On 21-04-19 18:52, Brett Cornwall via aur-general wrote:
Hello, George! Nice to meet you.
Nice to meet you too! :)
I took a look at some of your packages and have some feedback for you!
ansible-pacman_key
- I like that you added PGP signing since you're upstream as well. - License is GPL3, not GPL, which means GPLv2 or any later version [1]. Just a nitpick.
Thanks for pointing that out, just updated the package. I'm in the process of upstreaming this module into the community.general collections, so hopefully it makes the cut soon. I just need a lot more time. :)
leocad
- Your cleanup commit makes great improvements when you adopted it.
I really enjoyed cleaning that particular package up. Nice to see my adjustments are well received.
libiconv
- Nice job adding PGP verification when adopting - HTTPS source can be used instead of HTTP
Updated source protocol, as well as leaving a note in the PKGBUILD regarding the expired PGP signature. The last release was made prior to the signature expiring, so hopefully upstream has a new signature by the next release. It's a fairly stable package, so I don't expect a new release anytime soon.
The rest of the packages I viewed left me without comment, which is good. You've got a good grasp on best practices for packaging! I particularly like how you've heeded the tip on the PKGBUILD wiki page and extracted out an MIT license from a readme for a package without a dedicated file. :)
Trial and error. Mostly lots of error. I view packaging as a sort of puzzle to solve iteratively. It is enjoyable most of the time.
Overall, it looks very good! I've noticed that your commit messages are generally unhelpful, though: They often use a stock "upgpkg: blah" rather than actually telling what work was done.
That's actually a fair criticism, which I've used to improve the git log for the package updates that I've specifically mentioned above.
I also took a look at the packages you maintain and intend on bringing into [community]. Most of those Go packages download vendor libraries on buildtime. The Go package guidelines [2] make no mention of vendoring so I'd like to get some clarification from someone else on whether or not this is kosher.
About that ... ^W^W^W I see Foxboron has answered that for me. \o/