I noticed that we still have some warnings around dependency verification on our CI servers. I was going to try to implement some of the best practices described here:
https://britter.dev/blog/2026/06/01/gradle-dependency-verification-best-practices/ First change, I set: <key-servers enabled="false"/> It means that we have to refresh the keys manually when we introduce a dependency to the build with a new signer. Instructions on how to refresh are in CONTRIBUTING.md. Cheers, Paul.
