I tried following the steps when running, for https://github.com/PrivateBin/PrivateBin/pull/1421, but this crucial one step is missing.
Maybe more was missing, most tests failed so hmm… but I only wanted it for the SRI generation and this was hard enough.
(And no, I did not feel like trying to run a container in a [dev]container, so these manual steps should better work.)
Maybe we can improve that further here, I the things I've noticed in this or the other PR.
This documents/should document:
* what the signatures are and what they proof
* how to verify them
* how to build releases (I know more of a maintainer doc, but yeah, I found it a good place here, if you want a separate one feel free)
This should also make it easier for other maintainers to create releases or so.
@elrido feel free to adjust/push to the branch if you want to have some details fixed. I have left some TODOs of stuff where I am unsure.
having had to re-do all of these steps on a new environment, I noticed
some inconsistencies and updated the doc:
- moved unit testing doc into common doc folder, so it is easier to find
- removed no longer supported Janitor reference
- removed note regarding generated test duration, current version takes
less than a minute
- addressed each function removal & phpunit deprecations