This Python script helps release Django.

You must run git clean -fdx in your Django checkout first.

import hashlib
import os
import re
import subprocess
from datetime import date
from io import StringIO

PGP_KEY_ID = '1E8ABDC773EDE252'  # replace with your PGP key
PATH_TO_DJANGO = '/media/evo/release-django/'  # replace
CHECKSUM_DEST_DIR = '/home/tim/Desktop/'  # replace

checksum_file_text = \
"""This file contains MD5, SHA1, and SHA256 checksums for the source-code
tarball and wheel files of Django {django_version}, released {release_date}.

To use this file, you will need a working install of PGP or other
compatible public-key encryption software. You will also need to have
the Django release manager's public key in your keyring; this key has
the ID ``{pgp_key_id}`` and can be imported from the MIT
keyserver. For example, if using the open-source GNU Privacy Guard
implementation of PGP:

    gpg --keyserver --recv-key {pgp_key_id}

Once the key is imported, verify this file::

    gpg --verify <<THIS FILENAME>>

Once you have verified this file, you can use normal MD5, SHA1, or SHA256
checksumming applications to generate the checksums of the Django
package and compare them to the checksums listed below.

Release packages:


dist_path = os.path.join(PATH_TO_DJANGO, 'dist/')

## Build release files.["make", "-f", os.path.join(PATH_TO_DJANGO, 'extras/Makefile')])
release_files = os.listdir(dist_path)
for f in release_files:
    if f.endswith('.whl'):
        wheel_name = f

assert wheel_name.endswith('.whl')
django_version = wheel_name.split('-')[1]
django_major_version = '.'.join(django_version.split('.')[:2])
# Chop alpha/beta/rc suffix
match ="[abrc]", django_major_version)
if match:
    django_major_version = django_major_version[:match.start()]

checksum_file_text = checksum_file_text.format(
    release_date ='%B %-d, %Y'),
    pgp_key_id = PGP_KEY_ID,

for release_file in release_files:
    checksum_file_text += '' + django_major_version + '/' + release_file + '\n'

checksums = (
    ('MD5', hashlib.md5),
    ('SHA1', hashlib.sha1),
    ('SHA256', hashlib.sha256),

for checksum_name, checksum_algo in checksums:
    checksum_file_text += "\n%s checksums\n" % checksum_name
    checksum_file_text += "=" * len(checksum_name) + "==========\n\n"

    for release_file in release_files:
        checksum = checksum_algo(open(os.path.join(dist_path, release_file) ,'rb').read()).hexdigest()
        checksum_file_text += checksum + "  " + release_file + "\n"

# Create the checksum file
checksum_file_name = 'Django-%s.checksum.txt' % django_version
checksum_file_path = os.path.join(CHECKSUM_DEST_DIR, checksum_file_name)
with open(checksum_file_path,'wb') as f:

print('Commands to run:')

# Sign the checkusm file
print('gpg --clearsign --digest-algo SHA256 %s' % checksum_file_path)

# Upload the checksum file
print('scp {filepath}.asc{filename}'.format(filepath=checksum_file_path, filename=checksum_file_name))

# Upload release files to the djangoproject server.
print('scp dist/Django-*' % django_major_version)

print('git tag --sign --message="Tag {release}" {release}'.format(release=django_version))
print('twine upload -s dist/*')
Last modified 4 years ago Last modified on 06/01/18 13:32:38
Back to Top