On 07/22/2018 03:35 PM, Santiago Torres-Arias via aur-general wrote:
Formalities first, Christian Rebischke (Shibumi) is sponsoring my application, although I'd like to thank so many people for their feedback, help, guidance and counsel in all-things-Arch*.
Apologies for being somewhat late with the ztrawchse review.
argon2-git: - CC-0 is, apparently, not common enough to be in the licenses package. As such, the license should be marked as 'custom:CC-0' and installed to /usr/share/licenses/$pkgname/ see how core/argon2 does this
git-latexdiff: - unquoted srcdir/pkgdir - license is not, in fact, GPL - the source file has a unique name, but then you told makepkg to rename it to something non-unique. I.. must admit this is new to me...
in-toto: - sources seem to come with a testsuite, this should be run in a check() function
python-securesystemslib: - the check() function does not accept depends, this is broken - multiple depends are deleted and overridden in the package() function - empty optdepends array can be deleted - tox doesn't really test what needs testing, code should be tested using the native testsuite hooked up to the packaged system dependencies - license is the literal file (rather than a file within the directory of this name): /usr/share/licenses/python-securesystemslib
reprotest: - multiple depends are deleted and overridden in the package() function - optdepends could use description of what additional functionality they provide when installed