Debian trixie not able to download apt repo due to switch from gpgv to sqv #35588
Description
Description
Hi, I believe this is an issue with how gitea is generating the Debian package repository gpg key. After upgrading my Proxmox hosts from bookworm to trixie, I am getting this error when updating my Gitea repo's apt cache:
$ apt update
...
Warning: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. OpenPGP signature verification failed: https://<redacted>/api/packages/jacob/debian trixie InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on <redacted> is not bound: No binding signature at time 2025-09-14T17:10:27Z because: No binding signature at time 2025-09-14T17:10:27Z
Warning: Failed to fetch https://<redacted>/api/packages/jacob/debian/dists/trixie/InRelease Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on <redacted> is not bound: No binding signature at time 2025-09-14T17:10:27Z because: No binding signature at time 2025-09-14T17:10:27Z
Warning: Some index files failed to download. They have been ignored, or old ones used instead.In the meantime, I found I could revert from sqv to gpgv by adding this to /etc/apt/apt.conf.d/99force-gpgv, which fixed the issue.
APT::Key::gpgvcommand "/usr/bin/gpgv";
According to the error message, a binding signature is missing from the key, but I am not familiar with gpg, so I don't know what needs to be changed to fix the issue.
Gitea Version
1.24.6
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Screenshots
No response
Git Version
No response
Operating System
Debian
How are you running Gitea?
I am running it using Docker with the docker.io/gitea/gitea:latest image.
Database
None