Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(NODE-6157): add signature to github releases #4119

Merged
merged 9 commits into from
Jun 3, 2024
Merged

feat(NODE-6157): add signature to github releases #4119

merged 9 commits into from
Jun 3, 2024

Conversation

aditi-khare-mongoDB
Copy link
Contributor

@aditi-khare-mongoDB aditi-khare-mongoDB commented May 23, 2024
edited
Loading

Description

Sign releases in both 5.x and 6.x

What is changing?

Automate release signing with a detached signature and verification instructions in the README.
Link to an example of release signatures working with v2 (if you check the artifact link at the end of the compress_sign step, you can see the signature)

Is there new documentation needed for these changes?

No

What is the motivation for this change?

SSDLC Compliance

Release Highlight

Add Signature to Github Releases

The Github release for the mongodb package now contains a detached signature file for the NPM package (named
mongodb-X.Y.Z.tgz.sig), on every major and patch release to 6.x and 5.x. To verify the signature, follow the instructions in the 'Release Integrity' section of the README.md file.

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@aditi-khare-mongoDB aditi-khare-mongoDB marked this pull request as ready for review May 23, 2024 21:48
@aditi-khare-mongoDB aditi-khare-mongoDB changed the title feat(NODE-5167): Sign Releases feat(NODE-6157): Sign Releases May 24, 2024
@W-A-James W-A-James self-assigned this May 24, 2024
@W-A-James W-A-James added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label May 24, 2024
@aditi-khare-mongoDB aditi-khare-mongoDB force-pushed the NODE-5167/sign-releases branch from a542691 to eb72e4f Compare May 28, 2024 18:29
@aditi-khare-mongoDB aditi-khare-mongoDB changed the title feat(NODE-6157): Sign Releases feat(NODE-6157): Add Signature to Github Releases May 28, 2024
@aditi-khare-mongoDB aditi-khare-mongoDB changed the title feat(NODE-6157): Add Signature to Github Releases feat(NODE-6157): add signature to github releases May 28, 2024
W-A-James
W-A-James previously approved these changes May 29, 2024
View reviewed changes
@W-A-James W-A-James added Team Review Needs review from team Primary Review In Review with primary reviewer, not yet ready for team's eyes and removed Primary Review In Review with primary reviewer, not yet ready for team's eyes Team Review Needs review from team labels May 29, 2024
@W-A-James W-A-James dismissed their stale review May 29, 2024 19:27

outdated, pending other fixes

@aditi-khare-mongoDB aditi-khare-mongoDB force-pushed the NODE-5167/sign-releases branch from da50b67 to 02e1f27 Compare May 29, 2024 21:27
W-A-James
W-A-James previously approved these changes May 31, 2024
View reviewed changes
@W-A-James W-A-James added Team Review Needs review from team and removed Primary Review In Review with primary reviewer, not yet ready for team's eyes labels May 31, 2024
@skanda890 skanda890 mentioned this pull request Sep 29, 2024
Merged
@mkusztal mkusztal mentioned this pull request Sep 29, 2024
Open
This was referenced Oct 1, 2024
Closed
Closed
Closed
@aravindbuilt aravindbuilt mentioned this pull request Oct 4, 2024
Closed
@akanchhaS akanchhaS mentioned this pull request Oct 4, 2024
Open
@MohammadGhajari MohammadGhajari mentioned this pull request Oct 4, 2024
Open
@NotZarifGithub NotZarifGithub mentioned this pull request Oct 4, 2024
Open
@lryanle lryanle mentioned this pull request Oct 4, 2024
Open
@lydmoon lydmoon mentioned this pull request Oct 4, 2024
Open
@arenault-pass arenault-pass mentioned this pull request Oct 4, 2024
Closed
@issam-seghir issam-seghir mentioned this pull request Oct 4, 2024
Open
@visrut-at-incubyte visrut-at-incubyte mentioned this pull request Oct 4, 2024
Open
@IzzyDotExe IzzyDotExe mentioned this pull request Oct 4, 2024
Merged
@ranjith221132 ranjith221132 mentioned this pull request Oct 5, 2024
Open
@arenault-pass arenault-pass mentioned this pull request Oct 5, 2024
Closed
@mkusztal mkusztal mentioned this pull request Oct 5, 2024
Open
@arenault-pass arenault-pass mentioned this pull request Oct 6, 2024
Closed
@ranjith221132 ranjith221132 mentioned this pull request Oct 25, 2024
Open
@Abhishekh669 Abhishekh669 mentioned this pull request Oct 25, 2024
Open
@aliakseikrauchanka aliakseikrauchanka mentioned this pull request Oct 25, 2024
Open
@parseplatformorg parseplatformorg mentioned this pull request Oct 26, 2024
Closed
@Xcaciv Xcaciv mentioned this pull request Oct 26, 2024
Open
@MohammadGhajari MohammadGhajari mentioned this pull request Oct 28, 2024
Open
@lydmoon lydmoon mentioned this pull request Oct 28, 2024
Open
@xeni09 xeni09 mentioned this pull request Oct 28, 2024
Merged
@abaum65 abaum65 mentioned this pull request Oct 29, 2024
Open
@prosenjit07 prosenjit07 mentioned this pull request Nov 8, 2024
Open
@parseplatformorg parseplatformorg mentioned this pull request Nov 9, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@baileympearson baileympearson baileympearson approved these changes

@W-A-James W-A-James W-A-James approved these changes

@alcaeus alcaeus Awaiting requested review from alcaeus

Assignees

@W-A-James W-A-James

Labels
Team Review Needs review from team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@aditi-khare-mongoDB @baileympearson @alcaeus @W-A-James