[releasing] Remove tar signing procedure

https://github.com/harfbuzz/harfbuzz/issues/2449#issuecomment-639898473
2020-06-06 20:16:50 +04:30 · 2020-06-06 20:16:50 +04:30 · 8571b3551c
commit 8571b3551c
parent ebab4b8658
2 changed files with 2 additions and 15 deletions
--- a/Makefile.am
+++ b/Makefile.am
@ -81,15 +81,4 @@ dist-hook: dist-clear-sticky-bits
 dist-clear-sticky-bits:
 	chmod -R a-s $(distdir)

-tar_file = $(PACKAGE_TARNAME)-$(VERSION).tar.xz
-sha256_file = $(tar_file).sha256
-gpg_file = $(sha256_file).asc
-$(sha256_file): $(tar_file)
-	sha256sum $^ > $@
-$(gpg_file): $(sha256_file)
-	@echo "Please enter your GPG password to sign the checksum."
-	gpg --armor --sign $^
-
-release-files: $(tar_file) $(sha256_file) $(gpg_file)
-
 -include $(top_srcdir)/git.mk
--- a/RELEASING.md
+++ b/RELEASING.md
@ -37,12 +37,10 @@ HarfBuzz release walk-through checklist:
   as well as any REPLACEME changes you made.  The commit message is simply the
   release number.  Eg. "1.4.7"

-8. "make dist" again to get a tarball with your new commit in the ChangeLog.  Then
-   "make release-files".  Enter your GPG password.  This creates a sha256 hash
-   and signs it.  Check the size of the three resulting files.
+8. "make dist" again to get a tarball with your new commit in the ChangeLog.

 9. Tag the release and sign it: Eg. "git tag -s 1.4.7 -m 1.4.7".  Enter your
-   GPG password again.
+   GPG password.

 10. Build win32 bundle.  See [README.mingw.md](README.mingw.md).