An issue with hardware security key is currently preventing builds from being
signed with our GPG key. This affects both direct uploads and builds performed
on Flathub infra.
While build service remains technically operational, no builds can be signed
and thus published. We are in contact with the company hosting the server and
working on delivering a new key.
(01:38 UTC — Feb 20)
Data centre staff attempted reseating the signing key across available USB ports
without success. We are now arranging delivery and installation of a replacement
key.
(16:46 UTC — Feb 20)
kinda bonkers that global software availability hangs on such a thing
Little surprised they’re not using an HSM to store the key. Suppose that could still suffer a hardware failure but probably a lot less likely.