Um, I think I need a new sourcelist?

onenemy · January 30, 2026, 3:37am

What type of hardware are you using: Virtual machine
What YunoHost version are you running: 12.1.39 (stable)
How are you able to access your server: The webadmin
SSH
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: Specal tweaking. Souces List.

Describe your issue

There was this error everytime I would try to update anything on my Yunohost instance:

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 62D54FD4003F6525

I attempted to look for and run random commands (stupid, i know, i should have asked for help first but, again, stupid) and now my list is broken after running this command:

curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg -o /usr/share/keyrings/yarn-keyring.asc \ && sed -i '1s;^deb;deb [signed-by=/usr/share/keyrings/yarn-keyring.asc];' /etc/apt/sources.list.d/yarn.list

from this website: Apt-get update fails inside container yarn repo not signed - #5 by pfaffman - Bug - Discourse Meta

and now I get this error:

E: Malformed entry 1 in list file /etc/apt/sources.list.d/yarn.list (URI parse) E: The list of sources could not be read.

Traceback when I go to update:

Traceback (most recent call last): File "/usr/lib/python3/dist-packages/moulinette/interfaces/api.py", line 430, in process ret = self.actionsmap.process(arguments, timeout=30, route=_route) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/moulinette/actionsmap.py", line 580, in process return func(**arguments) ^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/yunohost/tools.py", line 355, in tools_update_norefresh return tools_update(no_refresh=True) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/yunohost/log.py", line 532, in func_wrapper result = func(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/yunohost/tools.py", line 433, in tools_update upgradable_system_packages = list(_list_upgradable_apt_packages()) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/yunohost/utils/system.py", line 211, in _list_upgradable_apt_packages upgradable_raw = check_output("LC_ALL=C apt list --upgradable") ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/yunohost/utils/process.py", line 40, in check_output subprocess.check_output(args, stderr=stderr, shell=shell, **kwargs) File "/usr/lib/python3/dist-packages/gevent/subprocess.py", line 427, in check_output raise CalledProcessError(retcode, process.args, output=output) subprocess.CalledProcessError: Command 'LC_ALL=C apt list --upgradable' returned non-zero exit status 100.

And I am super confused as what to do.

Share relevant logs or error messages

None at the moment. Last one was a successful install of Firefox Sync using old source-list before this all happened.

ewilly · January 30, 2026, 7:04am

Could you post the content of /etc/apt/sources.list.d/yarn.list?

onenemy · January 30, 2026, 7:40am

deb [signed-by=/usr/share/keyrings/yarn-keyring.asc] [signed-by=/etc/apt/trusted.gpg.d/yarn.gpg] https://dl.yarnpkg.com/debian/ stable main

This looks like the command I ran.

ewilly · January 30, 2026, 8:11am

just remove the duplicate [...]

Sanook · January 30, 2026, 8:23am

deb [signed-by=/etc/apt/trusted.gpg.d/yarn.gpg] https://dl.yarnpkg.com/debian/ stable main

Cron daemon is sending me:

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 62D54FD4003F6525 W: Failed to fetch https://dl.yarnpkg.com/debian/dists/stable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 62D54FD4003F6525 W: Some index files failed to download. They have been ignored, or old ones used instead.

ewilly · January 30, 2026, 8:34am

see Yarn repo key expired [EDIT: changed again], is it OK to trust it?

onenemy · January 30, 2026, 9:42am

What does this mean? Sorry, I’m so confused rn. I might just ask them to reinstall the vps since none of this makes sense.

Maknho · January 30, 2026, 10:02am

the solution is here Yarn repo key expired [EDIT: changed again], is it OK to trust it? - #14 by rodinux

onenemy · January 30, 2026, 10:29am

Ok. So now I get

W: Unable to read /etc/apt/apt.conf.d/02periodic - open (13: Permission denied) W: Unable to read /etc/apt/apt.conf.d/51unattended-upgrades-override - open (13: Permission denied) E: Malformed entry 1 in list file /etc/apt/sources.list.d/yarn.list (URI parse) E: The list of sources could not be read.

When I run apt update

jarod5001 · January 30, 2026, 10:33am

Delete the file, then force regenerate apt using sudo yunohost tools regen-conf --force

Then use the command proposed for updating the gpg key for yarn. Yarn repo key expired [EDIT: changed again], is it OK to trust it? - #15 by otm33

onenemy · January 30, 2026, 11:24am

Ok, that worked. Thanks. Sorry I didn’t understand.

system · March 1, 2026, 11:25am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.