[How To] address and manage Software Sources

In order to retrieve software packages for your computer, the apt software needs a source that supplies it. This is a security feature as sources are signed and vetted. It also is organizational, as it keeps things well organized and prevents conflicts.
A source supplies the route to a Repository.

Users can supply sources at will. For example a user might wish to install Wine, so they use curl to retrieve a built script to assign a source or use add-apt-repository to add one.
However, this means that a user might assign a source that is not for their build. This can result in package breakage or conflicts. It is imperative that users retain control over this; so knowledge is the key to prevention.
This thread will address how to manage sources to prevent these types of issues.

First: Know your build.

Zorin OS is based on Ubuntu so the Zorin OS version matches the Ubuntu Build version. Ubuntu uses a Wacky Trait and Animal Name to name its build versions. Sources generally only specify the trait, not the animal. The list is as follows.
Zorin Version : Ubuntu Base : Build version
Zorin OS 12 : Ubuntu 16.04 : Xenial Xerus
Zorin OS 15 : Ubuntu 18.04 : Bionic Beaver
Zorin OS 16 : Ubuntu 20.04 : Focal Fossa
Zorin OS 17 : Ubuntu 22.04 : Jammy Jellyfish

  • A Xerus is a type of African ground squirrel.
  • A Fossa is an animal isolated in Madagascar that is related to the Mongoose

If you are on Zorin OS 16, then all sources should point to Focal.
If you are on Zorin OS 17, then all sources should point to Jammy.
Having a source point to the wrong build can result in a build mismatch error.

Knowing where to find and correct sources

You can launch Software & Updates app to view and manage your sources. Click on the Other software tab and there will be a list you can scroll through where you can click on a source and then click on the remove button on the bottom toolbar to remove that source if to resolve build mismatch errors or

  • Failed to Download repository Information
  • Release file for http://archive.ubuntu.com/ubuntu/dists/.../InRelease is not valid
  • The following signatures couldn't be verified because the public key is not available
  • Updating from such a repository can't be done securely, and is therefore disabled by default

Simply removing the repository is probably the solution to the issue.

These user added repositories are stored in Root directory. The path is:
This is distinct from the sources.list in that it includes the .d for Directory in the name. This is a sources Directory that holds your manually added sources for repositories.
What you add using Software & Updates or using the terminal automatically goes to this directory.
Your Zorin OS repository Sources are stored here, as well.
System supplied repository sources are kept directly in the
/etc/apt/sources.list file.
Right clicking this file and selecting "Open with Text Editor" will allow you to read all sources supplied system-side. This includes your base Zorin OS Repositories.
A comment is a means of telling a system to ignore certain lines. In your sources.list file, lines are commented out with the hashtag. So any line beginning with a # is invisible to your system and will not be read of followed. A user can comment out a line rather than removing it to have the same effect of the system not being affected by that line as removing it entirely would have.

Zorin OS Upgrader repository files

Some repository files may not fully get changed during the Upgrade process. While most things will still work, this can cause a headache later on.
If you have run the Zorin OS Upgrader Tool, you may want to (or may need to) check the /etc/apt/sources.list.d directory and ensure that all sources point toward your New Base Build instead of the old one.
For example, if you upgraded from Zorin OS 16 to Zorin OS 17, you will need to ensure that the file contents now relay Jammy instead of Focal. This can simply and neatly be done with the Text editor. You may need to elevate to Root Privileges to have Write Permissions:

sudo -i

Launch the file manager from that elevated terminal prompt.




Navigate to /etc/apt/sources.list.d and you can function with full read/write permissions.

For many third party repositories, it may be easier to just remove the troublesome repository sources and then re-add them for the correct build following their listed instructions. This can include Wine, Brave Browser, Chrome Browser and others.

Users may run into repositories that no longer support maintenance and the build supply stops. For example, the last supported build for a project maintainers repository is Focal and they have no release files for Jammy. In this case, you must remove the repository since it lacks a release file. If you still really want to use that package though, and it is available from Launchpad or pkgs.org as a *.deb self-installer package, you may still be able to install it if the installer gives no dependency errors.
If it does give dependency errors Let it go. There is most likely a modern maintained package out there that you have not found yet. Or, create a thread and ask about it on this forum. Many of us are reasonably adept at finding current working stable packages.