I like probably many others are constantly frustrated with downloading, or updating Sublime Text has probably encountered this specific error every time because the PGP signature changed and/or can’t be updated in the list of authorized PGP key signatures.

error: sublime-text: key "F57D4F59BD3DF454" is unknown
error: keyring is not writable
error: database 'sublime-text' is not valid (invalid or corrupted database (PGP signature))

Specifically if downloading from specific repositories on Linux the downloads are suppose to resolve to server URL like https://download.sublimetext.com/arch/stable/x86_64 or similar, but when you view the actual page where it’s suppose to get new signature PGP files and software to download from is presented with a File Not Found page. If you’ve upgraded to Sublime Text 4 you will constantly get this error but if you’re still using Sublime Text 2 up to version 3 or Dev build this seems to be no problem. On that page specifically there’s no links to point to version 4, if this is suppose to be the correct URL to resolve from in order to download the package file AND be able to verify against a PGP signature by looking to download from the server if it can.

From what it looks like, you’re pointing to a server to download, it tries to download those files, fails, thus failing the PGP signature check because it’s not able to access the files it wants. Whats worse is the fact that when it tries to check against a PGP Keyserver for PGP keys of Sublime Text, it can’t find them and outright fails, because they don’t exist on whatever keyserver it searched. Why doesn’t Sublime Text have it’s PGP keys published to other keyservers? You might find the PGP keys on http://pgp.mit.edu but you wont find them on https://keyserver.pgp.com or https://keyserver.ubuntu.com and that is a problem. I’ve never liked Sublime’s way of distributing it’s packages but never having it’s PGP’s available on other keyservers and always ALWAYS causes more issues than its worth sometimes, majorly inconvenient when you just want to update your system packages and software, except they’re put on hold until you resolve the PGP Key error for Sublime Text. Some workaround solutions are to just simply outright remove the repository URL for Sublime Text entirely, and NEVER update Sublime Text ever again.

image.png1254×634 12.6 KB

We provide instructions for installing our GPG key here: https://www.sublimetext.com/docs/linux_repositories.html. Note the key hasn’t changed in a long time and we use the same key for ST3 and ST4.

Specifically if downloading from specific repositories on Linux the downloads are suppose to resolve to server URL like https://download.sublimetext.com/arch/stable/x86_64 or similar, but when you view the actual page where it’s suppose to get new signature PGP files and software to download from is presented with a File Not Found page.

It looks like you’ve navigating to the arch repository URL. That is not a link that is supposed to be navigable, but the base URL for pacman to interact with our repository.

Even if it still uses the same GPG keys, this still doesn’t explain why it fails to get the PGP key check to verify against and why adding the PGP key fails to retrieve that information in the first place. The installation instructions presume the import of the key will “just work” but will always fail every time you refresh the repositories and run an update. You can successfully add the key, but that doesn’t mean it will be able to verify properly against a PGP Keyserver, which is whats the case here. Because the way it works it doesn’t scan through every single PGP keyserver, it only picks the first available one if it’s accessible. If you can’t access a repository from the clear net URL to specific resource for downloads, then the package manager is probably not going to see it either. Which is exactly what’s going on here. It wants to get a PGP key from the repository, can’t find find the key it was looking for, thus returns it failed to import key. So what does the end user end up doing? Manually add the key and should be good to go right? Wrong.

What exact command are you running when you get that error?