PGP signature verification failed!

[0-x-2-2]

One artifact failed verification: gradle-git-version-3.0.0.pom (com.palantir.gradle.gitversion:gradle-git-version:3.0.0) from repository gradle
This can indicate that a dependency has been compromised. Please carefully verify the signatures and checksums.

The artifact was signed with key bf3a87d91b70be32cad64a2645d0caa6d26b0f7d (Open Source <opensource@palantir.com>) but the signature didn't match

<component group="com.palantir.gradle.gitversion" name="gradle-git-version" version="3.0.0">
         <artifact name="gradle-git-version-3.0.0.jar">
            <pgp value="bf3a87d91b70be32cad64a2645d0caa6d26b0f7d"/>
            <sha256 value="3ed9e1d890829703c18737e6619d0544fb5f9a3c4147c24c29228af42177556f" origin="Generated by Gradle"/>
         </artifact>
         <artifact name="gradle-git-version-3.0.0.pom">
            <sha256 value="55b54781af0fb1a362b1745b73e673c0e520e3b1d43d203f3bcc03cc0d1774a6" origin="Generated by Gradle" reason="PGP signature verification failed!"/>
         </artifact>
      </component>

[0-x-2-2]

Bump, if anyone knows a contact email for someone who can actually fix the issue with invalid signatures on maven metadata in releases that would be nice.