[wp-meta] [Making WordPress.org] #7667: core release process: Verify ZIP recreation is intended
Making WordPress.org
noreply at wordpress.org
Fri Jun 7 02:31:49 UTC 2024
#7667: core release process: Verify ZIP recreation is intended
-----------------------------+--------------------
Reporter: dd32 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Version Control | Keywords:
-----------------------------+--------------------
Sometimes a core release ZIP is recreated, which can result in the zip
hash changing.
We should verify that the releaser intended on overwriting an existing
file, to avoid situations where they inadvertently overwrite a released
archive.
Note: It is expected that during releases, a file may need to be rebuilt.
As the ZIP creation task is not currently designed to be reproducible, the
ZIP hash will change, even if the file contents is the same.
This can cause problems for some 3rd party tools that expect that the sha1
hash never changes post-release: https://github.com/roots/wordpress-no-
content/issues/7
It may also be pertinent to ensure that the ZIP is reproducible, if the
only difference is timestamps.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/7667>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list