Difference between revisions of "Talk:AUR helpers"

From ArchWiki
Jump to navigation Jump to search
(I noticed a missing entry for Aura's shell completions.)
 
(92 intermediate revisions by 16 users not shown)
Line 1: Line 1:
== Expand Secure criteria to include other (non-PKGBUILD) bundled files ==
+
== Aura 2.0 ==
  
[https://github.com/Jguer/yay/issues/493], in particular [https://github.com/Jguer/yay/issues/493#issuecomment-402522467]
+
I recently released Aura 2. Its entry in the "Pacman wrappers" chart should now say "Yes" for "Git Clone", "Reliable Solver", and "Split Packages".
  
The new criteria would be as follows:
+
{{unsigned|16:07, 2 February 2020‎|Fosskers}}
* PKGBUILD, no other files -> Partial
 
* Other subset of files that includes the PKGBUILD -> Partial
 
* No PKGBUILD -> No
 
* All files in the git repo or tar archive -> Yes
 
  
Similar to the ''Diff view'' column. -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 16:32, 4 July 2018 (UTC)
+
:Can you give some commit/PR/whatever links so I can update those next to the entries. Thanks. -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 19:23, 2 February 2020 (UTC)
  
: good idea, you also mentioned this for aurman a few months ago, see: https://github.com/polygamma/aurman/issues/25#issuecomment-371971155 really a good idea to implement it in a way, so that changes of all known files are being shown [[User:Polygamma|Polygamma]] ([[User talk:Polygamma|talk]]) 17:07, 4 July 2018 (UTC)
+
Sure, here we go:
  
: "All files in the git repo or tar archive -> Yes" What exactly do you mean by all files? Build files often contain non text files such as images. Git diff is smart enough to hide these but then you could consider that partial because not all files are covered.
+
* Pulling packages via git: https://github.com/fosskers/aura/commit/ca9c38dfec71c8a0a48143dbf0850e2890501832
: In my opinion all a helper has to do to be secure it pause and allow the user to read the build files. The helper does not even need to offer to open them for you that's the user's responsibility. Anything more than that is nice to have but not strictly needed. [[User:Morganamilo|Morganamilo]] ([[User talk:Morganamilo|talk]]) 20:25, 4 July 2018 (UTC)
+
* Reliable Solving: https://github.com/fosskers/aura/pull/479
 +
* Split Packages: https://github.com/fosskers/aura/pull/479
  
:: If this qualifies as "nice to have", there has to be an explicit warning that a green entry in the "Secure" column does not cover other files, files which may cause more harm than the PKGBUILD itself (such as {{ic|.install}} files or exectuables called from the PKGBUILD). In either case it's misleading, since you either give the impression that viewing PKGBUILDs alone is sufficient (with the current criteria), or include a warning that diminguishes the value of the criteria in the first place.
+
{{unsigned|04:11, 9 February 2020‎|Fosskers}}
:: Latter is similar to "Native pacman", in that you have a warning at the article top warning against any sort of pacman wrapping, and criteria in the table that ignore this warning, or even reward behavior which goes against it. -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 17:07, 8 July 2018 (UTC)
 
  
::: That's a fair point, what about changing the name to "show files before sourcing" or something? Seems more accurate. Then it would make sense that not showing .install files to be partial. The only problem I see that it's not as hard hitting as "secure". [[User:Morganamilo|Morganamilo]] ([[User talk:Morganamilo|talk]]) 20:11, 8 July 2018 (UTC)
+
Ah and I should also mention that Aura has always had Fish support.
  
:::: It cuts both ways: it's an effective deterrent against broken helpers, but it also gives the impression that using a "Secure" helper makes usage of the AUR safe, which it definitely doesn't. I'm not sure on what different name to use, though. -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 17:25, 14 July 2018 (UTC)
+
[[User:Fosskers|Fosskers]] ([[User talk:Fosskers|talk]]) 00:06, 23 February 2020 (UTC)
 
 
::::: I guess "File view" could work. -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 17:44, 14 July 2018 (UTC)
 
 
 
:::::: The column name was updated to "File review". Are there remaining helpers that only display the PKGBUILD? ({{AUR|trizen}} springs to mind) -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 15:30, 23 August 2018 (UTC)
 
 
 
== <s>clean-chroot-manager under Maintenance section</s> ==
 
I would like to add bullet point for [https://aur.archlinux.org/packages/clean-chroot-manager/ clean-chroot-manager] under the Maintenance section. Clean chroot manager has made my life much easier for building and maintaining PKGBUILDs on the AUR. I learned about the tool on the forum but it has been available for awhile. --[[User:Dmp1ce|Dmp1ce]] ([[User talk:Dmp1ce|talk]]) 15:26, 30 January 2019 (UTC)
 
 
 
:I saw the discussion in [[Talk:DeveloperWiki:Building_in_a_clean_chroot]], but it doesn't really belong in [[AUR helpers]] either - clean-chroot-manager has no AUR-specific functionality. Furthermore, including it in [[#Maintenance]] (to verify AUR PKGBUILDs for correctness) would prioritize it over {{Pkg|devtools}}.
 
:Maybe you could do the following:
 
{{META Box||{{App|[[DeveloperWiki:Building in a clean chroot|devtools]]|Build packages in a clean environment ([[systemd-nspawn]] container) to verify PKGBUILDs for correctness. Wrapped by {{AUR|aurutils}} and {{AUR|clean-chroot-manager}}.|https://git.archlinux.org/devtools.git/|{{Pkg|devtools}}}}
 
}}
 
:-- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 15:52, 30 January 2019 (UTC)
 
:: Thanks. I felt like the tool should be mentioned somewhere because I haven't known about it for years or any other tools for maintaining a clean environment for PKGBUILD development. At this point, I'll probably just write a blog post about how I maintain PKGBUILDs. --[[User:Dmp1ce|Dmp1ce]] ([[User talk:Dmp1ce|talk]]) 16:15, 30 January 2019 (UTC)
 
 
 
:: "to verify PKGBUILDs for correctness" is not the right wording because the purpose of the clean chroot is not to find errors in the PKGBUIlD itself, but to ensure that the package is built correctly, linked to correct libraries etc. -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 17:45, 30 January 2019 (UTC)
 
 
 
::: I added that at the last moment, feel free to change it to a more appropriate wording. -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 18:11, 30 January 2019 (UTC)
 
 
 
:::In truth, it does both. :) Edit looks good anyway. -- [[User:Eschwartz|Eschwartz]] ([[User talk:Eschwartz|talk]]) 23:02, 30 January 2019 (UTC)
 
 
 
 
 
== <s>Aurman incorrectly flagged as having a reliable dependency solver</s> ==
 
 
 
Aurman [https://github.com/polygamma/aurman/issues/259 does not] have a reliable dependency solver, the same input can result in different outputs. The comparison table inaccurately states that it does, and should be amended. {{Unsigned|14:44, 1 February 2019‎|Dkmb}}
 
 
 
:Done [https://wiki.archlinux.org/index.php?title=AUR_helpers&diff=565451&oldid=565365], thanks -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 15:22, 1 February 2019 (UTC)
 

Latest revision as of 00:06, 23 February 2020

Aura 2.0

I recently released Aura 2. Its entry in the "Pacman wrappers" chart should now say "Yes" for "Git Clone", "Reliable Solver", and "Split Packages".

—This unsigned comment is by Fosskers (talk) 16:07, 2 February 2020‎. Please sign your posts with ~~~~!

Can you give some commit/PR/whatever links so I can update those next to the entries. Thanks. -- Alad (talk) 19:23, 2 February 2020 (UTC)

Sure, here we go:

—This unsigned comment is by Fosskers (talk) 04:11, 9 February 2020‎. Please sign your posts with ~~~~!

Ah and I should also mention that Aura has always had Fish support.

Fosskers (talk) 00:06, 23 February 2020 (UTC)