Re: [aur-general] TU application; freswa
On 5/17/20 5:06 AM, Frederik Schwan via aur-general wrote:
> Changes can be found here:
> https://github.com/freswa/aur/commit/c3778f6bda345f0165289f3a57d36047e6ba5934
>
> Thank you for doing the review :)
Time for the next round:
Package: datagrip datagrip-jre
'commercial' on line 9 is not a valid license[1], in case of a custom license
prefix with 'custom:'
Offending line:
license=('commercial')
Package: or-tools-java
Variable ${srcdir} on line 44 should be quoted as it may contain spaces
Offending line:
sed -i "s#${src#git+}#${srcdir}/${srcfolder}#"
${srcdir}/${pkgname%-java}-${pkgver}/makefiles/Makefile.third_party.unix.mk
---^
Package: pass-sshaskpass
'GPLv2' on line 8 is not a valid license[1], in case of a custom license prefix
with 'custom:'
Offending line:
license=('GPLv2')
Package: pass-sshaskpass-git
'GPLv2' on line 8 is not a valid license[1], in case of a custom license prefix
with 'custom:'
Offending line:
license=('GPLv2')
Package: tomighty
Variable ${srcdir} on line 32 should be quoted as it may contain spaces
Offending line:
convert ${srcdir}/tomato.ico ${srcdir}/tomato.png
Package: tpacpi-bat-git
Error: 'GPLv3' on line 9 is not a valid license[1], in case of a custom license
prefix with 'custom:'
Offending line:
license=('GPLv3')
Package: unifi-beta
Potentionally unintentional HTTP URL http://www.ubnt.com/ on line 10 should be
https
Offending line:
url='http://www.ubnt.com/'
Package: youtrack
'commercial:jetbrains' on line 8 is not a valid license[1], in case of a custom
license prefix with 'custom:'
Offending line:
license=('commercial:jetbrains')
>
> Cheers
> Frederik
>
:P
[1] (Currently) valid non-custom licenses are: AGPL3, Apache, Artistic2.0,
Boost, CCPL, CDDL, CPL, EPL, FDL1.2, FDL1.3, GPL2, GPL3, LGPL2.1, LGPL3, LPPL,
MPL, MPL2, PHP, PSF, PerlArtistic, RUBY, W3C, ZPL, AGPL, APACHE, FDL, GPL,
LGPL, Unlicense, BSD, ISC, MIT, OFL, Python, ZLIB
--
Rob (coderobe)
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
signature.asc
Description: OpenPGP digital signature
Re: [aur-general] TU application; freswa
On 16/05/2020 21.01, Levente Polyak via aur-general wrote:
> I'm happy to _already_ work with you as you are doing a great job on the
> bugtracker. I hope we won't loose your power wrangling that beast :D
Thank you.
I'll stick to bug wrangling :)
> I managed to cut some free time to review all your packages, so here
> comes the feedback,
Some comments below.
> $ xxarhtna --user freswa
>
> adobe-icc:
> - could use TLS in url and source, because why not :}
> - would be a good idea to reuse $pkgver in source=()
I explicitly decided against using the ${pkgver} in the source, as the
version never changes. Adobe CS4 has long been superseded and there is
and probably never will be an update for this.
I don't see the improvement in this case. Please enlighten me :P
> chisel:
> dovecot-xaps-daemon:
> dovecot-xaps-daemon-git:
> dovecot-xaps-plugin:
> dovecot-xaps-plugin-git:
> duperemove-git:
fixed
> exfat-dkms-git:
> - shouldn't this package be named exfat-nofuse-dkms-git ? its not
> just exfat-dkms, this is in fact exfat-nofuse
renamed to exfat-nofuse-dkms-git - merge request submitted
> exfat-utils-nofuse:
> flexbox-udev:
> gimp-plugin-separate+:
> gtkhotkey:
> heif:
> jtool-bin:
> latex-tuda-ci:
> libpurple-lurch:
fixed
> nameinator:
> - must not use 'go get' on a repo as thats not reproducible
Sadly upstream does not provide vendoring or go modules.
I filled a request to use go modules and will fix this when it lands in a
release.
> onivim2:
> onivim2-git:
> open-ecard-git:
> OpenBoardView:
> or-tools-java:
> parcimonie-sh-git
> pass-sshaskpass:
renamed to pass-sshaskpass-git - merge request submitted
> - pkgname is wrong as this is in fact a -git package, but the name
> makes it a static version one
>
> pdfposter:
> perl-ntlm:
> pinentry-rofi:
> python-requests-gpgauthlib:
> - repo seems to contain unit tests, would be worth running in a
> check() function
Tests fail atm. I filled an upstream bugreport and I will add the tests once
things are sorted out.
> talosctl:
> tbt:
> thunderbird-nightly:
> - this is not a source build and hence must be postfixed with -bin
renamed to thunderbird-nightly-bin - merge request submitted
>
> tomighty:> tpacpi-bat-git:
> wrench:
> xfce-polkit:
> xfce-polkit-git:
Fixed.
Changes can be found here:
https://github.com/freswa/aur/commit/c3778f6bda345f0165289f3a57d36047e6ba5934
Thank you for doing the review :)
Cheers
Frederik
signature.asc
Description: OpenPGP digital signature
Re: [aur-general] TU application; freswa
On 5/16/20 10:48 PM, Markus Schaaf wrote: > Am 16.05.20 um 21:01 schrieb Levente Polyak via aur-general: > >> - shouldn't this package be named exfat-nofuse-dkms-git ? its not > > Why would a fuse-filesystem use dkms? The whole purpose of fuse is to > run in user space. And renaming packages is an annoyance. > > Just my 2¢, as a user of this package. > > BR > What exactly do you mean? I'm talking about the exfat-dkms-git packages, which in fact already uses dkms. I'm pretty sure you confuse something here. And the name is in fact wrong, as its exfat-nofuse git package using dkms, hence its name should be exfat-nofuse-dkms-git. In general it doesn't matter much if renaming is annoyance, what matter is if the name is correct or wrong. cheers, Levente signature.asc Description: OpenPGP digital signature
Re: [aur-general] TU application; freswa
Am 16.05.20 um 21:01 schrieb Levente Polyak via aur-general: > - shouldn't this package be named exfat-nofuse-dkms-git ? its not Why would a fuse-filesystem use dkms? The whole purpose of fuse is to run in user space. And renaming packages is an annoyance. Just my 2¢, as a user of this package. BR
Re: [aur-general] TU application; freswa
On 5/6/20 11:19 PM, Frederik Schwan via aur-general wrote:
>
> I am looking forward to working with you!
> Frederik
>
Hi Frederik,
I'm happy to _already_ work with you as you are doing a great job on the
bugtracker. I hope we won't loose your power wrangling that beast :D
I managed to cut some free time to review all your packages, so here
comes the feedback,
cheers,
Levente
$ xxarhtna --user freswa
adobe-icc:
- could use TLS in url and source, because why not :}
- would be a good idea to reuse $pkgver in source=()
chisel:
- doesn't use a unique source as v$pkgver.tar.gz may exist
multiple times. could use githubs full filename endpoint:
$url/archive/v$pkgver/$pkgname-$pkgver.tar.gz
dovecot-xaps-daemon:
- should not have the conflicts, its always the special
variants that conflict on the regular variant, not the
other way around
- doesn't use a unique source as v$pkgver.tar.gz may exist
multiple times. could use githubs full filename endpoint:
$url/archive/v$pkgver/$pkgname-$pkgver.tar.gz
- could use the new set of go binary hardening flags so
sources are fortified, pie, etc: CGO_{L,C,CXX,CPP}FLAGS
- License is a non common one but the distribution of anything
indicating the license is missing.
dovecot-xaps-daemon-git:
- normally its a bit better to have a pkgver that actually
has any meaning in what kind of version the installed pkg
matches, like 0.7.r21.b098747 instead of 94.b098747
git describe --tags | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g'
- could use the new set of go binary hardening flags so
sources are fortified, pie, etc: CGO_{L,C,CXX,CPP}FLAGS
- License is a non common one but the distribution of anything
indicating the license is missing.
dovecot-xaps-plugin:
- build function doesn't build anything, the package functions
"make install" will do the real compilation.
- Should not makedepend on git as its not using git
- should not have the conflicts, its always the special
variants that conflict on the regular variant, not the
other way around
- doesn't use a unique source as v$pkgver.tar.gz may exist
multiple times. could use githubs full filename endpoint:
$url/archive/v$pkgver/$pkgname-$pkgver.tar.gz
- License is a non common one but the distribution of anything
indicating the license is missing.
- cmake has a convenient "-B build" to that doesn't require mkdir
dovecot-xaps-plugin-git:
- build function doesn't build anything, the package functions
"make install" will do the real compilation.
- missing provides and conflicts on the regular non -git variant
- normally its a bit better to have a pkgver that actually
has any meaning in what kind of version the installed pkg
matches, like 0.7.r21.b098747 instead of 94.b098747
git describe --tags | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g'
- License is a non common one but the distribution of anything
indicating the license is missing.
- cmake has a convenient "-B build" to that doesn't require mkdir
duperemove-git:
- should not pull over plaintext git:// but git+https to provide
endpoint verification and encryption during transit
- missing conflicts on duperemove
- normally its a bit better to have a pkgver that actually
has any meaning in what kind of version the installed pkg
matches, like 0.7.r21.b098747 instead of 94.b098747
git describe --tags | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g'
exfat-dkms-git:
- shouldn't this also provide something like exfat and exfat-dkms
- this shouldn't confict on other special git variant exfat-git
- shouldn't this package be named exfat-nofuse-dkms-git ? its not
just exfat-dkms, this is in fact exfat-nofuse
exfat-utils-nofuse:
- non quoted usage of ${srcdir} which may fail if it contains spaces
- autoreconf could be executed during prepare step
flexbox-udev:
- non quoted usage of ${srcdir} and ${pkgdir } which may fail if it
contains spaces
gimp-plugin-separate+:
- modifying or patching files should be done during prepare
gtkhotkey:
- modifying or patching files should be done during prepare
heif:
- doesn't use a unique source as v$pkgver.tar.gz may exist
multiple times. could use githubs full filename endpoint:
$url/archive/v$pkgver/$pkgname-$pkgver.tar.gz
jtool-bin:
- doesn't use a unique source and should prefix it with $pkgver
- package is outdated as v2 exists
latex-tuda-ci:
- doesn't use a unique source as v$pkgver.tar.gz may exist
multiple times. could use githubs full filename endpoint:
$url/archive/v$pkgver/$pkgname-$pkgver.tar.gz
libpurple-lurch:
- should not on every single build side load the whole submodules
repos, instead they should be declared in source=() and the
paths updated accordingly -- for an exaple look at the mono package
- static version must not provides=() its -git counterpart
nameinator:
- doesn't use a unique source as v$pkgver.tar.gz may exist
multiple times. could use githubs full filename endpoint:
$url/archive/v$pkgver/$pkgname-$pkgver.tar.gz
- could use the new set of go binary
