pgp signature not trusted
I upgraded PGP signatures:
$ curl -sS https://downloads.1password.com/linux/keys/1password.asc | gpg --import
gpg: key AC2D62742012EA22: 3 signatures not checked due to missing keys
gpg: key AC2D62742012EA22: "Code signing for 1Password <codesign@1password.com>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1But during checking 1password-cli source, I got:
gpg: Signature made śro, 28 maj 2025, 12:15:49 CEST
gpg: using RSA key 3FEF9748469ADBE15DA7CA80AC2D62742012EA22
gpg: Good signature from "Code signing for 1Password <codesign@1password.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3FEF 9748 469A DBE1 5DA7 CA80 AC2D 6274 2012 EA22Is something wrong with your PGP signature?
I'm worried about whether the 1Password code is secure.
