Switch releases from Gitea Actions to local builds

2026-07-11 19:59:40 +00:00
parent 8e369152f6
commit 362adfec86
+5 -4
@@ -33,11 +33,12 @@ sign `checksums.txt` with an offline-controlled release key and publish the
public key independently. Checksum signing is listed as a launch gate in the public key independently. Checksum signing is listed as a launch gate in the
[release checklist](Release-Checklist). [release checklist](Release-Checklist).
## Runner trust ## Release-machine trust
Release jobs execute on Gitea act runners. Only trusted, isolated runners should Release builds execute on a maintainer machine, not on the Gitea server. Use a
receive release tags or release tokens. Do not run secret-bearing release jobs trusted, patched machine; keep the release token out of shell history and source
from unreviewed fork pull requests. files; scope it to the Hop repository; export it only for the publish command;
and unset it immediately afterward. Releases upload as drafts for review.
## Filesystem safety ## Filesystem safety