On Sun, 5 Dec 2010 22:58:50 -0500 keenerd <keenerd@gmail.com> wrote:
On Sun, Dec 5, 2010 at 10:55 PM, Loui Chang <louipc.ist@gmail.com> wrote:
The problem is that namcap's implementation is not meant for untrusted PKGBUILDs. Sourcing those build files is a big security flaw, so we can't do that for the AUR.
Thankfully, what I'm doing here does not even look at the pkgbuild. It just looks at the directory structure, runs "file" on everything and compares this to a (tediously compiled) whitelist. Nothing fancy. Would make a lot of sense to have it built in.
-Kyle http://kmkeen.com
Hm dunno how your Bot works but is there a way to read the size from a png file for it and say everything larger than x*y pixels shall be removed? If not there's still the way to say everything > x KB shall be removed. The rules need to be modified to this anyway, however as Heiko already said, not every upstream tarball provides the icon necessary for a desktop file and there are plenty of apps which need one for DE users. Thorsten