@staticsafe Did they update the key by now (on Jan 1, it was still the old one in their repo...).
@galaxis yeah looks like they did, I pulled the new key and no more errors from apt
@galaxis maybe I should put a yearly cron job to update the key if it expires yearly like this 🤔
@staticsafe Yeah, looks like they're currently rolling a new subkey for each year:
> gpg --with-fingerprint pubkey.gpg
gpg: WARNING: no command supplied. Trying to guess what you mean ...
pub rsa4096 2016-10-05 [SC]
uid Yarn Packaging <firstname.lastname@example.org>
sub rsa4096 2016-10-05 [E]
sub rsa4096 2016-10-05 [S] [expired: 2017-10-05]
sub rsa4096 2016-10-30 [S] [expired: 2019-01-01]
sub rsa4096 2017-09-10 [S] [expired: 2019-01-01]
sub rsa4096 2019-01-02 [S] [expires: 2020-02-02]
@staticsafe ill have to check this out tonight
staticsafe's personal Mastodon instance.