Arch Linux User Repository

The validity of the package isn't impacted because the archive was signed prior to the key expiring.

If there's a new release signed with the current key, that becomes an issue. Considering how stable the software is, I don't think that'll be happening anytime soon.

The validity of the package isn't impacted because the archive was signed prior to the key expiring.

If there's a new release signed with the current key, that becomes an issue. Considering how stable the software is, I don't think that'll be happening anytime soon.

@grawlinson

I also had some trouble with the key, possibly due to the key being out of date. This worked for me ...

gpg --keyserver pool.sks-keyservers.net --recv-keys 68D94D8AAEEAD48AE7DC5B904F494A942E4616C2

Out of curiosity, where did you get the key from? I seem to be unable to import/receive the signing key on my new computer.

The signing key has expired.

==> Verifying source file signatures with gpg...
    libiconv-1.16.tar.gz ... Passed (WARNING: the key has expired.)
==> WARNING: Warnings have occurred while verifying the signatures.
    Please make sure you really trust them.

Not much you can do about it, I suppose.

The source tarball is signed so in order to verify, you’ll need to import the key into your personal key ring.

gpg --recv-keys $KEY

I can't upgrade package.

unknown public key 4F494A942E4616C2

Version 1.16 is out, would like to see this updated soon: https://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.16.tar.gz

Current version: https://github.com/Martchus/PKGBUILDs/blob/master/libiconv/default/PKGBUILD

Could you add "armv7h" to the list of architectures? The package builds flawlessly on the Raspberry Pi.