Converged Release Procedure

[rvagg]

Node.js 0.10 and 0.12 release unification

• OSX 32-bit + 64-bit universal binaries
• Solaris slave(s) for "sunos" binaries, 32-bit and 64-bit
• Original directory layout
  • Inclusion of node.exp, node.lib, node.pdb, openssl-cli.exe, openssl-cli.pdb for 32-bit and 64-bit
  • Windows 32-bit files in top-level directory
  • Windows 64-bit files in x64/ directory
  • SHASUMS.txt using SHA-1 hashing in addition to the SHA-2/256 hashed files
• Using new Node.js Foundation code signing certificates for OSX binaries & .pkg and Windows .msi files (I don't see a good reason to keep on using Joyent certs for these, or even NodeSource ones for any new io.js binaries we put out)
  • WIP: We are close to having an Authenticode certificate for .msi signing, a couple of steps away from having Apple Signing certs

Node.js v4+ releases

Following the successful lead of io.js in the following changes to distributions:

• 64-bit-only OSX binaries
• Moving unpacked Windows binaries to win-x64 and win-x86 directories, with redirects in place for old locations (node-gyp will care, even after we "fix" it, older versions will be in the wild)
• Windows .pdb and .exp files and openssl-cli.* files, are they necessary? I'd like to drop them if possible.
• Availability of .xz compressed files
• SHASUMS256.txt only, no SHA-1
• /dist/ being an alias for /download/release/ to enable other, non-release download types (RCs, nightlies, etc.)

I think we'll end up with two separate Jenkins jobs for these, one for 0.10 and 0.12 and one for io.js & Node.js v4+, possibly three if it ends up being too hard to get io.js & Node.js v4+ together in one.

[rvagg]

/cc @ljharb

[rvagg]

need to remember:

Moving unpacked Windows binaries to win-x64 and win-x86 directories, with redirects in place for old locations (node-gyp will care, even after we "fix" it, older versions will be in the wild)

someone remind me if we go live and I haven't updated this issue for that or it'll be broken for windows users who aren't using the new npm/node-gyp

[ljharb]

someone remind me if we go live and I haven't updated this issue for that or it'll be broken for windows users who aren't using the new npm/node-gyp

@rvagg you haven't updated this issue and node 4 has gone live

[ljharb]

@rvagg @Fishrock123 friendly ping :-)

[rvagg]

Ticked everything off, I haven't done anything with win-x64 vs x64, just leaving it as it is for v0.10 and v0.12.

The one change is that we're now including the -headers.tar.gz file from 0.10.41 and 0.12.9 and onward. Unfortunately it's bloated in those versions so not very helpful. It'll be fixed for the next releases thanks to nodejs/node#4149 and I was thinking of maybe putting a hardwired check in node-gyp to start using it for ^0.12.10 and ^0.10.42.

I believe this is ready to be closed without anything else, @ljharb?

[ljharb]

looks good - in general all the release process changes you've put in are enormously helpful for nvm, the only requests i continue to have is filling in old releases with new binaries and whatnot whenever possible :-)

close away!

[rvagg]

@ljharb how far back in Node.js versions are you getting requests for support? Are there people still caring about pre-0.8 that you're in contact with?

[ljharb]

I only very rarely see mentions of pre-0.8 come up (although 0.8 still does often). However, it would be nice to have them all consistent, and allow nvm to shed a lot of its legacy code without dropping any version compat.