You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello @lpar 👋,
Thank you for your keen observation!
We're pleased to inform you that the signing key issue has been addressed. Current releases are now signed with GitHub’s verified signature (GPG key ID: B5690EEEBB952194). We appreciate your involvement in the community and look forward to your continued contributions :)
Description:
The key used to sign the v5.0.0 release has expired.
From looking at actions/setup-node, it looks like an unexpired signing key B5690EEEBB952194 is available.
(I thought about entering this as a security issue, but as long as the expired key has been kept secure anyway...)
The text was updated successfully, but these errors were encountered: