Back to TILs

Using apt from unsigned repository

Table of contents

To avoid errors on command apt update related to unsigned repositories inside Dockerfile the option [trusted=yes] was added before repository URL on apt list file.

I am not convinced about the security is ok.

$ cat llvm.list 
deb [trusted=yes] http://apt.llvm.org/bullseye/ llvm-toolchain-bullseye main
deb-src [trusted=yes] http://apt.llvm.org/bullseye/ llvm-toolchain-bullseye main
# 14 
deb [trusted=yes] http://apt.llvm.org/bullseye/ llvm-toolchain-bullseye-14 main
deb-src [trusted=yes] http://apt.llvm.org/bullseye/ llvm-toolchain-bullseye-14 main
# 15 
deb [trusted=yes] http://apt.llvm.org/bullseye/ llvm-toolchain-bullseye-15 main
deb-src [trusted=yes] http://apt.llvm.org/bullseye/ llvm-toolchain-bullseye-15 main

deb [trusted=yes] http://www.deb-multimedia.org jessie main

Reference