On 5/10/21 3:22 PM, Javier wrote:
> See:
>
>> Total Download Size: 1.39 MiB
>> Total Installed Size: 6.03 MiB
>> Net Upgrade Size: 0.11 MiB
>>
>> :: Proceed with installation? [Y/n] :: Retrieving packages...
>> ruby-rdoc-6.3.1-1-any 419.9 KiB 1200 KiB/s 00:00 [########################################################] 29%
>> remmina-1:1.4.14-1-x86_64 1424.0 KiB 2.21 MiB/s 00:01 [########################################################] 100%
>> (2/2) checking keys in keyring [########################################################] 100%
>> (2/2) checking package integrity [########################################################] 100%
>> error: remmina: signature from "Sergej Pupykin <arch at sergej.pp.ru>" is marginal trust
>> :: File /var/cache/pacman/pkg/remmina-1:1.4.14-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
>> Do you want to delete it? [Y/n] Y
>> error: failed to commit transaction (invalid or corrupted package)
>> Errors occurred, no packages were upgraded.
>
> What should be done? Devs help increasing trust for Segej, other devs sign the package? I guess for users it's just a matter of time, right? or is there something to do from the user side?
This is not Arch, but it sounds pretty similar to what's reported by Arch devs [1]. Would it be Artix followed the same issue?
--
Javier
[1] https://lists.archlinux.org/pipermail/arch-dev-public/2021-May/030431.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <https://lists.artixlinux.org/archives/artix-general/attachments/20210510/decdc7e9/attachment.sig>
More information about the artix-general
mailing list