Skip to content

Releasing ART

Beat Buesser edited this page Sep 22, 2023 · 6 revisions

Release process

  1. Merge all desired changes to main. Assuming the merge is from branch dev to main, that would be
git checkout main
git merge --no-ff --no-commit dev

Fix any conflicts, update docs in docs folder and README.md, etc., then commit the merge.

  1. Make sure CHANGELOG.md is updated with the upcoming version number, and has entries for all fixes. Try to reference closed issues.

  2. Bump the version number in art/__init__.py, README.md, .github/workflows/dockerhub.yml and docs/conf.py. These changes should be in an independent commit.

  3. Tag the new version number. If new version is, say, 1.0.0 and the latest commit is the version number bump, this means:

git tag 1.0.0
git push origin --tags

FYI, this will push all tags to remote.

  1. Create a new release on GitHub with the new tag. Content of the release should match the update in CHANGELOG.md.

  2. Confirm that new version of documentation was generated correctly on readthedocs (http://adversarial-robustness-toolbox.readthedocs.io/)

  3. Package ART

  • The easiest is to use twine (pip install twine)
  • Make a fresh clone of the repository (git clone git@github.com:Trusted-AI/adversarial-robustness-toolbox.git)
  • Delete or manage the content of the dist/ folder so you do not package anything extra accidentally.
  • You can now prepare the package:
python setup.py sdist bdist_wheel

This will generate files Adversarial_Robustness_Toolbox-1.0.0-py3-none-any.whl and Adversarial Robustness Toolbox-1.0.0.tar.gz in the dist folder. You can inspect their content to check that they contain the correct information.

  1. Configure PyPI

You can use a local configuration file for your PyPI account(s). Your ~/.pypirc might look like

[distutils]
index-servers =
  pypi
  pypitest

[pypi]
repository=https://upload.pypi.org/legacy/
username=<username>
password=<password>

[testpypi]
repository=https://test.pypi.org/legacy/
username=<username>
password=<password>

The previous file assumes you have already created accounts on both PyPI and PyPI test.

  1. Upload to PyPI test

Packages uploaded to PyPI can't be modified, so it's good practice to upload to the test instance of PyPI first:

twine upload dist/*1.0.0* -r testpypi 

If the upload is successful, you can now find the new version of the package on (https://test.pypi.org/).

  1. [IRREVERSIBLE] Upload to PyPI

You can now upload the package to PyPI:

twine upload dist/*1.0.0*

Once this command completes successfully, the package will be available on PyPI. Congratulations!

Resources

Clone this wiki locally