On Fri 03 Dec 2010 16:54 -0500, David Campbell wrote:
Excerpts from keenerd's message of 2010-12-03 13:46:10 -0500:
If no one can think of a better way to deal with the nonconforming packages, I'll write a bot to post insulting comments. Personally, I really like this solution. The AUR has always had a wild west frontier / insane asylum feel to it. The less regulation, the better it works. But a few well placed suggestions could help make the two thousand maintainers do a better job.
Isn't this the sort of thing namcap was designed for? Maybe namcap should be extended to do checks on .src packages, and a report could be posted automatically using namcap when someone posts a .src package to the AUR.
The problem is that namcap's implementation is not meant for untrusted PKGBUILDs. Sourcing those build files is a big security flaw, so we can't do that for the AUR.