Updates install ok but

Support
1

What type of hardware are you using: Old laptop or computer
What YunoHost version are you running: 12.1.39
How are you able to access your server: SSH
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: No

Describe your issue

Hello.

Today, like every day, I check for updates for both the system and apps. Today, there was a Dovecot update and the BookStack app, howver after the updates I got the following error:

Unable to update the cache of APT (Debian’s package manager). Here is a dump of the sources.list lines, which might help identify problematic lines:
sources.list:deb Index of /debian bookworm main contrib
sources.list:deb-src Index of /debian bookworm main contrib
sources.list:deb [signed-by=/usr/share/keyrings/yunohost-bookworm.gpg] Index of /debian/ bookworm stable
sources.list:deb Index of /debian-security bookworm-security main contrib non-free non-free-firmware
sources.list:deb-src Index of /debian-security bookworm-security main contrib non-free non-free-firmware
sources.list:deb Index of /debian bookworm-updates main contrib non-free non-free-firmware
sources.list:deb-src Index of /debian bookworm-updates main contrib non-free non-free-firmware
sources.list.d/extra_php_version.list:deb [signed-by=/etc/apt/trusted.gpg.d/extra_php_version.gpg] Index of /php/ bookworm main
sources.list.d/yarn.list:deb [signed-by=/etc/apt/trusted.gpg.d/yarn.gpg] https://dl.yarnpkg.com/debian/ stable main

and at the bottom the following:

Fetching available upgrades for system packages…
W: GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 62D54FD4003F6525
E: The repository ‘https://dl.yarnpkg.com/debian stable InRelease’ is not signed.

I have seen many reports on the forum regarding app signing, tracker etc…

Can anyone help me with a fix to clear this error as I now get the error every time I try to update.

If I run sudo apt update in ssh I get:

Hit:1 http://ftp.debian.org/debian bookworm InRelease
Hit:2 http://security.debian.org/debian-security bookworm-security InRelease                                          
Hit:4 http://ftp.debian.org/debian bookworm-updates InRelease                                                         
Get:5 https://dl.yarnpkg.com/debian stable InRelease                
Hit:6 https://packages.sury.org/php bookworm InRelease
Hit:3 https://forge.yunohost.org/debian bookworm InRelease
Err:5 https://dl.yarnpkg.com/debian stable InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 62D54FD4003F6525
Reading package lists... Done
W: GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 62D54FD4003F6525
E: The repository 'https://dl.yarnpkg.com/debian stable InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

many thanks

Dj

Share relevant logs or error messages

none

2

Fixed… I think…

Deleted

/etc/apt/sources.list.d/yarn.list

Then ran

sudo apt update.

Tried to run the update no errors…

Dj

3

It depends If you have a package which could need yarn repo…

As explain here

it need this command to get the key, sometimes we need do it again…

curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/yarn.gpg > /dev/null
4

@rodinux That’s great… Yes, just had a look at this link and will bookmark it.

Thanks very much

dj