On Fri, 2026-04-24 at 14:52 +0200, Łukasz Michalski wrote: > The main advantage of AUR helper is dependency management - if I want > to install package X, helper will install all dependencies from AUR > and from official repos. Doing it by hand with makepkg is cumbersome.
• rocketmouse@archlinux ~ $ makepkg --help | grep Install\ missing\ dependencies -s, --syncdeps Install missing dependencies with pacman Of course, only if these dependencies are provided by official repositories. I see a growing risk in the automated installation of dependencies and the dependencies of those dependencies, and the dependencies of those dependencies, and the dependencies of those dependencies... from the AUR. Of course, responsible users should be able to decide for themselves whether they want to take such a risk, but there is a compelling argument against including such a feature in the official repositories and certainly against making it available in an installer. This isn't about education, it's about security. -- The S in IoT stands for security.
