Hi, Recently I was looking for some release notes and found them on GitHub which got me thinking. Now that we have a tighter integration between the official Gitbox and the GitHub mirror, I think it would make sense to also post our release notes and source artifacts to GitHub Releases page. FWIW, there are other Apache projects that already do this[1][2][3]. Some of these tags are signed as well (green verified label), and as we already require signing the release artifacts, I propose we sign the Git tags as well.
Please let me know what you think. If there is no objection, I'll go ahead and do this for the upcoming 1.13.0 release as a test and update the releasing guide docs after the release if it's successful. Attila [1] https://github.com/apache/beam/releases [2] https://github.com/apache/cloudstack/releases [3] https://github.com/apache/pulsar/releases
signature.asc
Description: PGP signature
