Ubuntu 23.10 Improving PPA Management For Enhanced Security & Reliability

One of the great longtime features of Ubuntu Linux has been Launchpad's Personal Package Archives (PPAs) for easily augmenting the official Ubuntu repositories with additional packages either to supply updated versions of select software or for software not yet found in the official Ubuntu archives. With Ubuntu 23.10 a change is being made in how PPAs are managed to enhance the security and reliability.

Up to this point Ubuntu PPAs were managed via a .list file within /etc/apt/sources.list.d while a GPG keyring was added within /etc/apt/trusted.gpg.d. Starting with Ubuntu 23.10, PPAs will be managed by deb822-formatted .sources files where the keys are directly embedded into the same file.

The intent of reworking how the Ubuntu PPAs are managed on user systems is intended to make it easier to also ensure a PPA's associated key is removed from the system if also removing the PPA from the system. This also allows limiting a PPA's key for use just by that Personal Package Archive and not adding the key to the global keyring nor does it then allow for other keys to be utilized for signing the given PPA.

More details on this PPA handling change for Ubuntu 23.10 via this announcement.