f4c0e7e805
Install failed with "GPG verification enabled, but no signatures found" on the commit: the deploy step only ran build-update-repo (signs the summary). Add `flatpak build-sign` to sign the commit objects too — clients with gpg-verify=true verify the commit, so summary-only signing isn't enough. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>