On 10/14/18 7:14 PM, Eli Schwartz via aur-general wrote: > On 10/14/18 5:35 PM, Daniel Bermond via aur-general wrote: >> I usually don't use pgp on my aur packages because people tend to >> complain a lot about building issues. They fail to handle the keys and >> start complaining to the packager, and this is a big stress. When >> dealing with repository packages this is another story, of course. Since >> this was raised as a main issue, I'll be adding the pgp checks back again. > It's very simple to handle people who refuse to learn how the AUR works: > refuse to acknowledge anything they say, and simply respond with "learn > how to makepkg". > > Removing pgp checks in the general case is not okay, even if "it's just > an AUR package, so no one cares about security because it's all garbage, > right?"
Thanks for the suggestions. I'll use pgp whenever possible on aur packages then. >> I know that we should not use msg2 because it's makepkg internal. But it >> helps to diagnose user problems by helping to identify at which stage a >> build error is happening. For sure I can remove it if required to. ;) > I've yet to come across a single justified case of using msg2, anyone > who knows how to read an error message in the first place doesn't need > this help. > > There's no rule against it per se, but I regard it as... messy. > Especially in the example Doug indicated, it seems to be wildly > overcomplicating the build and package functions. Ok, I'll be removing msg2 from all my packages, or use printf/echo instead like mentioned by Doug in his message. -- Best regards, Daniel Bermond
signature.asc
Description: OpenPGP digital signature