Bug#618445: marked as done (apt: Please downgrade "There is no public key available ..." to a notice)

To: Julian Andres Klode <jak@debian.org>
Subject: Bug#618445: marked as done (apt: Please downgrade "There is no public key available ..." to a notice)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 11 May 2016 09:51:09 +0000
Message-id: <[🔎] handler.618445.D618445.146296015914059.ackdone@bugs.debian.org>
References: <E1b0QlX-0008N7-Mm@franck.debian.org> <20110315080342.8686.23777.reportbug@octopus.hi.pengutronix.de>

Your message dated Wed, 11 May 2016 09:49:15 +0000
with message-id <E1b0QlX-0008N7-Mm@franck.debian.org>
and subject line Bug#618445: fixed in apt 1.2.12
has caused the Debian Bug report #618445,
regarding apt: Please downgrade "There is no public key available ..." to a notice
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
618445: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618445
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apt: Please downgrade "There is no public key available ..." to a notice
From: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Date: Tue, 15 Mar 2011 09:03:42 +0100
Message-id: <20110315080342.8686.23777.reportbug@octopus.hi.pengutronix.de>

Package: apt
Version: 0.8.10
Severity: minor
Tags: patch

Hello,

I'm about to change the gpg key used to sign our apt and so signed the
archive for now with two keys and will update the keyring package to
contain the new key soon.

The "problem" I'm faced with now is that if apt only knows one of the
two keys used it prints a warning

	W: There is no public key available for the following key IDs:
	...

I don't know if this is the only situation where this warning is issued,
but if it is (and the comment[1] in the source makes me believe it is) IMHO
a notice would be enough.
The main difference is that a notice doesn't result in a red box that
looks too important for me in aptitude.

For now I simply don't remove the old key from the keyring package yet
such that the warning goes away when the most recent version is
installed.

So the remaining downsides are that I need to update the keyring package
once more when the old key is expired (well or ignore that and simply
ship two keys) and that the users of our repository see the warning
until they update the keyring package (and have to update once more
later).

Best regards
Uwe

[1] "check for missing sigs (that where not fatal because otherwise we
     had bombed earlier)"

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1422,7 +1422,7 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message)			/*{{{*/
       missingkeys += (Fingerprint);
    }
    if(!missingkeys.empty())
-      _error->Warning("%s", string(msg+missingkeys).c_str());
+      _error->Notice("%s", string(msg+missingkeys).c_str());
 
    string Transformed = MetaIndexParser->GetExpectedDist();

--- End Message ---

--- Begin Message ---

To: 618445-close@bugs.debian.org
Subject: Bug#618445: fixed in apt 1.2.12
From: Julian Andres Klode <jak@debian.org>
Date: Wed, 11 May 2016 09:49:15 +0000
Message-id: <E1b0QlX-0008N7-Mm@franck.debian.org>

Source: apt
Source-Version: 1.2.12

We believe that the bug you reported is fixed in the latest version of
apt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 618445@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julian Andres Klode <jak@debian.org> (supplier of updated apt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 11 May 2016 10:56:53 +0200
Source: apt
Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source
Version: 1.2.12
Distribution: unstable
Urgency: medium
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Julian Andres Klode <jak@debian.org>
Description:
 apt        - commandline package manager
 apt-doc    - documentation for APT
 apt-transport-https - https download transport for APT
 apt-utils  - package management related utility programs
 libapt-inst2.0 - deb package format runtime library
 libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst
 libapt-pkg-doc - documentation for APT development
 libapt-pkg5.0 - package management runtime library
Closes: 618445 823976
Changes:
 apt (1.2.12) unstable; urgency=medium
 .
   [ Patrick Cable ]
   * refactored no_proxy code to work regardless of where https proxy is set
 .
   [ James McCoy ]
   * deb822: Restore support for <multivalue>-{Add,Remove}
 .
   [ David Kalnischkies ]
   * don't show NO_PUBKEY warning if repo is signed by another key
     (Closes: 618445)
   * allow redirection for items without a space in the desc again
   * don't sent uninstallable rc-only versions via EDSP
   * respect user pinning in M-A:same version (un)screwing
 .
   [ Julian Andres Klode ]
   * update: Run Post-Invoke-Success if not all sources failed
   * debian/gbp.conf: Set debian-branch to 1.2.y
 .
   [ Frans Spiesschaert ]
   * Dutch program translation update (Closes: 823976)
Checksums-Sha1:
 9088a1f91484b7d49d47a1e5d917e22e5eb19983 2339 apt_1.2.12.dsc
 3b0c1dac3c9210834aa29e0ea47fb61cd4ebe9a0 2050524 apt_1.2.12.tar.xz
Checksums-Sha256:
 1146744763ef28292ccecb8b5ec6814a5f47ce04f700c52646a5b3d9fe22bfec 2339 apt_1.2.12.dsc
 e820d27cba73476df4abcff27dadd1b5847474bfe85f7e9202a9a07526973ea6 2050524 apt_1.2.12.tar.xz
Files:
 58a972e3e7fe6fbc785083693ae1a373 2339 admin important apt_1.2.12.dsc
 80f6f0ef110a45a7e5af8a9d233fb0e7 2050524 admin important apt_1.2.12.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJXMvQuAAoJENc8OeVlgLOG00EP/0/XE7xMbnlprLcPPjUt4X3M
XwNME26wKQyOjlbd55VOdCU2tiyxEkxMAakIBNx5o5VCzIs6fI0gVjc/urL1eBLI
PQAGTkdp69hAnN7GWACDb5Zmde9o6FF92R63vttwLabAQoE5B1K6wpnISoBOqsj2
n4omZ5/ICpMQ2r4B+HU/1sZ68Ug9QHmelNYMxPI7JgmtWExK/rIYia5DU7kSoQaO
W9rNXoj0TkOlT5XDltnyh1OrLGnZF1ha5PuJkVlfEJo4s63emhoBBdTloQdi9ZfY
HqW81t3v+Zrh35F+qpvRPQ5w0IXL0jPdpQCz6bfNrT/n1KUB9ACuhG3TX5ll1wti
T2zVZByHlhSQXe1yO0VHpUNdlFPKvEZAdCV8VxW5roBvjw1+f8vq69EvddgP1Wo8
hyz1WsQv2OlKgimcqx8FLGjUBLpxnSnhsJIDLi3ABbL/ScWg4G3VLep/s1eCFspf
d2wGaMbPSNOXxbBNdH9jS0yQ+QDw18s+pzV2s/5ZyCBzBAb5prXD+31fnvviP/MA
fYgHjAQNcYgqBk7yqBXFCU+BUZ0ZjWusL8q1qZl/9P+CGbfnWaQ/oEXngJncwXFb
gyGeP5z72/KmJYxizcrhtcC9bYKO+C8fqPBYJ+fL0Jhmd58OPQcghupMNrMCDIvc
DbdVaGxqiojEZwFFyYtU
=70Rk
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: Processing of apt_1.2.12_source.changes
Next by Date: Bug#618445: marked as done (apt: Please downgrade "There is no public key available ..." to a notice)
Previous by thread: Processing of apt_1.2.12_source.changes
Next by thread: Bug#618445: marked as done (apt: Please downgrade "There is no public key available ..." to a notice)
Index(es):
- Date
- Thread