You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is because the InRelease file is signed with SHA1, and SHA1 hashes are being deprecated. You can fix this by adding this to ~/.gnupg/gpg.conf on whichever machine is updating/signing the repo:
cert-digest-algo SHA256
digest-algo SHA256
This will make GPG sign using SHA256 rather than SHA1.
The text was updated successfully, but these errors were encountered:
I am going over old issues on this repository, to see which ones apply to the current versions of hhvm.
I have not verified this, since I install on Ubuntu. (I don't get SHA1 notices there, but this might be something that only reproduces on Debian.) No replies or similar issue has been raised on hhvm since 2016. I'll assume this means the SHA1 hash has been replaced by something that is not deprecated.
The last build of hhvm which was packaged for Debian was published late 2022. If this issue persists in the revamped releases, please open a new issue.
When using the HHVM Debian repo,
apt-get update
on Debian and Ubuntu throws this warning:This is because the
InRelease
file is signed with SHA1, and SHA1 hashes are being deprecated. You can fix this by adding this to~/.gnupg/gpg.conf
on whichever machine is updating/signing the repo:This will make GPG sign using SHA256 rather than SHA1.
The text was updated successfully, but these errors were encountered: