I just wanted to give a heads up on the apt-key deprecation. As
you should know by now, apt-key will last be available in 22.04.
To prevent people from having leftover keys in trusted.gpg that
they can't easily remove, apt will soon start to
- verify keys using trusted.gpg.d only.
- If this fails, it will retry with trusted.gpg
- If that succeeded, it will print a warning at the end of the
run that trusted.gpg was needed to verify the repository and
instruct you migrate the key, pointing at documentation, and
hinting at signed-by.
This work is happening in merge request 209:
https://salsa.debian.org/apt-team/apt/-/merge_requests/209/diffs
(note that the message does not contain proper hints at
the docs and signed-by yet)
In 22.10 I expect to complete the transition by removing the
apt-key executable, and removing the fallback to trusted.gpg
from apt. At the beginning of the cycle would probably be
best.
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
