We’ve published an updated PGP keyring for GitHub CLI’s Linux package repositories. The keyring now includes both the current signing key and a new replacement key.

If you’ve already rerun the Linux installation steps since the new keyring was published, you’re covered and don’t need to take any action. This change also does not affect you if you’re on Windows/macOS, you built from source code, or you installed gh via Homebrew, Conda, or precompiled binaries.

For everyone else, the current key expires on September 5, 2026. If you install or update gh via apt, yum, or dnf, you should rerun the installation steps for your distribution before then to pick up the new keyring and avoid disruption. For detailed instructions and Docker guidance, see the full announcement on the cli/cli repository.