** Description changed: [Impact] archlinux-keyring is a package in Oracular and Noble that provides an archive of signing keys for Archlinux. As stated by the reporter, this package allows users to bootstrap and build Arch, useful for CI and image building purposes. The package should be updated in noble-proposed to provide the latest - keys to LTS users. A simple rebuild with a new changelog entry is - sufficient. + keys to LTS users. Unlike Ubuntu, Debian or Fedora, on Archlinux there + is no single archive key that users can use to verify packages and + repositories, the key of the individual uploader is needed to verify + each package that they upload, so updates are necessary when new + packages/maintainers are added. A simple rebuild with a new changelog + entry is sufficient. [Test Plan] To test, the package should be installed on noble, and gpg keys should be checked. This can be done with the following commands: $ sudo apt update $ sudo apt upgrade $ sudo apt install archlinux-keyring mkosi $ mkosi -d arch build ‣ Syncing package manager metadata for default image :: Synchronizing package databases... core is up to date extra is up to date ‣ Building default image ‣ Installing Arch <...> [Where problems could occur] The package is already in noble, but it has not yet been shipped in that version. Therefore if problems were to occur, it would most likely be in interactions with other packages. This could show up as conflicts in the /usr/share/keyrings directory, or failures when using the contained keys.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2076416 Title: [SRU] Upload latest archlinux-keyring from oracular to noble-proposed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/archlinux-keyring/+bug/2076416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
