[Wishlist] Improve workflow to prevent GPG subkey to expire again next time

For issue like #40115 (closed) and #40299 (moved), we already experienced GPG subkey expiration a few times in the past. This caused downstream project like torbrowser-launcher failed to install TorBrowser, because it checks the download file integrity by GPG.

So I'm wondering whether we can improve GPG subkey fresh in your regular workflow, or add a timer notification. It's not urgent, but better to fix before next expiration date, Jan 04 2022. Thank you!

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information