Sign the dist as the last step before creating the archive. Take care not to modify/regenerate dist meta files or the manifest.

Error: gpg: Signature made Sun 05 Oct 2025 08:22:11 AM JST gpg: using RSA key 58491A828ACEAD567D7D3D4FC2530D07741A444B gpg: requesting key C2530D07741A444B from hkp server keyserver.ubuntu.com gpg: Can't check signature: No public key ==> BAD/TAMPERED signature detected! <==

If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.

Ask the owner of the distribution (the one who released it first, or the one who is designated in x_authority) to give you a (co-)maintainer's permission.

Error:

• Dist::Zilla::Plugin::Signature

Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.

Add SECURITY(.pod|md). See Software::Security::Policy.

Add SECURITY(.pod|md) and add a contact address. See Software::Security::Policy.

Add CONTRIBUTING(.pod|md). See https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/setting-guidelines-for-repository-contributors.