I’ve been getting this warning when using apt recently:

W: https://dl.yarnpkg.com/debian/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

Here’s what I’ve done to fix it. I’m not 100% sure that it is the “correct” way, as one of the commands refers to trusted.gpg.d, but it seems to work for now.:

Get a list of keys:

sudo apt-key list

Identify the key for yarn. Mine was:

/etc/apt/trusted.gpg
--------------------
pub   rsa4096 2016-10-05 [SC]
      72EC F46A 56B4 AD39 C907  BBB7 1646 B01B 86E5 0310
uid           [ unknown] Yarn Packaging <yarn@dan.cx>
sub   rsa4096 2016-10-05 [E]
sub   rsa4096 2019-01-02 [S] [expires: 2026-01-23]
sub   rsa4096 2019-01-11 [S] [expires: 2026-01-23]

Take the last eight characters from the long string for pub identifier (86E5 0310). Remove the space between to the two last quads. Use that to export the key into /usr/share/keyrings:

sudo apt-key export 86E50310 | sudo gpg --dearmour -o /usr/share/keyrings/yarn.gpg

At this point, I got another deprecation warning:

Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).

Edit the sources file which references the repository in question. In my case, it was /etc/apt/sources.list.d/yarn.list.

Add the reference to the key signature, such that:

deb https://dl.yarnpkg.com/debian/ stable main

becomes

deb [arch=amd64 signed-by=/usr/share/keyrings/yarn.gpg] https://dl.yarnpkg.com/debian/ stable main

Update, and see if the warning has gone away:

apt update

And, if it has, delete the key:

sudo apt-key del 86E50310