Closed SimonCropp closed 1 year ago
I think the core Serilog package needs/uses a different key from the sinks/extensions because (historically) the contributor/maintainer group for the core was much more limited than for the additions and this helped firewall the supply chain just a little bit more :-)
Right now, this will fail if merged, but given the much smaller Serilog org we now have, it would make sense to either use a single key across them, or even keep a key per repository 🤔
(Marking as draft helps avoid an accidental later merge :-))
@nblumhardt i only did this since current key has expired https://ci.appveyor.com/project/serilog/serilog-framework-logging/builds/46479990
can u gen a new key and update the one stored in appveyor
@SimonCropp thanks 👍 - EN9f+XXE3fW+ebL4wxrIbafdtbNvRfddBN8UUixvctYh4qMBHzr1JdnM83QsM1zo
should do the Extensions.* projects for another year.
It's a bit of an annoying system to maintain; we're moving to another approach for work projects (use an agent to harvest GitHub releases and centrally update NuGet etc.), it might be the way to go for Serilog eventually, too.
@nblumhardt is there a reason why the nuget keys are different on the diff repos?