The steps vary slightly depending on the type of release you are pushing (major, minor or patch)
- Cherry-pick all required changes to the
- Ensure you are on the
npm version patchto bump the version number, and create the Git commit and tag
git push origin 0.xx-stable --follow-tags(replace
0.xx-stablewith the right branch name)
- Make sure current master branch is green on Circle, Travis and AppVeyor
- Ensure you are on
masterand your local copy of Yarn is up-to-date
./scripts/release-branch.sh. This will:
- Create the
masterto the next minor version (eg. after releasing
0.29.0, master will be bumped to
- Push it all to
- Create the
Once an RC has been tested by the community for a while and all major bugs have been ironed out, it can be marked as stable. To do this, go to https://release.yarnpkg.com/ and click the “Promote RC to stable” button.
Note: There is a whitelist for the users that are able to access this page. If a maintainer is missing from the whitelist, you can modify it here.
Sometimes things go wrong. Here’s how to debug some common issues:
Check the GitHub release for any missing artifacts. The release scripts do not bump the version number on the site until both the Linux and the Windows artifacts have been attached to the release.
Check the yarn-version Jenkins build job and see whether it has failed.
Most of the release has been automated and is fairly straightforward. Normally, you can just stop reading here. However, if the release tooling ever breaks (or if you like doing things the hard way), you can manually perform the release steps.
yarn build-dist && yarn build-debto build the release tarball, Debian package, and RPM package
yarn build-dist && yarn build-win-installeron Windows to build the Windows installer
- GPG sign the
gpg -u 9D41F3C3 --armor --detach-sign yarn-0.xx.xx.tar.gz
This will generate
.ascfiles that you should also attach to the release
- Authenticode sign the
osslsigncode sign -t http://timestamp.digicert.com -n "Yarn Installer" -i https://yarnpkg.com/ -pkcs12 yarn-20161122.pfx -readpass yarn-20161122.key -h sha1 -in yarn-0.xx.xx-unsigned.msi -out yarn-0.xx.xx.msi osslsigncode sign -t http://timestamp.digicert.com -n "Yarn Installer" -i https://yarnpkg.com/ -pkcs12 yarn-20161122.pfx -readpass yarn-20161122.key -nest -h sha2 -in yarn-0.xx.xx.msi -out yarn-0.xx.xx.msi
- Create new release on GitHub, and attach all artifacts. For the MSI, ensure you attach the signed version!
- Publish the tarball to npm:
npm publish ./artifacts/yarn-v0.xx.xx.tar.gz
- Perform post-release steps below
- Modify GitHub release to mark it as stable
npm dist-tag add email@example.com latest(where
0.xx.xxis the version number being released)
- Run post-release steps below