Update for new GPG keys

jrfnl · jrfnl · commit 7b42a03b5b83 · 2025-06-12T17:31:42.000+02:00
The GPG key expires every year - as per the recommendation, so a new key has been generated and uploaded to the opengpg database.
diff --git a/.github/workflows/verify-release.yml b/.github/workflows/verify-release.yml
@@ -115,7 +115,7 @@ jobs:
 
       - name: Download public key
         env:
-          FINGERPRINT: "0x689DAD778FF08760E046228BA978220305CD5C32"
+          FINGERPRINT: "0xD91D86963AF3A29B6520462297B02DD8E5071466"
         run: gpg --keyserver "hkps://keys.openpgp.org" --recv-keys "$FINGERPRINT"
 
       - name: Verify signature of the PHAR file
@@ -200,7 +200,7 @@ jobs:
           tools: phive
 
       - name: Install
-        run: phive install ${{ matrix.pharfile }} --copy --trust-gpg-keys 689DAD778FF08760E046228BA978220305CD5C32
+        run: phive install ${{ matrix.pharfile }} --copy --trust-gpg-keys D91D86963AF3A29B6520462297B02DD8E5071466
 
       - name: "DEBUG: List files"
         run: ls -R
diff --git a/README.md b/README.md
@@ -78,8 +78,8 @@ You will then be able to run PHP_CodeSniffer from the vendor bin directory:
 ### Phive
 If you use Phive, you can install PHP_CodeSniffer as a project tool using the following commands:
 ```bash
-phive install --trust-gpg-keys 689DAD778FF08760E046228BA978220305CD5C32 phpcs
-phive install --trust-gpg-keys 689DAD778FF08760E046228BA978220305CD5C32 phpcbf
+phive install --trust-gpg-keys D91D86963AF3A29B6520462297B02DD8E5071466 phpcs
+phive install --trust-gpg-keys D91D86963AF3A29B6520462297B02DD8E5071466 phpcbf
 ```
 You will then be able to run PHP_CodeSniffer from the `tools` directory:
 ```bash
