Comment 39 for bug 1921539

> if we do want to support secure boot on bionic

Yes, this is non-negotiable. In fact, publication of the updated shim to bionic has been held up because of concerns over regressing fwupd-signed, which exists specifically *for* support under SecureBoot.

So, I'm going to mark this verification-failed since the sbat section is missing.

Please upload a fixed fwupd package with sbat support ASAP so that we can land the updated shim.