Trying to build ros2 foxy. apt-key list shows the key is expired and so apt update stops. Any idea when this will be fixed?
It appears Open Robotics is now aware of the issue and working on it:
Thanks for bringing this to our attention. We’re working on the issue presently. I’ll send out updates as things evolve.
1 Like
We’ve created an incident report that is available here.
1 Like
We have issued a PR that addresses the issue and it is being reviewed. It may take some time to deploy and will require user action. We’ll post additional details as they become available.
Post on ROS Answers: apt update: signatures were invalid: F42ED6FBAB17C654.
With a sort-of acceptable work-around for those in dire need of .debs.
It works, but is not secure.
Besides, --allow-insecure-repositories is also a good temporary solution, without change any file.
sudo apt update --allow-insecure-repositories
However, I am still concerning when the new key is released.
of course. That’s why it’s called a work-around.
yes, but that will allow insecure updates and installs from all repositories. Not just packages.ros.org.
Allowing just packages.ros.org is at least a little less insecure.
that’s being worked on, as @kscottz and a few others have already posted.
1 Like
We have put together an incident report and a fix in this thread.
2 Likes