Document adding key to release-verify-signatures during publishing setup

emlun · emlun · commit 3f22b2f1588e · 2025-11-28T16:28:36.000+01:00
diff --git a/doc/development.md b/doc/development.md
@@ -69,3 +69,8 @@ Publishing a release
 ---
 
 See the [release checklist](./releasing.md).
+
+The first time you publish a release, request to have your PGP key added to the trusted keyring in the [`release-verify-signatures` workflow][workflow-release-src].
+
+
+[workflow-release-src]: https://github.com/Yubico/java-webauthn-server/blob/main/.github/workflows/release-verify-signatures.yml#L42
