I'm getting a failure on verifying the gpg signature: $ gpg --verify apache-camel-quarkus-3.31.0-src.zip.asc apache-camel-quarkus-3.31.0-src.zip gpg: Signature made Thu 22 Jan 2026 04:17:23 AM EST gpg: using RSA key EB237326B4230C28D60F8EB5AF5ACAF0A1E87292 gpg: Can't check signature: No public key
I'm confused, though, since that key does seem to be in your KEYS file, but is not importing. $ gpg --import KEYS <... snip ...> gpg: Total number processed: 20 gpg: unchanged: 20 $ gpg --list-keys Netherton gpg: error reading key: No public key I don't mean to nitpick, but it *appears* that your KEYS file is broken. On 2026/01/22 10:40:13 James Netherton wrote: > Hi, > > This is a vote to release Apache Camel Quarkus 3.31.0. > > Highlights: > > * Camel 4.17.0 > * Quarkus 3.31.0 > > All commits: > > https://github.com/apache/camel-quarkus/compare/3.30.0...3.31.0 > > Staging repository: > > https://repository.apache.org/content/repositories/orgapachecamel-1987 > > Tag: > > https://github.com/apache/camel-quarkus/releases/tag/3.31.0 > > Source release package + SBOM: > > https://dist.apache.org/repos/dist/dev/camel/camel-quarkus/3.31.0/ > > Please test this release candidate and cast your vote. > > [ ] +1 Release the binaries as Apache Camel Quarkus 3.31.0 > [ ] -1 Do not approve the release (provide specific comments) > > The vote is open for at least 72 hours. >
