Comment 52 for bug 1960449

Regarding debian-archive-keyring, here are some options I can think of, in no particular order:

a) change the DEP8 test to deploy oldoldstable. That currently works with the key in bionic. oldstable and stable do not.

b) embed the new debian key in the dep8 test, and keep deploying stable. This will probably raise some eyebrows

c) SRU debian-archive-keyring. I think that is too intrusive, and could bring unknowns into the picture. For example, are old keys deprecated/revoked/expired in the new package? I did a quick test and oldoldstable can still be deployed with the new debian-archive-keyring package, but without knowing more how this keyring package is maintained and updated (the rules governing that), I would think this is riskier. That being said, it's a fact that debootstrap of debian stable currently doesn't work in bionic, and it's good we have a separate bug for it. The discussion can continue there.

d) accept that this DEP8 test as is won't pass, flag it as such, do a manual test run on the side to confirm that it passes once the new debian-archive-keyring package is installed, and call it good.