keys: remove revoked key 867B9DFA #28
Draft
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Key
1C050899334244A8AF75E53792EF661D867B9DFA
has been revoked: https://keyserver.ubuntu.com/pks/lookup?search=1C050899334244A8AF75E53792EF661D867B9DFA&fingerprint=on&op=indexThis PR removes it so automated workflows relying on this repository to import all signing keys can keep working (example broken workflow).
Not sure this PR makes sense since this key signed previous Node.js releases.
What would be the best way to go about this? Does it make sense to use the key(s) stored in
keys/
, which does not embed the revoking information? Can the releases this key might have signed be re-signed with valid keys?