This is an automated email from the ASF dual-hosted git repository.
andreww pushed a commit to branch cottage14-patch-1
in repository https://gitbox.apache.org/repos/asf/tooling-docs.git
commit 2c38da53dcece301bbf61605c7f500737dbe8a06
Author: Andrew Wetmore <and...@cottage14.com>
AuthorDate: Sat Feb 1 15:54:01 2025 -0400
Update lifecycle.md alphabetized definitions
---
apache-trusted-release/lifecycle.md | 52 ++++++++++++++++++-------------------
1 file changed, 26 insertions(+), 26 deletions(-)
diff --git a/apache-trusted-release/lifecycle.md
b/apache-trusted-release/lifecycle.md
index 19c1803..6d8df4b 100644
--- a/apache-trusted-release/lifecycle.md
+++ b/apache-trusted-release/lifecycle.md
@@ -51,50 +51,50 @@ flowchart TD
## Definitions
-**GHA Secure Release Process**
-: In a GitHub workflow the release candidate is built and validated following
the Security Release Policy.
-
-**Current SVN Build Process**
-: This is our current SVN repository process for setting up a release
candidate. Trigger the ATR automation by including release metadata.
+**Announce CVEs**
+: At some moment after a release happens a project may announce CVEs that
either impact or are solved by a release. The security team and PMC manage CVEs
including announcements and publishing via cveprocess.apache.org The ATR will
update SBOMs with new CVEs.
-**Release Candidate**
-: A release candidate consists of a folder of release files including
metadata, SBOMs, public keys, signatures, and checksums.
+**Announce Release**
+: Send a compliant announcement of the release. This template will include
release metadata.
**ATR Platform**
: Apache Trusted Release is a service with a web UI and restful API for
managing the lifecycle of project releases.
-**Evaluate Candidate**
-: Report on the Candidate by performing numerous checks for policy compliance.
Fails if compliance minimums are unmet.
+**Current SVN Build Process**
+: This is our current SVN repository process for setting up a release
candidate. Trigger the ATR automation by including release metadata.
-**Sign Candidate**
-: Optionally sign packages using digital certificates through a service.
+**[Distribute](./distributions.md)**
+: Release distribution will be automated for many channels.
**[Distribute Test](./test-distributions.md)**
: Release Candidates may be distributed to Test repositories.
-**Release Vote**
-: Release policy requires a Vote on the project's dev list. The ATR records
votes in the platform and also on the mailing list. The Vote will be summarized
and the PMC Vote recorded in the releases metadata.
+**Distribution Failed**
+: A Release may fail one or more of its Distribution Steps. This may be due to
a problem with the destination. The project will need to manually retry. The
distributions steps should include reasonable retry logic.
-**Passes**
-: The Release Candidate has been accepted. Convert the candidate into a
Release and proceed to Distribute and Announce the Release.
+**Evaluate Candidate**
+: Report on the Candidate by performing numerous checks for policy compliance.
Fails if compliance minimums are unmet.
**Failed**
: A Release Candidate may end in this state. The project can either abandon it
or update and resubmit it.
-**Release**
-: The release is a folder of files including metadata, SBOMs, public keys,
signatures, and checksums.
-
-**[Distribute](./distributions.md)**
-: Release distribution will be automated for many channels.
+**GHA Secure Release Process**
+: In a GitHub workflow the release candidate is built and validated following
the Security Release Policy.
**Manual Distribution**
: Some channels either require manual steps, or they are yet to be automated.
-**Distribution Failed**
-: A Release may fail one or more of its Distribution Steps. This may be due to
a problem with the destination. The project will need to manually retry. The
distributions steps should include reasonable retry logic.
+**Passes**
+: The Release Candidate has been accepted. Convert the candidate into a
Release and proceed to Distribute and Announce the Release.
-**Announce Release**
-: Send a compliant announcement of the release. This template will include
release metadata.
+**Release**
+: The release is a folder of files including metadata, SBOMs, public keys,
signatures, and checksums.
+
+**Release Candidate**
+: A release candidate consists of a folder of release files including
metadata, SBOMs, public keys, signatures, and checksums.
+
+**Release Vote**
+: Release policy requires a Vote on the project's dev list. The ATR records
votes in the platform and also on the mailing list. The Vote will be summarized
and the PMC Vote recorded in the releases metadata.
**Released**
: Once the Release is distributed and announced, this Release should remain in
this state as long as it is available.
@@ -102,5 +102,5 @@ flowchart TD
**Revoked**
: A Release in this state has been revoked or abandoned.
-**Announce CVEs**
-: At some moment after a release happens a project may announce CVEs that
either impact or are solved by a release. The security team and PMC manage CVEs
including announcements and publishing via cveprocess.apache.org The ATR will
update SBOMs with new CVEs.
+**Sign Candidate**
+: Optionally sign packages using digital certificates through a service.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tooling.apache.org
For additional commands, e-mail: dev-h...@tooling.apache.org
