AWS serverless-application-model documentation change
Summary
Added warning about expiring GPG keys for SAM CLI Linux installer verification (expiring May 2025)
Security assessment
Proactively documents upcoming GPG key rotation needs for package verification. While related to security maintenance, this is a routine cryptographic hygiene notice rather than addressing an active security vulnerability.
Diff
diff --git a/serverless-application-model/latest/developerguide/install-sam-cli.md b/serverless-application-model/latest/developerguide/install-sam-cli.md index be3da7349..18cc70f7b 100644 --- a//serverless-application-model/latest/developerguide/install-sam-cli.md +++ b//serverless-application-model/latest/developerguide/install-sam-cli.md @@ -66,0 +67,4 @@ x86_64 - command line installer +###### Important + +The current GPG keys used for AWS SAM CLI Linux installer verification will expire on May 22, 2025. New GPG keys will be published before this date. To ensure you can continue verifying the AWS SAM CLI Linux installer, we recommend you update your GPG keyrings with the new keys when they become available. + @@ -96,0 +101,4 @@ arm64 - command line installer +###### Important + +The current GPG keys used for AWS SAM CLI Linux installer verification will expire on May 22, 2025. New GPG keys will be published before this date. To ensure you can continue verifying the AWS SAM CLI Linux installer, we recommend you update your GPG keyrings with the new keys when they become available. +