(In reply to Christian Boltz from comment #0) > My _guess_ is that the missing key had a similar result as disabling the > repo. Still, even "zypper dup -y" should error out if a repo is signed with > an unknown key, instead of silently disabling the repo and removing > seemingly "orphaned" packages. Right, skipping the repo is the default (legacy) behavior. The IMO best approach for unattended actions ATM is to do an explicit 'zypper ref' and to abort if it does not return 0. > zypper ref && zypper --no-refresh dup