Build failure during the 2026-07-07 “build all packages for x86_64”
private-repo release pass (see
repo_release_logs/maintained_arduino-builder.log).
Source signature verification fails: arduino-builder-1.6.1.tar.xz ...
FAILED (unknown public key 95FA6F43E21188C4) – this key isn’t in the
build chroot’s/box’s GPG keyring. ERROR: One or more PGP signatures
could not be verified! / Could not download sources.
Same root cause as memory/arduino.md (same key ID) – see the note in
memory/TOOLING_NOTES.md about missing validpgpkeys imports.
Update 2026-07-07 later same day: imported the missing key
(gpg --recv-keys 95FA6F43E21188C4, confirmed fine to do on the host for
source-verification purposes specifically – see
memory/feedback_no_host_installs.md) and retried. Got past signature
verification, but hit a different, systemic-class failure: error:
target not found: arduino-ctags – another custom package from this same
tree (maintained/arduino-ctags, which itself built fine standalone
earlier in this same pass), unresolvable by the chroot for the same
intra-tree-dependency reason as memory/kdstatemachineeditor.md.
Resolved 2026-07-07, same day, later still: built via the new
scripts/archlinuxaba-x86_64-build chroot flavor (see
memory/TOOLING_NOTES.md’s update), which adds our own private repo to
the chroot’s pacman.conf – arduino-ctags resolved fine since it was
already published. Built, signed, and published successfully.