Whenever one makes a release of a package using maint.mk, part of that process creates a file named e.g., announce-grep-3.8 in your home directory. Upon a recent request by Simon, I've adjusted the generating code to include more information in that template. I've been using some variant of this for years.
announce-gen: add more info to the auto-generated announce template
* build-aux/announce-gen (readable_interval, readable_interval0):
New functions.
(digest_file_base64_wrap): New function to add padding to the
base64-encoded SHA256 checksums.
(print_checksums): Use that wrapper. Indent each line by two spaces.
(main): Emit new sections, e.g., these lines from grep-3.8's release:
- There have been 104 commits by 6 people in the 55 weeks since 3.7.
- The following people contributed changes to this release: (and list)
I tested with this, running from a sibling cloned grep directory:
../gnulib/build-aux/announce-gen --release-type=stable \
--package-name=grep --previous-version=3.7 --current-version=3.8 \
--gpg-key-id=0x7FD9FCCB000BEEEE --url-directory=https://testing
Also, reference the cksum programs from coreutils-9.2 and from OpenBSD.
Here's the full output from the sample command above:
Subject: grep-3.8 released [stable]
<#secure method=pgpmime mode=sign>
This is to announce grep-3.8, a stable release.
FIXME: put comments here
There have been 104 commits by 6 people in the 55 weeks since 3.7.
See the NEWS below for a brief summary.
Thanks to everyone who has contributed!
The following people contributed changes to this release:
Carlo Marcelo Arenas Belón (2)
Helge Kreutzmann (1)
Jim Meyering (27)
Ondřej Fiala (1)
Paul Eggert (71)
Ulrich Eckhardt (2)
Jim
[on behalf of the grep maintainers]
==================================================================
Here is the GNU grep home page:
http://gnu.org/s/grep/
For a summary of changes and contributors, see:
http://git.sv.gnu.org/gitweb/?p=grep.git;a=shortlog;h=v3.8
or run this command from a git-cloned grep directory:
git shortlog v3.7..v3.8
Here are the compressed sources:
https://test/grep-3.8.tar.gz (2.8MB)
https://test/grep-3.8.tar.xz (1.7MB)
Here are the GPG detached signatures:
https://test/grep-3.8.tar.gz.sig
https://test/grep-3.8.tar.xz.sig
Here are the SHA1 and SHA256 checksums:
eb3bf741fefb2d64e67d9ea6d74c723ea0efddb6 grep-3.8.tar.gz
jeYKUWnAwf3YFwvZO72ldbh7/Pp95jGbi9YNwgvi+5c= grep-3.8.tar.gz
6d0d32cabaf44efac9e1d2c449eb041525c54b2e grep-3.8.tar.xz
SY18wbT7CBkE2HND/rtzR1z3ceQk+35hQa/2YBOrw4I= grep-3.8.tar.xz
Verify the base64 SHA256 checksum with cksum -a sha256 --check
from coreutils-9.2 or openBSD's cksum since 2007.
Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:
gpg --verify grep-3.8.tar.gz.sig
The signature should match the fingerprint of the following key:
pub rsa4096/0x7FD9FCCB000BEEEE 2010-06-14 [SCEA]
Key fingerprint = 155D 3FC5 00C8 3448 6D1E EA67 7FD9 FCCB 000B EEEE
uid [ unknown] Jim Meyering <j...@meyering.net>
uid [ unknown] Jim Meyering <meyer...@fb.com>
uid [ unknown] Jim Meyering <meyer...@gnu.org>
If that command fails because you don't have the required public key,
or that public key has expired, try the following commands to retrieve
or refresh it, and then rerun the 'gpg --verify' command.
gpg --recv-keys 0x7FD9FCCB000BEEEE
As a last resort to find the key, you can try the official GNU
keyring:
wget -q https://ftp.gnu.org/gnu/gnu-keyring.gpg
gpg --keyring gnu-keyring.gpg --verify grep-3.8.tar.gz.sig
announce-gen.diff
Description: Binary data
