gpg: BAD signature from "TeX Live Distribution [email protected]"

[Sakura-gh]

主要报错信息如下：
http://mirrors.sjtug.sjtu.edu.cn/ctan/systems/texlive/tlnet/tlpkg/texlive.tlpdb.sha512.asc
failed. Output was:
gpg: Signature made Thu May 14 22:34:16 2020 CST using RSA key ID 19438C70
gpg: BAD signature from "TeX Live Distribution [email protected]"

Please try from a different mirror and/or wait a few minutes
and try again; usually this is because of transient updates.
If problems persist, feel free to report to [email protected].

rm: 无法删除'install-tl.log': 没有那个文件或目录
sh: 45: ./bin//tlmgr: not found
sh: 55: ./bin//tlmgr: not found
mv: 无法获取'texlive/*' 的文件状态(stat): 没有那个文件或目录

[abichat]

I had the same issue using uses: r-lib/actions/setup-tinytex@master in my GitHub Actions YAML

/Users/runner/Library/TinyTeX/bin/x86_64-darwin/tlmgr: signature verification error of /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/SVk7uwHVTz/x3VKdQxKvE from http://mirrors.concertpass.com/tex-archive/systems/texlive/tlnet/tlpkg/texlive.tlpdb: cryptographic signature verification of
  /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/SVk7uwHVTz/5XtE2X4fZJ
against
  http://mirrors.concertpass.com/tex-archive/systems/texlive/tlnet/tlpkg/texlive.tlpdb.sha512.asc
failed. Output was:
gpg: Signature made Thu May 14 14:34:16 2020 UTC
gpg:                using RSA key 4CE1877E19438C70
gpg: BAD signature from "TeX Live Distribution <[email protected]>" [ultimate]

Please try from a different mirror and/or wait a few minutes
and try again; usually this is because of transient updates.
If problems persist, feel free to report to [email protected].

[yihui]

There have been a couple of things that were terribly broken in TeX Live. You may see the many reports at https://tug.org/pipermail/tex-live/2020-May/thread.html Unfortunately there isn't much we could do other than waiting for TeX Live maintainers to fix these issues.

[Enchufa2]

This is frustrating. Is there any workaround? Any internal function that can tell us whether the installation is fine to set --ignore-vignettes if not?

[yihui]

@Enchufa2 What does --ignore-vignettes mean?

If you are on Windows, please see #210 (comment).

[Enchufa2]

Sorry, I wasn't specific enough. I'm in the same situation as @abichat: I'm using the r-lib/actions/setup-tinytex action for a package that has a PDF vignette. The builds fail randomly due to issues with the signature check: sometimes when pdflatex is being installed, sometimes when some style files are being installed... I was trying to detect somehow whether the installation was fine, and then let the runner build the vignette and execute the full package checks. If not, passing --ignore-vignettes to R CMD check avoids building the vignettes, and thus avoids the build failure.

[yihui]

It seems this issue has been resolved in TeX Live: https://tug.org/pipermail/tex-live/2020-May/045702.html I tested it on both Travis and AppVeyor, and no longer saw the gpg signature error.