Please sign release git tags
It would be great if release tags could be annotated and gpg signed like
git tag -s -u <keyid> -m"osk-sdl 0.62.2" 0.62.2
This allows them to be verified downstreams when importing. The annotation makes sure that the package name is derivable in case of later repo merges/filters.