Documentation Review

I've reviewed PR #16768 which updates the security PGP key. Here are my findings:

✅ Positive Changes

• The update is clearly documented in the PR description with a link to the related issue
• The file structure is maintained properly
• The PGP key block format is correct with proper BEGIN/END markers

📝 Observations

Security Content Update:

• The PGP key is being replaced from an RSA 4096-bit key to an Ed25519 key (modern elliptic curve cryptography)
• Key fingerprint changes from CB B89C 1E7C BFA6 596C B9E5 1654 7506 29F4 FF95 to a new fingerprint
• Email changes from team@pulumi.com to security@pulumi.com (more appropriate for security communications)
• Key comment updated to: "Pulumi Security (Used for security emails)"

This appears to be a legitimate security key rotation, which is a good security practice. The move to Ed25519 is also aligned with modern cryptographic best practices.

ℹ️ Style Compliance

The changes comply with the repository's style guidelines:

• Markdown formatting is correct
• Code fence for the PGP key block is properly formatted
• File appears to end with a newline (though I cannot verify from diff alone per CI guidelines)

✅ Verdict

No issues found. The changes are appropriate for a security key rotation.

Need additional reviews or fixes? Mention me (@claude) in the comments.

Your site preview for commit e0857e6 is ready! 🎉

http://www-testing-pulumi-docs-origin-pr-16768-e0857e61.s3-website.us-west-2.amazonaws.com.

Looks good, is the new private key available in 1password so we can be sure to decrypt reports sent with this? Some info around expiration date etc would be good to have in the shared record as well.

Everything else is documented in the ticket