Package: debootstrap Version: 1.0.140 Severity: normal
Dear Maintainer, systems newly created by debootstrap still use the old sources.list format, whereas apt warns when the newer deb822 format is not used. Here is a sequence of commands to reproduce the problem: # debootstrap sid foobar # systemd-nspawn -D foobar # apt update Hit:1 http://deb.debian.org/debian sid InRelease Get:2 http://deb.debian.org/debian sid/main Translation-en [7332 kB] Fetched 7332 kB in 2s (3694 kB/s) All packages are up to date. Notice: Missing Signed-By in the sources.list(5) entry for 'http://deb.debian.org/debian' Notice: Consider migrating all sources.list(5) entries to the deb822 .sources format Notice: The deb822 .sources format supports both embedded as well as external OpenPGP keys Notice: See apt-secure(7) for best practices in configuring repository signing. Thanks, -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.12.10-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages debootstrap depends on: ii distro-info 1.12 ii wget 1.24.5-2+b1 Versions of packages debootstrap recommends: ii arch-test 0.21-1.1 ii debian-archive-keyring 2023.4 ii gpgv 2.4.7-1+b1 ii mount 2.40.4-1 ii sqv 1.2.1-5 Versions of packages debootstrap suggests: ii binutils 2.43.50.20250108-1 pn squid-deb-proxy-client <none> ii ubuntu-archive-keyring 2023.11.28.1-0.2 ii ubuntu-keyring [ubuntu-archive-keyring] 2023.11.28.1-0.2 ii xz-utils 5.6.3-1+b1 ii zstd 1.5.6+dfsg-2 -- no debconf information -- Laurent.
