any-announce.md 3 KB
Newer Older
totten's avatar
totten committed
1
# CiviCRM (Any Version): Announce a final release
2

3 4 5 6 7
## Release date calendar

Ensure that the new release and the next release are listed in the README.md
calendar.

8 9
## Security announcements

totten's avatar
totten committed
10
Consult the "Security and Release Planning" spreadsheet and check the security items which are marked for this release:
11

totten's avatar
totten committed
12
* Verify that each advisory is published. Ensure that the advisory's date matches the current date. (Tip: To ensure pleasant order, set the time as `12:00:{advisorynumber}`.) Ensure that the author is `dev-team`.  Browse https://civicrm.org/advisory
totten's avatar
totten committed
13 14 15 16 17
* Verify that each JIRA issue is closed (Done/Fixed) with appropriate version#. Leave the security level as "Security: Unpublished". 

Next, prepare a mail blast in CiviMail. The message should:

* Use the template below
totten's avatar
totten committed
18
* Link to each security advisory (Tip: Double-check these links. During the writing/editing process, the URL may change whenever someone fixes text in the advisory title.)
totten's avatar
totten committed
19
* Send the blast to members of the group "Security Notifications" ([more information](https://civicrm.org/security))
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39

Example announcement template:


> __Subject__: CiviCRM Security Releases (4.7.3, 4.6.9-LTS) - CIVI-SA-2015-004, CIVI-SA-2015-005
>
> There has been a security advisory for CiviCRM. We recommend you immediately upgrade to one of the following versions:
>
>        (list of fixed versions)
>
> The security advisories resolved in these releases address issues with FOO and BAR. Read the security advisories for details:
>
>        (links to security advisories, posted as nodes of type Security Advisory to [https://civicrm.org/advisory](https://civicrm.org/advisory))
>
> A number of other issues have been fixed in these releases. Upgrade now for the most stable CiviCRM experience.
>
> CiviCRM security announcements are available from [https://civicrm.org/advisory](https://civicrm.org/advisory) and via the [CiviCRM Security Notifications](https://civicrm.org/sites/all/modules/civicrm/extern/url.php?u=5441&qid=) email list.

## Blog

totten's avatar
totten committed
40 41
[Post to the blog](http://civicrm.org/blog). A few things to ensure:

totten's avatar
totten committed
42 43 44 45
* The author of the blog should be Drupal user `dev-team`. (If you don't have rights to specify the blog's author, and if you don't have a password for `dev-team`, then PM `totten` for the credentials.)
* Check "Promote to Front Page" so blog appears on home page banner (below gallery). 
* Blog should include release highlights.  
* List of CONTRIBUTORS should be reviewed and updated (process TBD). (*Is this still relevant now that we have better relase notes?*)
46 47 48 49 50 51 52 53 54

## Twitter

Post to Twitter as "@civicrm" (or ping the `marketing` channel on Mattermost). Indicate whether there are security fixes and/or bug fixes.

## JIRA

Update Versions in JIRA (http://issues.civicrm.org/jira/plugins/servlet/project-config/CRM/versions) (TODO: does JIRA have an api we could tap into to add this step to the releaser script?)

totten's avatar
totten committed
55 56
* Mark this version as released
* Add 'next' versions (should be two future versions present on active branch - e.g. when 4.7.1 is released, should be 4.7.2 and 4.7.3)