Signatures from some Arch packages are marginal trust

jtheoof · 22 July 2022 19:10

Dear maintainers,

Some Arch packages have been rebuilt and resigned by more trusted PGP keys. Those packages are not currently installable on Manjaro. Leading to:

error: swappy: signature from "Maxim Baz <pgp@maximbaz.com>" is marginal trust
:: File /var/cache/pacman/pkg/swappy-1.4.0-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]

The list of packages is here.

Not entirely sure be done on the Manjaro side, perhaps resyncing with the updated / newly signed packages.

Thanks

anon51566685 · 22 July 2022 19:40

Refresh mirrors, there is swappy 1.4.0-2, etc.

Yochanan · 22 July 2022 19:53

All Manjaro branches have archlinux-keyring 20220713-1. There’s nothing to do on our end.

system · 31 July 2022 21:08

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.