Package Details: librewolf-bin 1:150.0.3_1-1

Git Clone URL: https://aur.archlinux.org/librewolf-bin.git (read-only, click to copy)
Package Base: librewolf-bin
Description: Community-maintained fork of Firefox, focused on privacy, security and freedom.
Upstream URL: https://librewolf.net/
Keywords: browser web
Licenses: MPL-2.0
Conflicts: librewolf
Provides: librewolf
Submitter: lsf
Maintainer: lsf
Last Packager: lsf
Votes: 626
Popularity: 24.26
First Submitted: 2019-06-16 13:12 (UTC)
Last Updated: 2026-05-13 07:44 (UTC)

Required by (39)

Sources (7)

Pinned Comments

lsf commented on 2021-11-10 12:14 (UTC) (edited on 2026-05-07 09:38 (UTC) by lsf)

https://wiki.archlinux.org/title/Arch_User_Repository#Acquire_a_PGP_public_key_if_needed

gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801

/edit: starting with 112.0-1, the binaries are signed with the maintainers shared key, so gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 662E3CDD6FE329002D0CA5BB40339DD82B12EF16 should do the trick instead. I've also signed the key with the previously used key, so you have at least some guarantee that it's not a malicious attack :)

/edit: (2026-05-07): The upstream signing sub-key was rotated, and the .tar.xz tarballs will now be signed with a new subkey. The main key id (0x662E3CDD6FE329002D0CA5BB40339DD82B12EF16) remains unchanged though, so should you get an error during signature verification about a missing (sub)key, all that's required would be to refresh the key(s) via gpg --refresh-keys 662E3CDD6FE329002D0CA5BB40339DD82B12EF16.

Latest Comments

« First ‹ Previous 1 .. 18 19 20 21 22 23 24 25 26 27 28 29 Next › Last »

Domarius commented on 2021-09-16 02:44 (UTC)

I'm getting the same error as bmccorm23.

bmccorm23 commented on 2021-09-02 17:10 (UTC)

I tried with the full key - same result :/

lsf commented on 2021-09-02 16:03 (UTC)

You could try 031F7104E932F7BD7416E7F6D2845E1305D6E801 instead – 2954CC8585E27A3F (in short notation) is the subkey used for the signature, while the other is the main key ID. (the key is on a hardware token and split in an always-offline main key and three subkeys, which might explain the discrepancies in key IDs shown)

bmccorm23 commented on 2021-09-02 13:57 (UTC)

Sorry for being dense. I'm getting the error below and can't seem to add that key. Looked in the comments and found this command but didn't work for me: gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 2954CC8585E27A3F

==> Verifying source file signatures with gpg... librewolf-91.0.2-1-x86_64.pkg.tar.zst ... FAILED (unknown public key 2954CC8585E27A3F) ==> ERROR: One or more PGP signatures could not be verified!

electricprism commented on 2021-08-28 07:01 (UTC)

Description could use some relevant keywords so LibreWolf appears when searching for "browser" or "web browser" in the AUR

NeoTheFox commented on 2021-06-26 19:45 (UTC)

Thank you, whatever you changed worked, it installs without issues now. For the record it's the first time I've seen an error like this with zstd

lsf commented on 2021-06-25 22:08 (UTC)

Hm, "works for me" (just tried it on a PBP).

Usually I'd assume it was a transfer/download error, but that should've thrown an error with the signature verification.

Still, I'd try to just clean any files still hanging around and try it again.

NeoTheFox commented on 2021-06-25 21:59 (UTC)

There is a problem with AArch64 package: -> Extracting librewolf-89.0.2-1-aarch64.pkg.tar.zst with bsdtar usr/share/icons/hicolor/16x16/apps/librewolf.png: Zstd decompression failed: Restored data doesn't match checksum bsdtar: Error exit delayed from previous errors.

« First ‹ Previous 1 .. 18 19 20 21 22 23 24 25 26 27 28 29 Next › Last »