Package Details: firefox-nightly 55.0a1.20170311-1

Git Clone URL: https://aur.archlinux.org/firefox-nightly.git (read-only)
Package Base: firefox-nightly
Description: Standalone web browser from mozilla.org, nightly build
Upstream URL: http://www.mozilla.org/projects/firefox
Keywords: firefox web_browser
Licenses: GPL, MPL, LGPL
Submitter: None
Maintainer: xenom
Last Packager: xenom
Votes: 461
Popularity: 5.852185
First Submitted: 2008-09-10 14:23
Last Updated: 2017-03-11 12:15

Latest Comments

Looserof7 commented on 2017-03-16 17:30

@xenom

Upstream URL: doesn't work any more,

This one: https://www.mozilla.org/en-US/firefox/channel/desktop/
or
This one: https://www.mozilla.org/en-US/firefox/desktop/

would be better.

lwinch2006 commented on 2017-03-11 15:17

With this URL (https://archive.mozilla.org/pub/firefox/nightly/latest-mozilla-central/) signature gets successfully verified. 3 URLs that looks pretty the same content have. I already lost in Mozilla's URLs. :-)

noctil commented on 2017-02-19 04:17

@acidicX

Try

gpg --keyserver pgp.mit.edu --recv-keys 14F26682D0916CDD81E37B6D61B7B526D98F0353

ArchangeGabriel commented on 2017-02-14 14:46

@acidicX: Please read the full ticket, the issue is not a checksum URL one, it’s a CDN one. The .sig file end up being the same on all the CDN targets, but the .tar.bz file isn’t. There is no key management issue, only a CDN one. The checksum thing it is referring to is a symptom of this just as is the bad signature one.

acidicX commented on 2017-02-14 14:37

> firefox-54.0a1.en-US.linux-x86_64.tar.bz2 ... FAILED (bad signature from public key 1C69C4E55E9905DB)

Why would this be the same issue as the checksum URL problem? Isn't this more of a key management issue?

ArchangeGabriel commented on 2017-02-12 17:03

The source URL is a symptom, the real issue is indeed https://bugzilla.mozilla.org/show_bug.cgi?id=1336732.

di72nn commented on 2017-02-12 16:12

@NoSohoth the PKGBUILD is already updated.
I believe your issue is related to the source URL. Try
https://ftp.mozilla.org/pub/firefox/nightly/latest-mozilla-central/ instead of
https://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-mozilla-central/

NoSohoth commented on 2017-02-12 15:44

Checksum are finally back, however the .asc and tarball don't match:

==> Verifying source file signatures with gpg...
firefox-54.0a1.en-US.linux-x86_64.tar.bz2 ... FAILED (bad signature from public key 1C69C4E55E9905DB)
==> ERROR: One or more PGP signatures could not be verified!
==> ERROR: Makepkg was unable to build firefox-nightly.

Related to this: https://bugzilla.mozilla.org/show_bug.cgi?id=1305139#c63
This: https://bugzilla.mozilla.org/show_bug.cgi?id=1336732
And this: https://aur.archlinux.org/packages/firefox-dev/#news

For some reason, I get the good .asc when I download it with firefox, but not with wget or makepkg.

xenom commented on 2017-02-11 19:53

Thanks for the updated PKGBUILD.
CHecksum removed in favor of signed tarball.

ArchangeGabriel commented on 2017-02-11 17:31

Checksum are indeed back, and the issue remains open only because it’s not fixed in aurora channel (just nightly one).

However, I would advise removing them altogether in favour of the signed tarball, checksum serve no purpose anymore then.

All comments