Type in your question below and we'll check to see what answers we can find...
If you couldn't find any answers in the previous step then we need to post your question in the community and wait for someone to respond. You'll be notified when that happens.
Simply add some detail to your question and refine the title if needed, choose the relevant category, then post.
Before we can post your question we need you to quickly make an account (or sign in if you already have one).
Don't worry - it's quick and painless! Just click below, and once you're logged in we'll bring you right back here and post your question. We'll remember what you've already typed in so you won't have to do it again.
My Question or Issue
Your Debian repository under repository.spotify.com is out-of-date for some time now (1.1.42). The only way to get an up-to-date version of Spotify is through snapcraft (1.1.46 and 1.1.52)
There are several reasons not to like snap and snapcraft but I don't want to go into too much detail since most of them are subjective.
But fact is: Your Debian repository provides a GPG signature for the 'Release' file which contains the checksums for the actual *.deb package.
By trusting your GPG signature it is possible to check the spotify package for authenticity (Release.gpg -> Release -> (checksum) -> *.deb)
There's no GPG signature on snapcraft (at least I can't find one). And since there is no way to check for authenticity we don't only have to trust you, but also snapcraft/Canonical. This brings a whole new set of concerns
What are your future plans for Spotify on Linux? Will the Debian repository see updates again?
As far as I can tell there are a few possible solutions to this
- Continue updating the Debian repository
- Provide an AppImage signed with your GPG key, ideally from *.spotify.com
- Provide the Linux Spotify as ZIP or tarball signed with your GPG key, ideally from *.spotify.com