Yes. Once they are merged, we should sync the new KEYS from the repo into the SVN dist as provided in the documentation recently merged:
svn checkout https://dist.apache.org/repos/dist/release/camel camel-dist cd camel-dist cp /path/to/repo/camel/KEYS . # replace the path with your main project repository svn commit -m "Add GPG key for Your Name" That's the procedure. Just change the values with the local ones. Pasquale. On Tue, Jan 13, 2026 at 11:49 AM Federico Mariani < [email protected]> wrote: > Hi Pasquale, > > Thanks a lot for it. I was wondering if we should commit the PGP Public Key > in Apache Camel KEYS file as well like this > https://github.com/apache/camel/pull/20797. > > Il giorno mar 13 gen 2026 alle ore 10:17 Pasquale Congiusti < > [email protected]> ha scritto: > > > Hi team, > > I've worked on this issue [1] as we were missing the expected KEYS gpg > > file [3] required for release verification. I took the opportunity to > sync > > with the last source in the code and to provide a documentation note [2] > to > > explain how every committer involved in a release process should update > and > > sync his own GPG key accordingly. It is very important that this step is > > followed not only by those people involved in the main project release, > but > > also to all the ones involved in each subproject release as the KEYS file > > used to do the verification is the same (the one on main) regardless of > the > > subproject release. > > > > If you're a committer involved in a release, please, verify that your gpg > > key is already in [3] and, if not, follow the instruction provided in the > > PR [2] (to be promoted in the official documentation on PR merge). > > > > Thanks for your attention. > > > > Pasquale. > > > > [1] https://issues.apache.org/jira/browse/CAMEL-20282 > > [2] https://github.com/apache/camel/pull/20794 > > [3] https://downloads.apache.org/camel/KEYS > > >
