| Age | Commit message (Collapse) | Author |
|---|
|
After a recent 'cleanup' operation that attempted to simplify my
GPG key workflow with Yubikeys, it looks like my GPG installation
has 'forgotten' how to interact with the key I typically used
to sign GitPython releases.
Since I never managed to establish a chain of trust with my only
remaining 'good' key, for you this means you cannot trust new
GitPython releases anymore.
There is nothing I can do about except to apologize for the hassle.
If you want to make constructive suggestions on how to fix this, I am
happy to work with you on that.
|
|
|
|
> pub rsa4096/A2DE235062DA33FA 2010-06-07 Yaroslav Halchenko (Yarik) <yoh@onerussian.com>
> Primary key fingerprint: C5B9 05F0 E8D9 FD96 68FF 366F A2DE 2350 62DA 33FA
As per https://github.com/gitpython-developers/GitPython/pull/702#issuecomment-350745673
|
|
I rotated my key as the previous one was suffering from
ROCA.
|
|
Also provide my public key with this repository, hoping that people
can trust it as this commit is signed with it too :).
|
