The JS team has long issued infrequent source package releases. It's been very informal, and various people have just put them in our people.m.o accounts. Which is what brings me here. I would like to place the release tarballs in a more official location, perhaps alongside esr releases. Or at least on the same server. Optionally, we could transition some/all of the release responsibility over. We're certainly not great about handling it in a timely fashion; we still haven't generated a release to go with 52esr. (The packaging is automatic and is already happening in CI, but we try to do release notes and things.) But we'd like to get the releases to a new home ASAP, so it'd probably be better to not block on some procedural change. https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/Releases/45 has a broken link right now, for example. (sorry, not sure what component to file this in.)
We should probably keep track of the metabugs to fix bugs for embedding. We get a lot of external people come by trying to make heroic efforts to embed or update embedding and we don't always do a good job of keeping track of "known" problems, especially with things like esr52.
You're right. I'm not good about it, but there's a bug aliased to "sm.embedding" that these bugs should block. Thanks for the reminder.
FWIW, the GNOME release team needed a tarball in a permanent location for GNOME 3.25.4 last week, so I put one with my patches applied on top at this location: ftp://ftp.gnome.org/pub/gnome/teams/releng/tarballs-needing-help/mozjs/ Up until esr24 the tarballs were stored here, apparently: ftp://ftp.mozilla.org/pub/js/
Let me know where we should store these? How do we want to manage these releases? Should they be added to the releng pipeline or should the spidermonkey maintainer upload them directly to s3?
For now, I'd say we don't want to add them to the releng pipeline. (That may come later, with more discussion.) I think the immediate solution would be for the spidermonkey maintainer to continue to upload them. Future releases will simply be copies of things built by continuous integration, eg https://index.taskcluster.net/v1/task/gecko.v2.mozilla-esr52.latest.firefox.sm-package-opt/artifacts/public/build/mozjs-52.1.0.tar.bz2 but esr45 doesn't have those. I don't know enough to answer the "where we should store these" question. S3 sounds fine to me, as long as there's a nice url naming it (as in, something ending in mozjs-45.x.y.tar.bz2 or whatever), and the url is persistent and publicly available.
> Should they be added to the releng pipeline I help package SpiderMonkey for Ubuntu. I'd like for, say, SpiderMonkey 52.3 to be released the same day as Firefox ESR 52.3. I think having SpiderMonkey releases be part of the Firefox ESR release process would be a good way to ensure that happens.
What else do you need to make headway here? I'm getting more requests for this.
I need to know: * who to give upload access to and their GPG key * the path at https://archive.mozilla.org/ where these should be stored
Created attachment 8904762 [details] GPG public key for email@example.com Excellent, thanks. Is the GPG key just for the upload process, or do the actual uploads need to be signed? If it's just for the upload, then mine should work fine. Attaching. I would like to store these in subdirectories of https://archive.mozilla.org/pub/spidermonkey/releases/ (the releases/ directory itself does not currently exist, though the spidermonkey directory does.) So eg https://archive.mozilla.org/pub/spidermonkey/releases/45.0.2/mozjs-45.0.2.tar.bz2
I have e-mailed you access details.
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.