Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Missing PGP key
See original GitHub issueI just realized that there is no regular way to report a security issue in a safe way since there is no PGP key for security@nodejs.org. Using plain text to report a security issue is a no go. E-Mails are always unsafe in their nature when not used with PGP.
This is really a bad sign out of my perspective that a “secure” way is actually not secure at all… Please fix that ASAP and also update https://nodejs.org/en/security/.
Issue Analytics
- State:
- Created 6 years ago
- Reactions:3
- Comments:19 (19 by maintainers)
Top Results From Across the Web
Fix Missing GPG Key Apt Repository Errors (NO_PUBKEY)
You might see a missing public GPG key error ("NO_PUBKEY") on Debian, Ubuntu or Linux Mint when running apt update / apt-get update...
Read more >PGP is unable to open your keyring files at the specified ...
Cause · The keyrings are located in a folder that is temporarily unavailable. By default the PGP keyrings are located in the Documents\PGP...
Read more >How to fix missing GPG keys? - Ask Ubuntu
Enter Your Admin Password · Double Click On Advanced Option · Click Try To Import All Missing GPG Keys · Click Ok To...
Read more >Lost my PGP private key, what's next?
If you don't have the private key, and you don't have the revoke certificate, then there is nothing you can do about the...
Read more >Can't update my system due to a missing PGP key - Support
I tried updating my system, using sudo pcaman -Syyu, but it fails with the following: I tried looking around, but couldn't get any...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
To me it still feels wrong that we have no PGP key. Using a ticket system like OTRS with accounts would allow to transparently handle the decryption. If someone of the admin teams leaves, it would be possible to revoke and create the new key transparently as well.
Seems fixed to me, closing as there is no message since 2018-2019.