Hi Who do I have to badger to get the obsolete and frankly dangerous Debian repo instructions fixed @ https://www.postgresql.org/download/linux/debian/ ?
The manner proposed is really "not the done thing" in 2024 and it has been explicitly obsoleted by Debian so the project really should not be promoting it as a supported manner to do things. TL;DR: You should not be using blindly trusting keys for all repos (which is what apt-key add does). See : https://wiki.debian.org/DebianRepository/UseThirdParty Something like this is the way it should be done: # Install GPG Certcurl -fsSL "https://www.postgresql.org/media/keys/ACCC4CF8.asc"; \ | gpg --dearmor \ | sudo sponge /etc/apt/keyrings/postgresql.gpg # Create source list file . /etc/os-release echo "deb [signed-by=/etc/apt/keyrings/postgresql.gpg] https://apt.postgresql.org/pub/repos/apt ${VERSION_CODENAME}-pgdg main" \ | doas sponge /etc/apt/sources.list.d/postgresql.list ## Install doas apt-get update && apt-get -y install postgresql
