Dist::Zilla::Plugin::SignReleaseNotes version 0.0006

#perl

Dist::Zilla::Plugin::SignReleaseNotes is a perl module to automatically create and gpg sign release notes as part of a Dist::Zilla release flow.

The release notes include all of the commits between the most recent tags in your git repository. It assumes that your Dist::Zilla flow is tagging the repo as part of the release process.

The produced Release-{version} file is created in the root of the module directory and includes the sha-256 hash of the file that is released to CPAN.

The use case is to simplify creating release notes on github and similar and to have a developer certified (via a gpg signature) sha256 hash of the file as it was uploaded to cpan. There has been more attention being paid to ensuring the authenticity of releases and this module is my way of helping that (but mostly simplifying my release process).

The following is a sample of the release notes created:

`
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Dist::Zilla::Plugin::SignReleaseNotes

Release 0.0006

Change Log

1e5d7ed v0.0006
dd458e2 Update version
3249fd6 Fix typo in sample

SHA256 hash of CPAN release

0266e366e2c975adc03a4de9109d80cb9aac8fc897419e8f3a72d54c60fb3a0b *Dist-Zilla-Plugin-SignReleaseNotes-0.0006.tar.gz

DEV Community

Dist::Zilla::Plugin::SignReleaseNotes version 0.0006

Top comments (0)

Read next

Underrated VSCode feature: Native Tabs

Integrando seu App com Firebase

Um pouco sobre Arquitetura Hexagonal

Collection of Hands-on Exercises to Get Started with Apache Iceberg