Talk:Arch User Repository

From ArchWiki
Jump to: navigation, search

Warning about rebuilding your AUR packages

I thought at some point there was an explicit warning to the effect that rebuilding AUR packages against new official libraries was the individual's responsibility, not pacman's. I would like to see this reinstated at the top of the page as it is a constant source of confusion for new users. Jasonwryan (talk) 21:57, 24 November 2016 (UTC)

Another approach would be to add it to the top of the FAQ, and then split that out to a separate page, with a warning at the top of the AUR page sugesting that new users read the entirety of the FAQ 'before' installing anything from the AUR Jasonwryan (talk) 04:58, 27 November 2016 (UTC)

Is this a user's responsibility completely or the package maintainer's to increment pkgrel to indicate that the package should be rebuilt? This might fit to the explanation when (not) to use the "Out of date" button. -- Lahwaacz (talk) 08:21, 27 November 2016 (UTC)

Scope of the AUR4 section

SSH and Git commands

The section sees a lot of contributions, which is a nice thing, but there are some outstanding issues. For example:

-- Alad (talk) 13:59, 9 June 2015 (UTC)

Well, I somewhat disagree. Yes, in general it is good to make people learn stuff themselves. However, we currently force all package maintainers to move to a new AUR "format" within 4 weeks. Splitting git repositories is none of these basic things everybody learns in a git tutorial. Giving maintainers the right tools at hand is a good thing in this case.
Moving the migration to AUR 4 to a separate wiki page would be a good idea though (when the AUR homepage also links there).
--JonnyJD (talk) 14:08, 9 June 2015 (UTC)
Indeed, not all is as straightforward as some seem to think. Eg: I first created my key with keygen -t ed25519, and it did not work. Also, I tried to simply run `git clone ...` as written in the wiki, and git told me that this repository did not exist; with hindsight, it may have been caused by the unrecognized ed25519 key, but the git error message did not hint at this. Hence my attempt at editing this page (edit has been canceled by Alad)… Just to make things clear: I absolutely don't mind that what I wrote had been removed, really; I can be wrong and I know it. But at least it worked for me and what was written before did not. So just be sure that you provide a solution, or the needed precisions, so that the migration goes smoothly. —This unsigned comment is by TheYinYeti (talk) 10:11, 10 June 2015‎. Please sign your posts with ~~~~!
SSH keys does have a few tangents. If AUR4 indeed does not support ed25519 keys (we could use another confirm) then it should be mentioned. -- Alad (talk) 09:39, 14 June 2015 (UTC)
Then I'd suggest to either 1) move the commands to a gist 2) improve the comments of the linked scripts 3) or merge things to Git. Not sure a separate page is the best idea, as it would be a temporary measure; after AUR 4 has settled, the section should be a central part of the article. -- Alad (talk) 14:15, 9 June 2015 (UTC)
Okay, I removed both sections (SSH, migration) and added a bit more info in the other sections. I also added more comments in my scripts (linked in the wiki):, --JonnyJD (talk) 15:16, 9 June 2015 (UTC)
Much appreciated. About SSH, it seems not all of the information is present in the linked article though, e.g the "It is recommended to add the following lines to your ~/.ssh/config so you do not need to specify user and key each time you connect to the AUR SSH interface:" directive. There's SSH_keys#Managing_multiple_keys, but it doesn't mention "User foo". -- Alad (talk) 17:52, 9 June 2015 (UTC)
Isn't User foo practically useless in this case? We have aur@ in all repository url examples. And this seems to be standard. I have all my repository urls prefixed with git@ or similar. --JonnyJD (talk) 18:37, 9 June 2015 (UTC)
You are right of course. *Facepalm* Well, I think this can be closed then. Cheers -- Alad (talk) 19:44, 9 June 2015 (UTC)

AUR's history and future

Will part of Arch_User_Repository#AUR_4 be moved to Arch_User_Repository#History in a day or two? We should also remove / archive notes about the old AUR once it's read-only.

The article should also mention using git as an alternative to downloading the tarball. -- Karol (talk) 12:06, 7 August 2015 (UTC)

Part of this request has been fulfilled with [2]. — Kynikos (talk) 14:46, 9 August 2015 (UTC)

What is the correct AUR forum section?

Arch_User_Repository#Submitting_packages says it's [3], but we also have [4]. One of them should be added to Arch_User_Repository#I_have_a_PKGBUILD_I_would_like_to_submit.3B_can_someone_check_it_to_see_if_there_are_any_errors.3F. -- Karol (talk) 12:30, 7 August 2015 (UTC)

AUR link

The link to this page from the AUR homepage is outdated.

"Submitting packages" located above the SSH keys directs to an AUR4 link, which has since become just AUR. I'm not knowledgeable of the methods to correct this.

-- Ctag (talk) 00:05, 23 September 2015 (UTC)

You can submit a bug report for the AUR web interface project in the tracker. Or even provide a patch: sources are at [5]. -- Lahwaacz (talk) 11:22, 23 September 2015 (UTC)

Uploading AUR Packages, clear and consise, reverted edit:

New page for .SRCINFO, reshuffle and implementation of draft

Sorry again to take matters into my own hands without consultation, but these were the conclusions I came to:

1. The AUR page has been suffering congestion since months before the AUR3/4 transition; transitional cruft and disorder are not quite out of the pipeline.

2. The decision to degrade .SRCINFO to a sub-section of the AUR page, and not its own page equivalent to PKGBUILD's page, as they are of equal necessity, was a bad decision. It is undone, and the details of .SRCINFO creation have been transfered there for safekeeping (for real, needs its own page).

3. These changes represent only small changes in Wiki content in order to smooth the transition into AUR4 package management for long-time-no-update and new users, with as little redundancy as possible in respect to Hypertext Metaphor (every section is a brief, with a link to further details).

Still keeping the Draft for the git push method. Nice example of Comments. quequotion (talk) 17:38, 6 March 2016 (UTC)

This is not how drafts work. When the draft is finished and we like it enough, it might appear on the main page. -- Lahwaacz (talk) 20:58, 6 March 2016 (UTC)
I liked it enough. Looks great. quequotion (talk) 21:11, 6 March 2016 (UTC)


Comment: The push without clone method would fit right after "git push origin master" in Uploading packages, but if you can find a logical way to put it anywhere else I'm open to suggestions. quequotion (talk) 06:48, 7 March 2016 (UTC)
Upload packages built from existing files

If you've made a new package already, or intend to do so from a folder with files already inside, initialize the directory as a git repository (if it is not one already) and add AUR as a remote source.

$ git init
$ git remote add origin ssh://

Then update and upload as shown above.

Comment: The reason for keeping both methods is irrelevant, there is a trivial way to turn a directory full of files into a git repository using the clone method:
$ mv foo/ bar/
$ git clone URL foo
$ mv bar/* foo/
$ rmdir bar/

Lahwaacz (talk) 21:13, 6 March 2016 (UTC)

Comment: That's four extra steps instead of two. It's more complicated than that however, it uses three different tools to take four actions. The push sequence above adds only two common git commands to a common git command sequence. quequotion (talk) 05:49, 7 March 2016 (UTC)


Adding * to .gitignore is an ugly workaround for something (in case of dotfiles, programs not respecting standards and e.g. storing cache and config files together). There isn't much to be excluded here - the only unpredictable part is the source tarballs and VCS directories, which can be easily put away by configuring SRCDEST in makepkg.conf. We can still recommend to add the source files explicitly.

The recommendation will affect everybody using the given package, not only the user managing his personal config files, so I think an explicit blacklist is better than the * wildcard here.

-- Lahwaacz (talk) 08:58, 6 March 2016 (UTC)

I agree, as per my original recommendation. The simple thing to do is git add .; some packages do have an annoying variety of files. Better to explicitly exclude download directories other known cruft in .gitignore. quequotion (talk) 12:15, 6 March 2016 (UTC)
So the concern is you'd miss to whitelist some "annoying variety" of files, which you wouldn't with git add .? You might as well argue that you'd miss to blacklist a file you wouldn't want to upload to the AUR...
Either way, I'd agree configuring SRCDEST is the better (and universal) solution here. -- Alad (talk) 15:05, 6 March 2016 (UTC)
Good point, the whole reason for posting a guide indeed is to show users how to deal with AUR4 in the way Archlinux administration expects, this seems to be the more reliable solution[
Then I remembered what SRCDEST actually does and realized it wouldn't sufficiently resolve the issue (the source directory is not the only cruft to be avoided). quequotion (talk) 03:55, 13 March 2016 (UTC)
I have SRCDEST, PKGDEST, LOGDEST, and BUILDDEST set. Suffice to say there's no cruft in my .git dirs. It's not much a bother either, since the values are commented in makepkg.conf. -- Alad (talk) 12:35, 13 March 2016 (UTC)
What about the symlinks to the built packages and signatures? -- Lahwaacz (talk) 13:04, 13 March 2016 (UTC)
Assuming only makepkg crates symlinks in the clone directory (correct me if I'm wrong), you can do something like find -maxdepth 2 -type l -delete in the directory above, in my case a dedicated "AURDEST".
Perhaps too specific for the general case, but the special type helps anyway. -- Alad (talk) 13:43, 13 March 2016 (UTC)
That's cleanup, not prevention. Anyway, the point of .gitignore is not to move the "cruft" away, but to keep the repo directory clean in git terms, i.e. git should not report files created by makepkg as untracked. -- Lahwaacz (talk) 11:48, 14 March 2016 (UTC)
In that case, I refer to my comment below on just mentioning .gitignore, but not recommending a specific method. -- Alad (talk) 19:47, 14 March 2016 (UTC)
Recommending either way is problematic since this is more a question of git usage style rather than AUR usage. The maintainer should set up the .gitignore in an intuitive way depending on their git workflow and how the package is organized. If I had to recommend anything, it would be either: don't git add . (because it's lazy and can easily backfire), or always check git status before you commit to make sure you know what's staged (and we already recommend checking your commits before pushing). But again, those are more general git recommendations than anything AUR-specific. Silverhammermba (talk) 21:58, 9 March 2016 (UTC)
Using gitignore is useful not only for the comfort of the maintainer, but also of users building and installing the package. For example if pkg/, src/ etc. are not gitignored, tools such as repocheck will not work correctly. -- Lahwaacz (talk) 23:05, 9 March 2016 (UTC)
I still don't see how that is AUR-specific information. It is certainly good practice to have a gitignore for any git repo with files you don't want to track, but it is by no means necessary nor is it a practice specific to AUR repos. Adding git tricks to this article that are just general best practices is a slippery slope to creating a duplicate git tutorial like Quequotion did. I would much rather direct users to and emphasize the importance of learning git properly before contributing AUR packages. Silverhammermba (talk) 17:58, 10 March 2016 (UTC)
We know certain things could be .gitignored for every package, such as src/, pkg/, and *.pkg.tar.xz; but we cannot know what files a packager may be using otherwise. I think having packagers create an explicit blacklist is the smallest and easiest of the available options. quequotion (talk) 03:55, 13 March 2016 (UTC)
Stuff makepkg creates can be moved automatically, as indicated above. The rest is an edge case, and the best way to handle it is subject to debate. If anything, just mention .gitignore, but not a specific approach to using it. -- Alad (talk) 12:35, 13 March 2016 (UTC)

AUR4 git push request whitelisting

If AUR accepted only updates containting changes to at least .SRCINFO and PKGBUILD, the first time and every time (ie, refuse to open new repositories without them, thow some errors),it would avoid users having to plod through painful git reset procedures, and ensure that maintainers do not neglect to update the version information reported by AUR (which is currently possible: AUR accepts an initial push request without .SRCINFO and creates a broken repository; AUR also accepts pushes without any change to .SRCINFO, letting the version information reported go stale). Think I should make a task out of it? Wasting my time? quequotion (talk) 14:08, 7 March 2016 (UTC)

Just do it - worst case, we get some more background information. -- Alad (talk) 14:12, 7 March 2016 (UTC)
Done. As a "feature request", although I feel like preventing AUR from creating broken repositories when the first push doesn't contain .SRCINFO would be resolving a bug. quequotion (talk) 04:09, 13 March 2016 (UTC)
Since bringing this up, AUR has began to reject inital pushes without .SRCINFO. Although I have recent experience to the contrary, and there was a note to the contrary in the wiki until I removed it moments ago, Scimmia] claims there has been mechanism in place since the swtich to git quequotion (talk) 19:23, 13 March 2016 (UTC)

Removal of "AUR metadata"

Went ahead and took care of it. Relevant background information moved to .SRCINFO. quequotion (talk) 19:03, 13 March 2016 (UTC)

How do I find out if any of my installed packages disappeared from AUR?

It returns packages that are installed from AUR, not "does not exist in AUR". It should be renamed. -- Erkexzcx (talk) 08:09, 22 March 2016 (UTC)

It returns packages that are neither available by the repos accessible by pacman, nor available by the AUR. The packages not necessarily are/were from AUR, but at least the packages are not available by AUR and also not by the repos used by pacman.
On my machine cower wasn't compiled against current /lib/libalpm*, so I rebuild it.
$ grep cower\ \(14 /var/log/pacman.log
[2016-03-22 07:47] [ALPM] upgraded cower (14-2 -> 14-3)
Ensure that cower isn't broken. -- Ralf mardorf (talk) 08:47, 22 March 2016 (UTC)
please undo the last edit of the page, since if a user builds a lot of packages that aren't provided by any repository, using "cower" is ok, but "curl" is a PITA.
If you didn't build a lot of packages on your own, let a script build many dummy packages and than compare e.g.:
$ grep aura -A4 .bashrc 
alias aura='printf "\"auru\" is much faster than \"aura\".\nPackages that are unavailable by repos and the AUR:\n";\
            for pkg in $(pacman -Qqm); do curl -sILfo /dev/null -w '%{http_code}'\
            "$pkg"|grep '^2' >/dev/null || printf "$pkg "; done; echo'
alias auru='printf "Ensure that \"cower\" is not broken.\nPackages that are unavailable by repos and the AUR:\n";\
            for p in $(pacman -Qqm);do cower -s $p &>/dev/null||printf "$p ";done;echo'
Regards, -- Ralf mardorf (talk) 15:15, 22 March 2016 (UTC)
No. AUR helpers are not to be mentioned in the wiki outside of the AUR helpers article. Feel free to improve the existing script without using unsupported options. -- Alad (talk) 15:23, 22 March 2016 (UTC)
You're right,
FWIW I noticed that the "cower" script anyway fails:
$ aura
"auru" is much faster than "aura".
Packages that are unavailable by repos and the AUR:
anomos-git ardour2 baloo4-akonadi bombono-dvd-git customizepkg db5.1 [snip]
$ auru 
Ensure that "cower" is not broken.
Packages that are unavailable by repos and the AUR:
anomos-git ardour2 baloo4-akonadi bombono-dvd-git db5.1 [snip]
$ pacman -Q customizepkg
customizepkg 0.2.1-3
-- Ralf mardorf (talk) 15:47, 22 March 2016 (UTC)
I just changed the command. It seems less clunky to me, though I'm getting inconsistent speed measurement on my current connection. Does it work better for you? Silverhammermba (talk) 15:57, 22 March 2016 (UTC)
git ls-remote is neat, though it gives false negatives on split packages... -- Alad (talk) 16:01, 22 March 2016 (UTC)
$ grep aura -A2 .bashrc 
alias aura='printf "Packages that are unavailable by repos and the AUR:\n"; for pkg in $(pacman -Qqm); do\
            if [[ -z $(git ls-remote$pkg.git HEAD) ]]; then printf "$pkg "; fi; done; echo'
alias aura_legacy='printf "Packages that are unavailable by repos and the AUR:\n";\
            for pkg in $(pacman -Qqm); do curl -sILfo /dev/null -w '%{http_code}'\
            "$pkg"|grep '^2' >/dev/null || printf "$pkg "; done; echo'
The new script (aura) is faster, but the old script (aura_legacy) returns some packages that are not provided by AUR and that are not returned by the new script. I don't know, if the old script returns all missing packages, but at least it returns more missing packages, than the new script does. IOW please undo to the "curl" approach, the "git" way doesn't work correctly.
For example "curl" finds, but "git" doesn't find:
# pacman -Q customizepkg gnome-themes-extras 
customizepkg 0.2.1-3
gnome-themes-extras 2.22.0-3
# pacman -Si customizepkg gnome-themes-extras 
error: package 'customizepkg' was not found
error: package 'gnome-themes-extras' was not found
# yaourt -S customizepkg gnome-themes-extras 
error: target not found: gnome-themes-extras
error: target not found: customizepkg
I was running the scripts with the date command to check the speed and I repeated the commands as user and root several times, to ensure that both user/root work equal and to ensure that nothing in the AUR changed after running one script and before running the other script.-- Ralf mardorf (talk) 16:50, 22 March 2016 (UTC)


This section seems slightly ambiguous? The phrase "AUR maintainers are still referred to as TUs" doesn't make it clear (to me at least) that it means the running of the repo itself rather than maintainers of individual packages in the AUR which can be anyone, having no automatic 'trust' at all. The description provided in Official_repositories#Historical_background seems to have a good description of how the AUR relates to the supported Arch repos. This page is given to people very regularly, so it's quite important to make sure they get clear information. D garbage (talk) 18:29, 1 April 2016 (UTC)

What wording do you propose to avoid ambiguity? Anyway that whole section feels a bit confusing and incomplete to me, we're not very good/consistent at defining the relation between TUs, AUR, community etc.; besides Official_repositories#Historical_background, the information is scattered at least among Arch_User_Repository#What_is_a_Trusted_User_.2F_TU.3F, Arch_terminology#TU.2C_Trusted_User, Trusted Users and AUR Trusted User Guidelines. — Kynikos (talk) 03:33, 3 April 2016 (UTC)

Cloning a "new" package with the name of an old one might download an old package?

This sounds like a problem that could be fixed by changing how deletion requests in AUR are handled:

"When a package on the AUR is deleted, the git repository is not deleted so it is possible for a deleted package's repository to not be empty when cloned if someone is creating a package with the same name."

Why not push a commit that deletes all files when an AUR deletion request is fulfilled? quequotion (talk) 03:54, 17 November 2016 (UTC)

It's not a problem for anybody. Not that it's used regularly, but it provides an easy way to undelete the package. In any case, this should be discussed with the developers, e.g. on the mailing list. -- Lahwaacz (talk) 08:58, 17 November 2016 (UTC)
It would still be possible to undelete a package by checking the git log and pulling the last commit before deletion. The only question, really, is which process you'd rather complicate: (unwittingly) creating a new package with the same name as an old pakage, or undeleting a package that was previously deleted. quequotion (talk) 15:30, 17 November 2016 (UTC)
How often do people create a package with a name that has already been used in the past, but different content? Existing files in the repo might actually prevent them from reinventing the wheel.
As I said, bring this up to the developers on the mailing list if you want this to lead anywhere.
-- Lahwaacz (talk) 15:45, 17 November 2016 (UTC)

SSH command lines

the actual implementation of AUR allow to use ssh and internal options to do headless activity on the aur included but not limited to search, update, dissown, adopt etc.; but nothing of this is even mentioned beyond the "aur now use git over ssh" in the page, so someone could add the apropiate way to access this options correctly? I tried but later I drop the draft since I'm not sure at all on what say exactly also poor english. 03:05, 13 March 2017 (UTC) —This unsigned comment is by Jristz (talk) . Please sign your posts with ~~~~!

If you try to SSH into the AUR it will tell you to use ssh help to get a list of commands. -- Rdeckard (talk) 13:41, 13 March 2017 (UTC)
Yeah, but I mean mention that somewhere in the article like "for headless sistem you can use 'ssh help' for a list of command and utilities' or something... I'm not sure where add it. 06:49, 14 March 2017 (UTC)
Added, closed. — Kynikos (talk) 09:57, 14 March 2017 (UTC)