Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backdrop 1.29.2 Release checklist #6757

Open
28 of 36 tasks
quicksketch opened this issue Nov 20, 2024 · 10 comments
Open
28 of 36 tasks

Backdrop 1.29.2 Release checklist #6757

quicksketch opened this issue Nov 20, 2024 · 10 comments
Milestone

Comments

@quicksketch
Copy link
Member

quicksketch commented Nov 20, 2024

Release scheduled for November 20, 2024 10am - 4pm PT

Pre-release tasks

  • Merge commits (@quicksketch)
  • Create the next bugfix milestone (@quicksketch)
  • Move all unfinished issues to the next bugfix release milestone (@quicksketch)
  • Review all closed issues in milestone: (@jenlampton)
    • Issue titles should include a complete, but very brief summary of the problem.
    • Issue titles should be in complete sentences, ending with a period.
    • Bug issue titles should start with Fix or Fixed,
    • New feature issue titles should start with Add or Added.
    • Each issue should have accurate labels, especially the "type - " labels.
  • Close the milestone (@quicksketch)
  • Draft Release notes (@quicksketch)
    • Include a short, descriptive summary of the release, for example:
      • "Security release for Backdrop CMS. This release fixes 1 security vulnerability:"
      • Include a list of SA's for commits to this release
    • Include a section heading **Notes for updating**
      • Note if any changes were made to files outside the core directory, for example:
        • - No changes have been made to the `.htaccess`, `robots.txt` or default `settings.php` files in this release. Updating customized versions of those files is not necessary.
        • See this example for updates to .htaccess
        • See this example or this example for updates to settings.php
      • Note if updates (update.php) needs to be run, for example:
        • Use the text The database update script does **not** need to be run.
        • or **It will be necessary to run the update script** (located at /core/update.php) for this release.
        • Note: you can use this command to see if any install files were changed:
          ls -1 core/modules/*/*.install | while read filename; do echo "$(git log -1 --pretty="format:%ad %f" --date=format:"%F %R" -- $filename)" $filename; done|sort
    • Include a section heading **Changes since version 1.xx.x** are listed below.
      • Navigate to Actions
      • Select the most recent time "Release Notes Generator" has been run.
      • Download the release-notes artifact attached to the generator.
      • Unzip the file, and copy/pate contents into release notes draft.
      • Remove any square brackets in the titles, and move those issues to their own section.
  • Draft Security Advisories (@jenlampton)

Release tasks

  • Update bootstrap.inc with version number (@quicksketch)
  • Tag for release, and push tag to GitHub (@quicksketch)
  • Revert version number back (@quicksketch)
  • Create release notes on GitHub, and publish release (@quicksketch)
  • Publish Security Advisories on b.org (@jenlampton)
  • Mark the release node on b.org as a security release (@quicksketch)
  • Request a CVE - (@jenlampton)
  • Update the front page download link on b.org (@jenlampton)
  • Tweet that a new release is out (@stpaultim)
    • Use text like "There is a security release out for #BackdropCMS today, please update when you can. Backdrop core - Critical - Third-party libraries - BACKDROP-SA-CORE-2021-001"

Immediate Post-release tasks

Backdrop's Website updates

See Also

@quicksketch
Copy link
Member Author

quicksketch commented Nov 20, 2024

Release notes draft:


Security release for Backdrop CMS. This release fixes 2 security vulnerabilities:

Notes for updating

  • No changes have been made to the .htaccess, robots.txt or default settings.php files in this release. Updating customized versions of those files is not necessary.
  • It is not necessary to run the update script (located at /core/update.php) for this release.

Changes since 1.29.1

This release contains the additional bug fixes and changes:

Bug fixes

  • Content on 404, 403 are not within a semantic element. #6755
  • Translated content doesn't get aliased path in views path #6746
  • Translated content doesn't get aliased path in views title #6745
  • Admin bar not hamburgerized on some pages on mobile #6738
  • function Layout::addBlock position not working properly #6732
  • The page to import translation does not import the translation of strings like <none> #6625
  • Catch thrown exceptions in image_add_svg_attributes() #6613
  • PHP Notice in layout_context_required_by_path() when adding a layout that triggers the dashboard context #4077
  • Importing fields onto a taxonomy vocabulary config does not validate correctly (throws PHP warnings) #2237
  • Documentation for EntityInterface::uri() incorrectly states that NULL should be returned if entity has no URI. #6749

Miscellaneous changes

  • Track Update module usage in Telemetry #6725

@quicksketch
Copy link
Member Author

@jenlampton
Copy link
Member

Release notes look great now!

@argiepiano
Copy link

This link is giving an Access Denied: BACKDROP-SA-CORE-2024-002

@quicksketch
Copy link
Member Author

@argiepiano Yep, we're still putting the announcement together, it will be ready in 5-10 minutes.

@jenlampton
Copy link
Member

The SA is not published until the release goes out :)

@jenlampton
Copy link
Member

All releases are out 🎉

@quicksketch
Copy link
Member Author

I went ahead and updated the Demo Sandboxes since I believe @klonos is traveling.

@laryn
Copy link
Contributor

laryn commented Nov 21, 2024

I've updated the Pantheon upstream.

@jenlampton
Copy link
Member

jenlampton commented Nov 26, 2024

CVE has been requested.
CVE Request 1777744 for CVE ID Request

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants