Release icon indicating copy to clipboard operation
Release copied to clipboard
verified publisher icon nodejs

PGP keys verification

Open UlisesGascon opened this issue 2 years ago • 4 comments

Context

Action items

  • [ ] As part of the onboarding the releasers should add the PGP key(s) to the Github profile, like Ulises' example
    • [x] Create a PR to update the onboarding steps (@UlisesGascon). https://github.com/nodejs/Release/pull/966
    • [ ] Ensure that all the releasers has completed this step

UlisesGascon avatar Dec 04 '23 09:12 UlisesGascon

Aside: why is the website repo being used for security advisories? That doesn't seem to line up with the security reporting policy

nschonni avatar Dec 04 '23 15:12 nschonni

Aside: why is the website repo being used for security advisories? That doesn't seem to line up with the security reporting policy

IDK, someone just created one for nodejs.org; I'm not sure if this is a setting on the nodejs.org repository, and if yes, if I should disable. cc @nodejs/tsc

ovflowd avatar Dec 10 '23 13:12 ovflowd

I was checking the changes with the team, I am waiting for a final update for two signatures and then we can close this issue.

UlisesGascon avatar Feb 26 '24 12:02 UlisesGascon

Is there any update here?

ovflowd avatar Jun 03 '24 10:06 ovflowd