Hi Pasquale, Thanks a lot for it. I was wondering if we should commit the PGP Public Key in Apache Camel KEYS file as well like this https://github.com/apache/camel/pull/20797.
Il giorno mar 13 gen 2026 alle ore 10:17 Pasquale Congiusti < [email protected]> ha scritto: > Hi team, > I've worked on this issue [1] as we were missing the expected KEYS gpg > file [3] required for release verification. I took the opportunity to sync > with the last source in the code and to provide a documentation note [2] to > explain how every committer involved in a release process should update and > sync his own GPG key accordingly. It is very important that this step is > followed not only by those people involved in the main project release, but > also to all the ones involved in each subproject release as the KEYS file > used to do the verification is the same (the one on main) regardless of the > subproject release. > > If you're a committer involved in a release, please, verify that your gpg > key is already in [3] and, if not, follow the instruction provided in the > PR [2] (to be promoted in the official documentation on PR merge). > > Thanks for your attention. > > Pasquale. > > [1] https://issues.apache.org/jira/browse/CAMEL-20282 > [2] https://github.com/apache/camel/pull/20794 > [3] https://downloads.apache.org/camel/KEYS >
