dave2wave commented on issue #109: URL: https://github.com/apache/tooling-trusted-release/issues/109#issuecomment-2910259690
There are two conflicting requirements in processing KEYS files. 1. A Key used in the past to sign a release even over a decade ago should be preserved. 2. A Key that does not currently map to an ASF ID should not be used to sign a release. In the check this should be a FAILURE and since in the Alpha we are allowing these to be advisory this is fine. Later we may make this Fatal. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tooling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tooling.apache.org For additional commands, e-mail: dev-h...@tooling.apache.org
