Package Details: librewolf-bin 1:152.0.6_1-1

Git Clone URL: https://aur.archlinux.org/librewolf-bin.git (read-only, click to copy)
Package Base: librewolf-bin
Description: Community-maintained fork of Firefox, focused on privacy, security and freedom.
Upstream URL: https://librewolf.net/
Keywords: browser web
Licenses: MPL-2.0
Conflicts: librewolf
Provides: librewolf
Submitter: lsf
Maintainer: lsf
Last Packager: lsf
Votes: 644
Popularity: 19.43
First Submitted: 2019-06-16 13:12 (UTC)
Last Updated: 2026-07-15 08:05 (UTC)

Required by (40)

Sources (7)

Pinned Comments

lsf commented on 2021-11-10 12:14 (UTC) (edited on 2026-05-07 09:38 (UTC) by lsf)

https://wiki.archlinux.org/title/Arch_User_Repository#Acquire_a_PGP_public_key_if_needed

gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801

/edit: starting with 112.0-1, the binaries are signed with the maintainers shared key, so gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 662E3CDD6FE329002D0CA5BB40339DD82B12EF16 should do the trick instead. I've also signed the key with the previously used key, so you have at least some guarantee that it's not a malicious attack :)

/edit: (2026-05-07): The upstream signing sub-key was rotated, and the .tar.xz tarballs will now be signed with a new subkey. The main key id (0x662E3CDD6FE329002D0CA5BB40339DD82B12EF16) remains unchanged though, so should you get an error during signature verification about a missing (sub)key, all that's required would be to refresh the key(s) via gpg --refresh-keys 662E3CDD6FE329002D0CA5BB40339DD82B12EF16.

Latest Comments

« First ‹ Previous 1 .. 23 24 25 26 27 28 29 Next › Last »

xavierbaez commented on 2021-01-22 11:14 (UTC)

Hello lsf. I read your previous comment, imported the keys, it still will not work.

:: PGP keys need importing: -> 9D7008F8DFCD21508174954A3740FE9FC5772203, required by: librewolf-bin ==> Import? [Y/n] Y :: Importing keys with gpg... gpg: keyserver receive failed: No data problem importing keys

I think now the package expects both keys to be there, but only one is there

lsf commented on 2021-01-22 09:51 (UTC)

"Standard practices" apply for verifying the signatures:

The key is available on sks-keyservers.net or keys.gnupg.net (at least). You can manually download it and import it (eg: http://keys.gnupg.net/pks/lookup?op=get&search=0xD2845E1305D6E801), or get it with gpg: gpg --search-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801 or gpg --recv-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801. If you have set a different keyserver in your gnupg config, you can specify a keyserver directly by adding --keyserver url.to.some.keyserver, eg.: gpg --keyserver keys.gnupg.net --search-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801 or gpg --keyserver keys.gnupg.net --recv-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801.

If you absolutely do not care about signature verification, you can also skip it by adding --skippgpcheck when running makepkg, yay, paru etc.

freebench commented on 2021-01-22 07:06 (UTC)

==> ERROR: One or more PGP signatures could not be verified!

pfctl commented on 2021-01-20 07:09 (UTC)

FYI, error verifying source file signatures with gpg (keys not imported). Installation aborts:

==> Verifying source file signatures with gpg...
librewolf-84.0.2-1-x86_64.pkg.tar.zst ... FAILED (unknown public key 2954CC8585E27A3F)
==> ERROR: One or more PGP signatures could not be verified!

xavierbaez commented on 2021-01-19 06:35 (UTC)

:: PGP keys need importing: -> 031F7104E932F7BD7416E7F6D2845E1305D6E801, required by: librewolf-bin -> 9D7008F8DFCD21508174954A3740FE9FC5772203, required by: librewolf-bin ==> Import? [Y/n] Y :: Importing keys with gpg... gpg: keyserver receive failed: No name problem importing keys

vasya commented on 2020-08-28 11:54 (UTC)

@lsf thanks! That fixes the problem. For now I've timeboxed it; I might submit PR-s in the future, if that'll be needed

lsf commented on 2020-08-23 12:14 (UTC)

@vasya

I've updated the PKGBUILD (without bumping the pkrel, intentionally) – should be better for your purposes now :)

lsf commented on 2020-08-18 08:50 (UTC) (edited on 2020-08-21 08:31 (UTC) by lsf)

Thanks for your feedback!

For the points in general: If you have the time, you could submit a PR at https://gitlab.com/librewolf-community/browser/arch – that's where the PKGBUILDs are maintained.

Otherwise, I'll just look into it myself, of course :)

vasya commented on 2020-08-18 08:22 (UTC)

Hi! Can you please improve the PKGBUILD script a bit? I'm trying to build it in RUA build tool (that I wrote), and I see some shellcheck warnings:

  • _pkgname=LibreWolf seems to be unused
  • Strings like that are not quoted: ${_uploadpath_aarch64} They could be quoted with "${_uploadpath_aarch64}"
  • srcdir and pkgdir are unqouted: cp -r $srcdir/usr $pkgdir/ Which is really problematic if one tries to build the package in a directory that has a space or other "special" symbols. Alternative would be: cp -r "$srcdir"/usr "$pkgdir"/

Thoughts? Thanks for the package!

lsf commented on 2020-03-06 21:05 (UTC)

@mwoah that's good to hear, and sorry for the radio silence on my side.

I'm currently working on getting the project back on track (and some open issues taken care of) over on https://gitlab.com/librewolf-community, so I hope in the future you'll get some actual response from me or someone else over there :)