This is a tracking bug for Change: Managing expired PGP keys in DNF5 For more details, see: https://fedoraproject.org/wiki/Changes/Dnf5ExpiredPGPKeys Implementing new logic in DNF5 to remove expired and obsolete repository keys from the system. If you encounter a bug related to this Change, please do not comment here. Instead create a new bug and set it to block this bug.
Hi Jan, how goes this change for F42? The testable deadline is coming up in about two weeks, on Feb 4th, and changes need to be in good shape at this point https://docs.fedoraproject.org/en-US/program_management/changes_policy/#_change_process_milestones for Beta. Please let me know if you need to defer this to F43, otherwise if youre good to go for the change to be ready to meet the testable requirements, please update the status of the tracker bug to MODIFIED. Thanks! Aoife
Hi Aoife, Thanks for the reminder. To be honest, I hadn’t checked the timeline carefully and somehow thought the deadlines were a few weeks later. That said, the PR is ready, and I believe it will be reviewed and merged this week. By the end of the week, we should have a testable build ready. Upstream PR: https://github.com/rpm-software-management/dnf5/pull/1592.
This can be now tested by upgrading to the dnf5-5.2.10.0 and installing the libdnf5-plugin-expired-pgp-keys package on the system (https://bodhi.fedoraproject.org/updates/FEDORA-2025-d2d0e562dc). However, it is not yet automatically available for Fedora users. The only remaining step for full completion is deciding how it will be distributed—most likely through an update to the DNF5 spec file or a Kiwi compose for Fedora 42.