I can’t upgrade tuba (mastodon client) due an error importing a gpg key. This is the error reported trying pamac update:
pamac install tuba
Warning: tuba is only available from AUR
Preparing...
Cloning tuba build files...
Generating tuba information...
Checking tuba dependencies...
Resolving dependencies...
Checking inter-conflicts...
To build (1):
tuba 0.4.1-0.1 (0.4.0-0.1) AUR
Edit build files : [e]
Apply transaction ? [e/y/N] y
==== AUTHENTICATING FOR org.manjaro.pamac.commit ====
Authentication is required to install, update, or remove packages
Multiple identities can be used for authentication:
1. Leandro (leandro)
2. Leandro (leandro)
Choose identity to authenticate as (1-2): 1
Password:
==== AUTHENTICATION COMPLETE ====
Building tuba...
==> Making package: tuba 0.4.1-0.1 (mer 9 ago 2023, 10:37:47)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
-> Updating Tuba git repo...
==> Validating source files with sha256sums...
Tuba ... Skipped
==> Verifying source file signatures with gpg...
Tuba git repo ... FAILED (unknown public key 4AEE18F83AFDEB23)
==> ERROR: One or more PGP signatures could not be verified!
Error: Failed to build tuba
Manjaro stable regularly updated on amd64.
As you can read in the output, tuba is an AUR package, and therefore Manjaro cannot be held responsible for the integrity of the uploader’s signature. However, if you explicitly trust the uploader, you can import their key.
gpg --import 4AEE18F83AFDEB23
Use at your own risk!
Teo
9 August 2023 09:11
3
That seems to be a default github key (github signs for the developer) . Which means if you import it you will automatically trust maaaany developers.
Using GPG, SSH, or S/MIME, you can sign tags and commits locally. These tags or commits are marked as verified on GitHub so other people can be confident that the changes come from a trusted source.
1 Like
Please read the pinned comment on the tuba AUR page:
GPG Error
Import the gpg-key with:
curl -sS https://github.com/GeopJr.gpg | gpg --import -
curl -sS https://github.com/web-flow.gpg | gpg --import -
See also the pinned tutorial here in the AUR
1 Like
system
12 August 2023 05:48
6
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.
