[policy, no patch] Should core use gpg-signed git annotated tags

Created on 21 March 2023, over 1 year ago

Problem/Motivation

This is a followup to 📌 Define conventions around drupal core git interaction Closed: outdated . In that issue, marvil07 suggest that Drupal use gpg-signed git annotated tags.

From the Issue Summary of the other issue:

Git provides two types of tags: simple and annotated, the last one can also be gpg-signed.

Currently we are using simple tags.
Annotated gpg-signed tags are usually the recommended for real release tags, mainly for verification.

Should we start using gpg-signed annotated tags?

Steps to reproduce

Proposed resolution

Remaining tasks

Discuss and decide if annotated tags should be used.

User interface changes

API changes

Data model changes

Release notes snippet

🌱 Plan
Status

Active

Version

10.1

Component
Other 

Last updated about 4 hours ago

Created by

🇳🇿New Zealand quietone

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024