnerability in one of our dependencies a lazy approach is:
- First update the lock file by
uv lock -U, if the vulnerability comes from an indirect dependency or is fixed in a patch on the version we use updating the lock file might be sufficient. - If that did not help, do necessary changes in
pyproject.tomland try updating the lock file again.
Remember to update PyPI package
Historically VSS and VSS-tools have followed/used the same version numbers and been released/tagged at the same time, but that may change in the future, i.e. it is not certain that VSS X.Y will be compatible with VSS-tools version X.Y