My rotating set of public GPG/PGP keys used for signing commits, packages, releases etc.
✔️ Current Key Fingerprint:
C02D 33B6 5AC5 B2EE 6AE3 AC5F BCD6 1944 3BDA 19B4
GitHub Key ID: BCD619443BDA19B4
Generated: 18-04-2022
❌ A6A4 1A3B DE6C 5667 4D35 9242
GitHub Key ID: AD6DC3BA2DF4E9A4
N.B: Older, unverified commits using this specific GPG signature are still valid since I unintentionally broke the uid for the primary email (my personal email address) by revoking it from this previous keypair.
Generated: 2021-03-13
Revoked: 18-04-2022
Learn more: Breaking GPG2 + Git Key Signing (WIP Article, broken link)
Notes:
Some Release packages might not be signed yet.
e.g: custom-steam-status, all current and past releases. (Working on an automated GitHub Workflow to sign packages, artifacts and Releases.)