Skip to content

chore(NODE-7599): update release integrity docs#114

Merged
PavelSafronov merged 2 commits into
mainfrom
NODE-7599
May 29, 2026
Merged

chore(NODE-7599): update release integrity docs#114
PavelSafronov merged 2 commits into
mainfrom
NODE-7599

Conversation

@tadjik1
Copy link
Copy Markdown
Contributor

@tadjik1 tadjik1 commented May 28, 2026
edited
Loading

Description

Summary of Changes

Fix two issues in the README.md Release Integrity section.

What is the motivation for this change?

The README has had an incorrect claim about git tag signing since it was introduced, and was missing documentation on npm provenance verification which is now available.

Double check the following

  • Lint is passing (npm run check:lint)
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@tadjik1 tadjik1 marked this pull request as ready for review May 28, 2026 09:38
@tadjik1 tadjik1 requested a review from a team as a code owner May 28, 2026 09:38
Copilot AI review requested due to automatic review settings May 28, 2026 09:38
Copilot AI reviewed May 28, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Documentation-only update to the Release Integrity section in README.md. Removes the inaccurate claim that git tags are GPG-signed and adds documentation for verifying npm provenance attestations.

Changes:

  • Reword opening line to drop the unsupported "git tag" signing claim.
  • Clarify the Note to specify "No GPG verification" (since npm provenance verification is now available).
  • Add a new subsection describing how to verify npm provenance via npm audit signatures.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@PavelSafronov PavelSafronov self-assigned this May 28, 2026
@PavelSafronov PavelSafronov merged commit d2f9354 into main May 29, 2026
28 of 31 checks passed
@PavelSafronov PavelSafronov deleted the NODE-7599 branch May 29, 2026 16:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@PavelSafronov PavelSafronov PavelSafronov approved these changes

Assignees

@PavelSafronov PavelSafronov

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tadjik1 @PavelSafronov