From d853e8ffd5961dd69f7bfb0f28ee7621bc1f1e44 Mon Sep 17 00:00:00 2001
From: Miguel Jacq <mig@mig5.net>
Date: Wed, 11 Mar 2026 11:59:26 +1100
Subject: [PATCH 1/2] Update my GPG key

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6c4cb50..ed9a0a0 100644
--- a/README.md
+++ b/README.md
@@ -24,7 +24,7 @@ This is meant as a **starting point**. Review and tighten the resulting policy b
 
 If using my artifacts from the Releases page, you may wish to verify the GPG signatures with the key.
 
-It can be found at https://mig5.net/static/mig5.asc . The fingerprint is `00AE817C24A10C2540461A9C1D7CDE0234DB458D`.
+It can be found at https://mig5.net/static/mig5.asc . The fingerprint is `54A91143AE0AB4F7743B01FE888ED1B423A3BC99`.
 
 ### Poetry
 

From e7faee665fd81b820e6fafef9c2653e9ca816c81 Mon Sep 17 00:00:00 2001
From: Miguel Jacq <mig@mig5.net>
Date: Mon, 23 Mar 2026 11:22:05 +1100
Subject: [PATCH 2/2] Remove trivy..

---
 .forgejo/workflows/trivy.yml | 40 ------------------------------------
 1 file changed, 40 deletions(-)
 delete mode 100644 .forgejo/workflows/trivy.yml

diff --git a/.forgejo/workflows/trivy.yml b/.forgejo/workflows/trivy.yml
deleted file mode 100644
index d5585f4..0000000
--- a/.forgejo/workflows/trivy.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-name: Trivy
-
-on:
-  schedule:
-    - cron: '0 1 * * *'
-  push:
-
-jobs:
-  test:
-    runs-on: docker
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Install system dependencies
-        run: |
-          DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends wget gnupg
-          wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | tee /usr/share/keyrings/trivy.gpg > /dev/null
-          echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | tee -a /etc/apt/sources.list.d/trivy.list
-          apt-get update
-          DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends trivy
-
-      - name: Run trivy
-        run: |
-          trivy fs --no-progress --ignore-unfixed --format table --disable-telemetry --skip-version-check --exit-code 1 .
-
-      # Notify if any previous step in this job failed
-      - name: Notify on failure
-        if: ${{ failure() }}
-        env:
-          WEBHOOK_URL: ${{ secrets.NODERED_WEBHOOK_URL }}
-          REPOSITORY: ${{ forgejo.repository }}
-          RUN_NUMBER: ${{ forgejo.run_number }}
-          SERVER_URL: ${{ forgejo.server_url }}
-        run: |
-          curl -X POST \
-               -H "Content-Type: application/json" \
-               -d "{\"repository\":\"$REPOSITORY\",\"run_number\":\"$RUN_NUMBER\",\"status\":\"failure\",\"url\":\"$SERVER_URL/$REPOSITORY/actions/runs/$RUN_NUMBER\"}" \
-               "$WEBHOOK_URL"