Where is the publishing GPG / PGP key?

[JonathanWilbur]

I can't find it. I found somewhere you had one published back in 2017, but I can't fetch it using the command you gave. It would be nice to just be embedded right in this repository.

[westes]

• What did you do?
• What result did you get?
• What result were you expecting?

[createyourpersonalaccount]

In the release section you can find the signed tarballs. With gpg --list-packets flex-2.6.4.tar.gz.sig you will be shown the issuer key ID which is E4B29C8D64885307. Then you can search for keys with this key ID from the key servers with gpg --search-keys E4B29C8D64885307. You could potentially have many matches due to short key ID collision; the name is supposed to give you a hint of who you're looking for. If you use the wrong key you will not be able to verify the signature against the tarball.