On 2026-01-20 14:58 -0500, Thomas Dickey wrote: > Now I updated > > https://invisible-island.net/public/[email protected] > > from the file which I generated on Saturday.
Thanks. Unfortunately I ran into a new problem with this key, the sqv tool (which dpkg-source uses by default) complains about existing signatures: ,---- | $ wget -q https://invisible-mirror.net/archives/ncurses/current/tack-1.11-20251210.tgz | $ wget -q https://invisible-mirror.net/archives/ncurses/current/tack-1.11-20251210.tgz.asc | $ wget -q https://invisible-mirror.net/public/[email protected] | $ LANG=C sqv --keyring [email protected] tack-1.11-20251210.tgz.asc tack-1.11-20251210.tgz | Signing key on 19882D92DDA4C400C22C0D56CC2AF4472167BE03 is not bound: | No binding signature at time 2025-12-11T01:25:41Z | because: No binding signature at time 2025-12-11T01:25:41Z | $ echo $? | 1 `---- When I merge the expired key and the new one with "sq keyring merge", the complaints stop. Apparently this problem does not show up with gpg instead of sq/sqv, any ideas? Cheers, Sven
