From e3332e203b8bb8797735ec08cea5a6d37203620e Mon Sep 17 00:00:00 2001
From: Anton Lindqvist <anton.lindqvist@gmail.com>
Date: Mon, 28 Aug 2017 09:41:02 +0200
Subject: [PATCH] Update release notes

After discussing the release process with @calleerlandsson and
@mike-burns we decided to stop signing releases in order to simplify the
process. Instead, a SHA-256 checksum will be available for the release
tarball.
---
 DEVELOPING.md | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/DEVELOPING.md b/DEVELOPING.md
index 969a6422..faf5282a 100644
--- a/DEVELOPING.md
+++ b/DEVELOPING.md
@@ -71,25 +71,19 @@ you agree to abide by its [Code of Conduct][conduct].
    $ git pull --rebase
    $ git push origin master
    $ git status
-   $ git tag --sign -m "v0.0.2" v0.0.2
+   $ git tag -m "v0.0.2" v0.0.2
    $ git push origin master --tags
    ```
 
-5. Sign the tarball:
+5. Generate checksum:
 
    ```sh
-   $ gpg -sab pick-0.0.2.tar.gz
+   $ sha256 pick-0.0.2.tar.gz >pick-0.0.2.sha256
    ```
 
-6. Verify the signature:
+6. [Announce the release on GitHub][announce].
 
-   ```sh
-   $ gpg --verify pick-0.0.2.tar.gz.asc pick-0.0.2.tar.gz
-   ```
-
-7. [Announce the release on GitHub][announce].
-
-8. Contact package maintainers:
+7. Contact package maintainers:
 
   * Aggelos Avgerinos <evaggelos.avgerinos@gmail.com> (Debian & Ubuntu)
   * Chunyang Xu <xuchunyang.me@gmail.com> (MacPorts)