Seal-based regulation for software deployment management

What is claimed is: 1. A method of managing a deployment of a software package, the method comprising the steps of: a computer retrieving first and second QA seals which are embedded in a software package prior to a deployment of the software package to first and second environments; the computer performing a first lookup of the retrieved first QA seal in a plurality of QA seals stored in a first data repository and in response, determining that the retrieved first QA seal matches one QA seal included in the plurality of QA seals stored in the first data repository and determining the retrieved first QA seal does not match any other QA seal included in the plurality of QA seals; the computer performing a second lookup of the retrieved second QA seal in the plurality of QA seals stored in the first data repository and in response, determining that the retrieved second QA seal does not match any QA seal included in the plurality of QA seals stored in the first data repository; the computer determining that details about hardware, middleware, and applications required in the first environment which are included in one profile in the retrieved first QA seal match details of the first environment to which the software package is being deployed, the details of the first environment specifying hardware and software included in the first environment; based on the retrieved first QA seal matching the one QA seal included in the plurality of QA seals, the retrieved first QA seal not matching any other QA seal included in the plurality of QA seals, and the details about the hardware, middleware, and applications required in the first environment which are included in the one profile in the retrieved first QA seal matching the details of the first environment specifying the hardware and software included in the first environment, the computer determining the retrieved first QA seal indicates the software package is compatible with the first environment; based on the software package being compatible with the first environment, the computer generating a notification of an authorization of the deployment of the software package to the first environment; and based on the retrieved second QA seal not matching any QA seal included in the plurality of QA seals stored in the first data repository, the computer generating a notification indicating that the deployment of the software package to the second environment is not authorized. 2. The method of claim 1 , further comprising the steps of: the computer determining that dependencies of hardware and software required in the deployment of the software package in the first environment are satisfied based on the first environment specified in the retrieved first QA seal; and determining the software package is approved for a release to the first environment based on metadata included in the retrieved first QA seal, wherein the step of generating the notification of the authorization of the deployment of the software package to the first environment is further based on the dependencies being satisfied and the software package being approved for the release to the first environment. 3. The method of claim 1 , further comprising the step of: prior to the step of retrieving the first and second QA seals and subsequent to a generation of the plurality of QA seals, the computer associating the one QA seal and another QA seal included in the plurality of QA seals to the software package, wherein the one QA seal is a first data structure which includes (1) a first security token including an encryption mechanism that indicates whether the software package has been tampered with or otherwise changed, (2) a first profile including a name, a version, a build date, an identifier, and an author or manufacturer of a component of the software package, (3) a second profile including the details about the hardware, the middleware, and the applications required in the first environment in which the software package is permitted to be deployed, (4) a third profile including an identifier and a name of a user who is responsible for verifying contents of the software package prior to the one QA seal being embedded in the software package, (5) a first specification of one or more phases of a software development lifecycle for which the one QA seal is generated, (6) a fourth profile specifying steps of a workflow of the software development lifecycle, a name and an identifier of a reviewer of the software package, a status of an approval of the software package, and a status of the software package at key decision checkpoints, (7) a fifth profile specifying dependencies of hardware and software required in the deployment of the software package in the first environment, and (8) first metadata including a timestamp of a completion of a generation of the one QA seal, a history of modification of the one QA seal, a status of an approval of the one QA seal, and a phase of the one QA seal, and wherein the other QA seal is a second data structure which includes (1) the security token, (2) the first profile including the name, the version, the build date, the identifier, and the author or manufacturer of the component of the software package, (3) a sixth profile including details about hardware, middleware, and applications required in a second environment in which the software package is permitted to be deployed, (4) a seventh profile including an identifier and a name of a user who is responsible for verifying contents of the software package prior to the other QA seal being embedded in the software package, (5) a second specification of one or more phases of a software development lifecycle for which the other QA seal is generated, (6) the fourth profile specifying the steps of the workflow of the software development lifecycle, the name and the identifier of the reviewer of the software package, the status of the approval of the software package, and the status of the software package at the key decision checkpoints, (7) an eighth profile specifying the dependencies of the hardware and the software required in the deployment of the software package in the second environment, and (8) second metadata including a timestamp of a completion of a generation of the other QA seal, a history of modification of the other QA seal, a status of an approval of the other QA seal, and a phase of the other QA seal. 4. The method of claim 3 , wherein the step of associating the first and second QA seals to the software package includes the steps of: the computer retrieving the software package from a second data repository; the computer retrieving the one QA seal and the other QA seal from the first data repository; the computer generating and storing a first entry of the one QA seal in association with the software package and a second entry of the other QA seal in association with the software package; and the computer updating the first and second metadata in the one and the other QA seals, respectively, to indicate that the one and the other QA seals are associated with the software package. 5. The method of claim 1 , further comprising the steps of: subsequent to a completion of a development phase of a software development lifecycle for developing the software package and prior to the step of retrieving the first and second QA seals, the computer performing a build phase of the software development lifecycle and determining the build phase is successful; prior to the step of retrieving the first and second QA seals and based on the build phase being successful, the computer generating a third QA seal to verify the software package resulting from the build phase; prior to the step of retrieving the first and second QA seals and in response to the step of generating the third QA seal to verify the software package resul