Deployment fails on Debian trixie since 2026-02-01 because the NodeSource GPG key uses SHA-1, which is now rejected by apt.
Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
Debian trixie provides Node.js 22.x in its official repositories.
Suggested fix: Replace the NodeSource repository with Debian's native nodejs package.
- name: Install Node.js
ansible.builtin.apt:
name: nodejs
state: present
update_cache: true
- name: Install NPM
ansible.builtin.apt:
name: npm
state: presentSee: nodesource/distributions#1908
Deployment fails on Debian trixie since 2026-02-01 because the NodeSource GPG key uses SHA-1, which is now rejected by apt.
Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
Debian trixie provides Node.js 22.x in its official repositories.
Suggested fix: Replace the NodeSource repository with Debian's native nodejs package.
See: nodesource/distributions#1908