![](https://lemmy.world/pictrs/image/339e18f0-ff08-4489-b138-7eaaf752c7d7.jpeg)
![](https://lemmy.ml/pictrs/image/GiHIfxIEUs.jpg)
The archlinux-keyring package holds they gpg signatures used for signing the packages and if you go too long between upgrades it’s possible you won’t have a signature or an outdated one and a normal -syu will fail because of it. So I just upgrade keyring first and it gets ahead of that issue.
Probably boils down to the arch ethos of K.I.S.S. not making too many decisions for you.