Talk:Arch User Repository
- 1 What is the correct AUR forum section?
- 2 contribute to existing package
- 3 Integrate FAQ content
- 3.1 Proposal: FAQ
- 3.1.1 What is the AUR?
- 3.1.2 What kind of packages are permitted on the AUR?
- 3.1.3 How can I vote for packages in the AUR?
- 3.1.4 What is a Trusted User (TU)?
- 3.1.5 What is the difference between the Arch User Repository and the community repository?
- 3.1.6 Foo in the AUR is outdated; what should I do?
- 3.1.7 Foo in the AUR does not compile when I run makepkg; what should I do?
- 3.1.8 ERROR: One or more PGP signatures could not be verified!; what should I do?
- 3.1.9 How do I create a PKGBUILD?
- 3.1.10 I have a PKGBUILD I would like to submit; can someone check it to see if there are any errors?
- 3.1.11 How to get a PKGBUILD into the community repository?
- 3.1.12 How can I speed up repeated build processes?
- 3.1.13 What is the difference between foo and foo-git packages?
- 3.1.14 Why has foo disappeared from the AUR?
- 3.1.15 How do I find out if any of my installed packages disappeared from AUR?
- 3.1.16 How can I obtain a list of all AUR packages?
- 3.2 Proposal: Feedback
- 3.3 Proposal: Promoting packages to the community repository
- 3.4 Proposal: Verifying packages
- 3.5 Proposal: Submitting packages
- 3.1 Proposal: FAQ
- 4 Removal of SSH key tutorial
- 5 the wording around pkgbase is unclear
What is the correct AUR forum section?
Arch_User_Repository#Submitting_packages says it's , but we also have . One of them should be added to Arch_User_Repository#I_have_a_PKGBUILD_I_would_like_to_submit.3B_can_someone_check_it_to_see_if_there_are_any_errors.3F. -- Karol (talk) 12:30, 7 August 2015 (UTC)
- Both have a place in #Proposal: Verifying packages, which also distinguishes that one is maintainer-oriented (Creating & Modifying Packages) and the other end-user oriented (AUR Issues, Discussion & PKGBUILD Requests). quequotion (talk) 12:19, 22 February 2019 (UTC)
contribute to existing package
- Users are not allowed to modify something owned by another user. It's no different from cloning a Github repository and trying to push to that. The equivalent of submitting an issue would be leaving a comment with a patch file. The AUR platform in particular allows collaboration features -- you may request that a maintainer grant you push access by adding your name as a co-maintainer. If the package is broken or out of date, see Arch User Repository#Foo in the AUR is outdated; what should I do?
- This is possibly something that we should make clear in a FAQ entry. -- Eschwartz (talk) 19:49, 28 January 2019 (UTC)
- I was thinking about this while writing a proposal regarding "Other requests". It is possible to request a package be disowned with "Orphan"; why not add "Co-maintain" to send a request to ask for permission to assist with a package's maintenance? Of course, it would not be unnecessary to send that request to the mailing list, and there's always the AUR comments or the forums for users to contact a maintainer otherwise; but having the feature built in to the AUR would allow us to add a fourth subsection here to recommend ground rules and possibly expedite the process of adding co-maintainers when packagers are interested in doing so. quequotion (talk) 14:45, 6 February 2019 (UTC)
Integrate FAQ content
This will be a massive undertaking, possibly spanning multiple articles, but I think it will be helpful to preempt a lot of these questions by having a more concise, informative page. The very first response I got about this on IRC was a misinterpretation, so let me be explicit: it is not implied that the FAQ will be removed by these changes, that is the primary reason I am proposing them. The FAQ is a disorganized mess of information that should be in other sections of the article, is redundant with existing sections of the article, or belongs on entirely different pages. Are these actual questions people often ask, or is this a convenient way to append random bits of advice to the end of an incomplete article?
- There is no confusion here: I'm well aware you want to remove the FAQ, that is the entire reason I disagree with it in the first place.
- "FAQ: a list of questions and answers relating to a particular subject, especially one giving basic information for users of a website."
- This is most explicitly a case where it is morally, philosophically, and for the sake of usability, superior to describe in FAQ format, hiding this information by integrating it into "relevant sections" is explicitly doing a disservice to the community and to all users.
- I'm uninterested in discussing any specificity of your attempted work below, because I'm unconvinced it is a good idea to even try. -- Eschwartz (talk) 01:55, 10 February 2019 (UTC)
- Why: For the future of the page. Which way should future writers go? Append a new FAQ for their tidbit of advice, or add it to a relevant section of the page? There are already sixteen FAQ; there's half as much content in the FAQ section as the previous sections combined (I counted a little over thirteen mousewheel scrolls to reach the FAQ, and about seven to get through it).
- How about a counter proposal: if the FAQ really is essential, we move the content to relevant sections on relevant pages, then reduce the FAQ to a series of one-liners that link to the appropriate content. Assuming people actually ask these questions, that will both satisfy their search for answers and keep the page maintainable. quequotion (talk) 02:38, 10 February 2019 (UTC)
By the way, if you'd like to see the big picture, here is a whole-page draft. I am keeping it up-to-date with edits here, the only difference being that #What is the AUR? is removed from the draft page. quequotion (talk) 12:53, 22 February 2019 (UTC)
What is the AUR?
The AUR (Arch User Repository) is a place where the Arch Linux community can upload PKGBUILDs of applications, libraries, etc., and share them with the entire community. Fellow users can then vote for their favorites to be moved into the community repository to be shared with Arch Linux users in binary form.
What kind of packages are permitted on the AUR?
For most cases, everything is permitted, subject to the #Rules of submission.
How can I vote for packages in the AUR?
See #Voting for packages.
What is a Trusted User (TU)?
What is the difference between the Arch User Repository and the community repository?
AUR packages are maintained by community members and provided in source format, while the packages in the community repository are maintained by the Trusted Users and provided in pre-compiled binary format. See #Promoting packages to the community repository for more information.
Foo in the AUR is outdated; what should I do?
sourcearray is sufficient.
Foo in the AUR does not compile when I run makepkg; what should I do?
You are probably missing something trivial; see #Verifying packages.
ERROR: One or more PGP signatures could not be verified!; what should I do?
How do I create a PKGBUILD?
Be sure to check the AUR to avoid duplicating efforts, then see creating packages.
I have a PKGBUILD I would like to submit; can someone check it to see if there are any errors?
There are several channels available to submit your package for review; see #Verifying packages.
How to get a PKGBUILD into the community repository?
How can I speed up repeated build processes?
What is the difference between foo and foo-git packages?
Many AUR packages come in "stable release" and "unstable development" versions. Development packages usually have a suffix denoting their Version Control System and are not intended for regular use, but may offer new features or bugfixes.
Why has foo disappeared from the AUR?
It is possible the package has been adopted by a TU and is now in the community repository.
How do I find out if any of my installed packages disappeared from AUR?
The simplest way is to check the HTTP status of the package's AUR page:
$ comm -23 <(pacman -Qqm | sort) <(curl https://aur.archlinux.org/packages.gz | gzip -cd | sort)
How can I obtain a list of all AUR packages?
The AUR provides various means for users to communicate with package maintainers, provided they have setup an account on the AUR Web Interface.
Commenting on packages
Comments allow users to provide suggestions or respond to updates and maintainers to respond to users or make announcements.
Make a comment in the "Add Comment" section of a package's AUR page:
Voting for packages
One of the easiest activities for all Arch users is to browse the AUR and vote for their favourite packages. All packages are eligible for adoption by a TU for inclusion in the community repository, and the vote count is one of the considerations in that process; it is in everyone's interest to vote!
While logged in, on the AUR page for a package you may click "Vote for this package" under "Package Actions" on the right. It is also possible to vote from the commandline withAUR, AUR or AUR.
Alternatively, if you have set up ssh authentication, you can directly vote from the command line using your ssh key and avoid having to save or type in your AUR password.
ssh firstname.lastname@example.org vote <PACKAGE_NAME>
Flagging packages out-of-date
While logged in, on the AUR page for a package you may click "Flag package as out-of-date" under "Package Actions" on the right. You should also leave a comment indicating details as to why the package is outdated, preferably including links to a release announcement or a new release tarball. Also try to reach out to the maintainer directly by email. If there is no response after two weeks, you may file an orphan request.
pkgverchanges, do not flag them as the maintainer will merely unflag the package and ignore you.
Proposal: Promoting packages to the community repository
When AUR packages receive enough community interest and the support of a Trusted User, they may be adopted into the community repository (maintained by the TUs), from which binary packages can be installed using pacman.
Usually, at least 10 votes are required for something to move into community. However, if a TU wants to support a package, it will often be found in the repository.
Sufficient votes are not the only requirement; there has to be a TU willing to maintain the package. TUs are not required to adopt a package even if it has thousands of votes.
Usually, when a very popular package stays in the AUR it is because:
- Arch Linux already has another version of a package in the repositories.
- Its license prohibits redistribution.
- It helps retrieve user-submitted PKGBUILDs (AUR helpers are unsupported by definition).
Proposal: Verifying packages
If you are a maintainer and would like to have your PKGBUILD reviewed, post it on the aur-general mailing list to get feedback from the TUs and fellow AUR members, or the Creating & Modifying Packages forum. You could also get help from the IRC channel, #archlinux-aur on Freenode. You can also use namcap to check your PKGBUILD and the resulting package for errors.
To check if a PKGBUILD is broken, or your system is misconfigured, try building it in a clean chroot. This will build the package in a clean Arch Linux environment, with only build dependencies installed and without user customization. To do this install and run
extra-x86_64-build instead of
makepkg. For multilib packages, run
multilib-build. If the build process still fails in a clean chroot, the issue is probably with the PKGBUILD.
If you are still having trouble building a package, read its PKGBUILD and the comments on its AUR page. It is possible that a PKGBUILD is broken for everyone. If you cannot figure it out on your own, report it to the maintainer e.g. by posting the errors you are getting in the comments on the AUR page. You may also seek help in the AUR Issues, Discussion & PKGBUILD Requests forum.
- Ensure your system is up-to-date by upgrading before compiling anything with
- Ensure you have both and groups installed.
- Try using the
makepkgto check and install all the dependencies needed before starting the build process.
- Try the default makepkg configuration (custom CFLAGS, LDFLAGS and MAKEFLAGS can cause failures).
- See Makepkg#Troubleshooting for common issues.
Proposal: Submitting packages
If you are unsure in any way about a package or the build/submission process even after reading this section twice, submit the PKGBUILD for review.
Rules of submission
When submitting a package to the AUR, observe the following rules:
- Submitted PKGBUILDs must be in compliance with the licensing terms of the content to be packaged. In cases where it is mentioned that "you may not link" to downloads, i.e. contents that are not redistributable, you may only use the file name itself as the source. This means and requires that users already have the restricted source in the build directory prior to building the package. When in doubt, ask.
- Submitted PKGBUILDs must not duplicate applications in any of the official repositories. Check the official package database; if the package exists, do not submit a duplicate. If the official package is out-of-date, flag it as such. If the official package is broken, or lacking a standard feature, please file a bug report.
- The only exception to this is for packages with extra features enabled and/or patches in comparison to the official ones, in which case the
pkgbaseshould be different to express that.
Removal of SSH key tutorial
What is this about? Are you sure those AUR-specific tutorials should be removed? Don't get me wrong, I'm all for minimizing any section of the page that safely can be, but it seems like this edit leaves out some important information (like specifying a corresponding private key configured for the
aur.archlinux.org host). quequotion (talk) 12:44, 22 February 2019 (UTC)
- My edit was motivated by strong disagreement with the statement "You should create a new key pair rather than use an existing one, so that you can selectively revoke the keys should something happen". Imho it is misleading to imply any security benefit resulting from creating per-target-host SSH client key pairs. If anything, this bad habit complicates revoking compromised keys. Adding a Host-section to the SSH client configuration file is unneccessary if you only have a single SSH client key pair, as it will be selected automatically. Pyropeter (talk) 02:11, 23 February 2019 (UTC)
the wording around pkgbase is unclear
In Creating_package_repositories, some people might end running the exact command below even if they do not copy-paste commands blindly:
git clone ssh://email@example.com/pkgbase.git
This part is unclear: "establish a local Git repository and an AUR remote by cloning the intended pkgbase.": some readers might think that here pkgbase is not a PKGBUILD variable but instead describe the name of a repository that has a template for creating packages.
Several people already pushed their packages in this pkgbase repository.
So it would be best to make sure that the people reading this understand that the pkgbase refers to the PKGBUILD variable and not to a PKGBUILD template. As the pkgbase variable is often not defined explicitely in PKGBUILDS, readers don't necessarily have that variable in mind at the time of reading that section.
Maybe the following would be more clear:
If you are creating a new package from scratch, establish a local Git repository and an AUR remote by cloning the package's repository which is located at
PKGBASE by your package's pkgbase.