Hi! I package shim for Arch Linux.
To ensure the chain of trust between releases, I check the signatures made for the respective tags. @vathpela it seems you forgot to sign 15.7.

Please make sure to continue signing the releases (also see #304), as shim is central to the secure boot setup on many downstream distributions.

Fixed

Tarballs probably should have detached signatures, but at least you can now reproduce them with make test-archive :)