vrr/Pulse
2
0
Fork 0
mirror of https://github.com/rcourtman/Pulse.git synced 2026-05-01 21:10:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Document update signer continuity for future releases

Browse source
This commit is contained in:
rcourtman 2026-04-22 20:36:49 +01:00
parent 2b618c8eaa
commit 3cbb62a40d
4 changed files with 19 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
docs/release-control/v6/internal/subsystems/deployment-installability.md
View file

@ -226,6 +226,11 @@ server-side update execution surfaces.
accept the active private signing key only alongside a non-secret expected
public key or equivalent pinned identity, and they must fail closed before
publication if the signer drifts from that expected trust root.
11. When the governed update signer changes, the canonical operator-facing
release docs under `docs/releases/` and the governed upgrade guide
`docs/UPGRADE_v6.md` must state the continuity impact explicitly. Those docs
must not imply automatic updater continuity from a historical signer unless
the actual trust-migration path is already shipped and exercised.
## Current State