AUR (en) - librewolf-bin

Search Criteria

Enter search criteria

Search by

Keywords

Out of Date

Sort by

Sort order

Per page

Package Details: librewolf-bin 1:150.0.3_1-1

Package Actions

Git Clone URL:	https://aur.archlinux.org/librewolf-bin.git (read-only, click to copy)
Package Base:	librewolf-bin
Description:	Community-maintained fork of Firefox, focused on privacy, security and freedom.
Upstream URL:	https://librewolf.net/
Keywords:	browser web
Licenses:	MPL-2.0
Conflicts:	librewolf
Provides:	librewolf
Submitter:	lsf
Maintainer:	lsf
Last Packager:	lsf
Votes:	626
Popularity:	24.26
First Submitted:	2019-06-16 13:12 (UTC)
Last Updated:	2026-05-13 07:44 (UTC)

Dependencies (39)

alsa-lib
at-spi2-core (at-spi2-core-git^AUR)
bash (bash-git^AUR, bash-devel-git^AUR)
cairo (cairo-git^AUR)
dbus (dbus-git^AUR, dbus-selinux^AUR, dbus-nosystemd-git^AUR)
ffmpeg (ffmpeg-nvcodec-11-1-git^AUR, ffmpeg-ffplayout^AUR, ffmpeg-cuda^AUR, ffmpeg-decklink^AUR, ffmpeg-amd-full^AUR, ffmpeg-amd-full-git^AUR, librempeg-git^AUR, ffmpeg-whisper-git^AUR, ffmpeg-git^AUR, ffmpeg-full-git^AUR, ffmpeg-cuda-full^AUR, ffmpeg-full^AUR, ffmpeg-full-llvm^AUR, ffmpeg-libfdk_aac^AUR, ffmpeg-obs^AUR, ffmpeg-headless^AUR, ffmpeg-whisper^AUR)
fontconfig (fontconfig-git^AUR, fontconfig-ubuntu^AUR)
freetype2 (freetype2-qdoled-aw3225qf^AUR, freetype2-qdoled^AUR, freetype2-qdoled-gen3^AUR, freetype2-woled^AUR, freetype2-git^AUR, freetype2-macos^AUR)
gcc-libs (gcc-libs-git^AUR, gccrs-libs-git^AUR, gcc-libs-snapshot^AUR)
gdk-pixbuf2 (gdk-pixbuf2-git^AUR, gdk-pixbuf2-noglycin^AUR)
glib2 (glib2-git^AUR, glib2-patched-thumbnailer^AUR)
glibc (glibc-git^AUR, glibc-eac^AUR, glibc-git-native-pgo^AUR)
gtk3 (gtk3-no_deadkeys_underline^AUR, gtk3-classic^AUR, gtk3-patched-filechooser-icon-view^AUR, gtk3-classic-xfce^AUR)
hicolor-icon-theme (hicolor-icon-theme-git^AUR)
libpulse (pulseaudio-dummy^AUR, libpulse-git^AUR)
libx11 (libx11-git^AUR)
libxcb (libxcb-git^AUR)
libxcomposite
libxcursor
libxdamage
Show 19 more dependencies...

Required by (39)

edge-frfox (requires librewolf) (optional)
ff2mpv-go-git (requires librewolf) (optional)
ff2mpv-rust (requires librewolf) (optional)
firefox-gnome-theme (requires librewolf) (optional)
librewolf-comment-out-cfg-hook (requires librewolf)
librewolf-extension-bitwarden-bin (requires librewolf)
librewolf-extension-bitwarden-git (requires librewolf) (optional)
librewolf-extension-dark-background-light-text (requires librewolf)
librewolf-extension-darkreader (requires librewolf)
librewolf-extension-darkreader-bin (requires librewolf)
librewolf-extension-duckduckgo-privacy-essentials (requires librewolf)
librewolf-extension-foxyproxy (requires librewolf)
librewolf-extension-gnome-shell-integration (requires librewolf)
librewolf-extension-greasemonkey (requires librewolf)
librewolf-extension-kagisearch-bin (requires librewolf)
librewolf-extension-localcdn-bin (requires librewolf)
librewolf-extension-plasma-integration (requires librewolf)
librewolf-extension-plasma-integration-bin (requires librewolf)
librewolf-extension-protonpass-bin (requires librewolf)
librewolf-extension-proxy-toggle-bin (requires librewolf)
Show 19 more...

Sources (7)

Pinned Comments

lsf commented on 2021-11-10 12:14 (UTC) (edited on 2026-05-07 09:38 (UTC) by lsf)

https://wiki.archlinux.org/title/Arch_User_Repository#Acquire_a_PGP_public_key_if_needed

gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801

/edit: starting with 112.0-1, the binaries are signed with the maintainers shared key, so gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 662E3CDD6FE329002D0CA5BB40339DD82B12EF16 should do the trick instead. I've also signed the key with the previously used key, so you have at least some guarantee that it's not a malicious attack :)

/edit: (2026-05-07): The upstream signing sub-key was rotated, and the .tar.xz tarballs will now be signed with a new subkey. The main key id (0x662E3CDD6FE329002D0CA5BB40339DD82B12EF16) remains unchanged though, so should you get an error during signature verification about a missing (sub)key, all that's required would be to refresh the key(s) via gpg --refresh-keys 662E3CDD6FE329002D0CA5BB40339DD82B12EF16.

Latest Comments

1 2 3 4 5 6 .. 29 Next › Last »

Ricko commented on 2026-05-13 23:43 (UTC)

To import proper keys after failed update try below steps to be sure what you are importing.
1. check cache for librewolf's PKGBUILD, look inside and find the pubkey in validpgpkeys value
2. make sure of the key's origin with: gpg --search-keys --fingerprint <key_from_PKGBUILD> and whether it matches LibreWolf Maintainers <gpg@librewolf.net>
3. assuming everything's clear, import: gpg --receive-keys <key_from_PKGBUILD>
This should get you 2 new subkeys, and 3 new signatures.

flauta commented on 2026-05-13 19:24 (UTC) (edited on 2026-05-13 19:26 (UTC) by flauta)

Following last comment:

sudo gpg --fetch-keys https://rpm.librewolf.net/pubkey.gpg
gpg: richiesta di chiave da 'https://rpm.librewolf.net/pubkey.gpg'
gpg: chiave 40339DD82B12EF16: "LibreWolf Maintainers <gpg@librewolf.net>" non 
modificata
gpg: Numero totale esaminato: 1
gpg:         non modificate: 1

but after this I still get the same error:

yay librewolf-bin
[...]
==> Validazione delle firme dei sorgenti con gpg in corso...
librewolf-150.0.3-1-linux-x86_64-package.tar.xz ... NON RIUSCITO (chiave 
pubblica sconosciuta 915585A1C36690B1)
==> ERRORE: Una o più firme PGP non possono essere verificate!

unclezz commented on 2026-05-09 09:16 (UTC)

Command from Andykluger is the only one you need to get the bin file installed:

gpg --fetch-keys https://rpm.librewolf.net/pubkey.gpg

gattino commented on 2026-05-08 18:20 (UTC) (edited on 2026-05-08 18:26 (UTC) by gattino)

i got the same error:

==> ERRORE: Una o più firme PGP non possono essere verificate!
 -> errore durante la creazione: librewolf-bin-exit status 1
 -> Installazione dei seguenti pacchetti non riuscita. È richiesto l'intervento manuale:
librewolf-bin - exit status 1

I tried the suggested command but

gpg --fetch-keys https://rpm.librewolf.net/pubkey.gpg

it didn't work, this is the answer:

can't connect to 'socket:///home/gattino/.gnupg/log-socket': Connessione rifiutata

andykluger commented on 2026-05-08 15:17 (UTC)

gpg --fetch-keys https://rpm.librewolf.net/pubkey.gpg

should help!

Derson5 commented on 2026-05-08 13:52 (UTC)

Yup, I got the same error:

==> Verifying source file signatures with gpg...
    librewolf-150.0.2-1-linux-x86_64-package.tar.xz ... FAILED (unknown public key 915585A1C36690B1)
==> ERROR: One or more PGP signatures could not be verified!
error: failed to download sources for 'librewolf-bin-1:150.0.2_1-1':
error: packages failed to build: librewolf-bin-1:150.0.2_1-1

99cents commented on 2026-05-07 18:37 (UTC)

==> Verifying source file signatures with gpg... librewolf-150.0.1-1-linux-x86_64-package.tar.xz ... FAILED (unknown public key 915585A1C36690B1) ==> ERROR: One or more PGP signatures could not be verified!

lsf commented on 2026-05-07 13:49 (UTC)

While the paranoia is appreciated, in this case especially the core issue is "package signing working as intended". (LW) Upstream had to rotate a subkey, the subkey was then properly revoked and a new subkey created as part of the old, existing upstream signing key, and distributed on the keyservers. Except for the initial .sig files still having been created with the old subkey, everything else was either AUR helper related stuff, or an aspect of OpenPGP and keyserver related stuff. Which shouldn't imply not to be skeptical, not at all! – but just give a bit more background as to why it is, imho, quite an delivery channel. Especially considering it's maintained by one of LibreWolf's core maintainers :D

(and if in doubt, there's the upstream codeberg repos, the matrix rooms, and the mastodon account available, too ^^)

vjraitila commented on 2026-05-07 13:32 (UTC)

@Haunter I think your paranoia is warranted. This is one of the most popular AUR packages, invalid signing keys, offers for help in the comments... I wish we had some other delivery channel for a such an awesome project.