Lintian ReportsBETA

Ipublic-upstream-keys-in-multiple-locations

Tag versions

The tag is present in Lintian version 2.104.264. That is the most recent version we know about.

The source package contains public upstream signing keys (or keyrings) in multiple locations. This situation is potentially confusing for uscan(1) or any other tool hoping to verify the integrity and authenticity of upstream sources.

Please remove all keys (or keyrings) except one at the recommended location debian/upstream/signing-key.asc.

Refer to the uscan(1) manual page for details.

Visibility: info

Check: debian/upstream/signing-key

The following 4 source packages in the archive triggered the tag 4 times.

There were no overrides.