forked from microsoft/SymCrypt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
BranchStructure.txt
65 lines (43 loc) · 2.47 KB
/
BranchStructure.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
Branch structure used for SymCrypt.
Niels Ferguson, 20190417
BRANCH NAMES:
master The latest fully validated Symcrypt library.
publish This branch gets published to the public GitHub repo as the master branch there.
This branch should only be used for publishing, and not for anything else.
<alias>-* Working branch names for each contributor
CONF-* Branch names for temporarily confidential changes. One CONF-* branch per change.
CONF Branch that combines master and all the CONF-* branches for testing.
WORK FLOW for normal feature work:
- Create a <alias>-* branch off master for the work
- Do the development work on that branch
- Run scBuild out of the private branch (which runs all tests)
- Use a PR to merge the change into master
- Run scBuild on master to ensure that it is still consistent
WORK FLOW for confidential changes:
- Create a CONF-* branch off master
- develop the fix inside that branch (or use sub-branches for more complex changes)
- DO NOT merge this into master
- For testing, merge the change into the CONF branch, and build out of that branch
(If only one CONF-* branch is active, you can use that to build and test.)
- When the change is no longer confidential, use a PR to merge the change into master
and delete the CONF-* branch.
- To keep the CONF-* branches current they have to be rebased to the top of master
at suitable intervals.
- The CONF branch should be rebuilt at regular intervals to keep it in sync with
master by:
- rebase all CONF-* branches to the top of master
- Delete the CONF branch and re-create it from the top of master
- merge all CONF-* branches into CONF
Confidential changes should be relatively rare, so much of the time we won't even
have a CONF branch, and multiple CONF-* branches should be very rare.
However, this structure allows us to add new confidential
changes and later publish each confidential change without any restriction to order.
Note: the reason for having confidential changes is that a fix for a security
weakness cannot be published until the patch is available and deployed for all
downlevel platforms. As soon as the fix is deployed, the confidential change
must be merged into master so that it can be published.
WORK FLOW for publishing:
The publish branch only ever takes merges from master, and never from anywhere
else. The publishing workflow is
- Merge master into publish
- Use the script to push the publish branch to Github