diff --git a/RELEASE.md b/RELEASE.md index 5fd6469..af45b15 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -13,14 +13,6 @@ Before making a release, all of these should be complete: - [ ] CHANGELOG.md should be updated to include a list of all major changes since the last release - [ ] There must be a PGP-signed git tag for the version, e.g. for dangerzone 0.1.0, the tag must be `v0.1.0` -> [!IMPORTANT] -> Because we don't have [reproducible builds](https://github.com/freedomofpress/dangerzone/issues/188) -> yet, building the Dangerzone container image in various platforms would lead -> to different container image IDs / hashes, due to different timestamps. To -> avoid this issue, we should build the final container image for x86_64 -> architectures on **one** platform, and then copy it to the rest of the -> platforms, before creating our .deb / .rpm / .msi / app bundles. - ## Large Document Testing Parallel to the QA process, the release candidate should be put through the large document tests in a dedicated machine to run overnight. @@ -214,6 +206,14 @@ dangerzone.rocks/dangerzone latest [!IMPORTANT] +> Because we don't have [reproducible builds](https://github.com/freedomofpress/dangerzone/issues/188) +> yet, building the Dangerzone container image in various platforms would lead +> to different container image IDs / hashes, due to different timestamps. To +> avoid this issue, we should build the final container image for x86_64 +> architectures on **one** platform, and then copy it to the rest of the +> platforms, before creating our .deb / .rpm / .msi / app bundles. + ### macOS Release #### First Time Signing Machine Setup