On Fri 03 Dec 2010 16:54 -0500, David Campbell wrote: > Excerpts from keenerd's message of 2010-12-03 13:46:10 -0500: > > If no one can think of a better way to deal with the nonconforming > > packages, I'll write a bot to post insulting comments. Personally, I > > really like this solution. The AUR has always had a wild west > > frontier / insane asylum feel to it. The less regulation, the better > > it works. But a few well placed suggestions could help make the two > > thousand maintainers do a better job. > > Isn't this the sort of thing namcap was designed for? Maybe > namcap should be extended to do checks on .src packages, and a > report could be posted automatically using namcap when someone > posts a .src package to the AUR.
The problem is that namcap's implementation is not meant for untrusted PKGBUILDs. Sourcing those build files is a big security flaw, so we can't do that for the AUR.