The release will be published to [PyPI](https://pypi.org/project/pyHanko/0.18.0/). Documentation is available on [ReadTheDocs](https://pyhanko.readthedocs.io/en/0.18.0/).
*Important remark*: This is the first pyHanko release to make use of GitHub Actions to publish and sign release artifacts. The CI signing workflow uses [Sigstore](https://www.sigstore.dev/) to bind the published artifacts to pyHanko's "GitHub identity", as it were. For the time being, releases will continue to be manually signed with GPG in addition. My PGP key fingerprint is `9C41 44F3 5E74 2C88 A5D2 563C 15F4 2BEF A159 BA54`, the same as for previous releases.
Should you want to validate the `.sigstore` signature bundles, download all the artifacts into a single folder, install `sigstore` from `pip` and run the following command:
bash
sigstore verify github \
--cert-identity https://github.com/MatthiasValvekens/pyHanko/.github/workflows/release.ymlrefs/tags/v0.18.0 \
pyHanko*.tar.gz pyHanko*.whl
*Note*: **This release also marks pyHanko’s move to beta status.** That doesn’t mean that it’s feature-complete in every respect, but it does mean that we’ve now entered a stabilisation phase in anticipation of the `1.0.0` release, so until then the focus will be on fixing bugs and clearing up issues in the documentation (in particular regarding the API contract). After the `1.0.0` release, pyHanko will simply follow SemVer.
Change log
The release notes for the 0.18.0 release are available [here](https://pyhanko.readthedocs.io/en/latest/changelog.html#release-0.18.0).