On Wed, Apr 12, 2023 at 06:01:10PM +0100, Polarian wrote:
Full ack. When I maintained ~ 400 packages, the only way ship them was to have a CI building them in a clean environment and autopush them on successfull builds.
But you haven't actually tested the package installs, does the software work?
Why do you think there are Arch Testers? To ensure that all the core packages are properly tested, no matter how important.
Core packages, sure. This is the AUR though. Additionally, if a package is broken and fails testing, it wouldn't be pushed by the CI/CD infra. In this particular case discussed here, there were no such checks, and I'm sure that issue will be re remedied shortly.
Just because Arch Linux is rolling release doesn't mean we should throw stability right out the window!
I don't think anyone is suggesting that. CI/CD testing expands and augments any other prior existing testing.
Before I had this, packages were broken all the time. Clean build should be necessary before pushing any package, not just ones built by a CI.
Clean builds are fine to automate, just as long as they are reviewed after the build, before pushing it.
Makepkg clearly shows warnings which could caause the package to not function as it should, you can't just assume something which is built works, and have a CI/CD task push it to the AUR.
In the AUR, you do not have this luxury, simply stop being lazy and test the damn package, or orphan it for someone else to take your place. Seems a bit extreme of a stance for a simple error in a package build which was
makepkg has a rich collection of error/exit codes which help specify this for testing. I, personally, see no reason why if the package is: - able to be built in a clean env - installs properly in another clean env - returns no error codes besides `0` from makepkg that it wouldn't be qualified for an automated push/update. After all, such inspection is likely what one would do manually, anyway. pushed, but you do you.
Or if you have a large following, employ your own testers for your packages :P
Good luck funding that :) If the package is large enough to fund multiple full-time testers, it probably won't be in the AUR, and would instead be in the main repos. At the end of the day, someone made a small mistake and it was published by an automated task. It was a small problem and I'm sure it will be fixed soon. I don't see any reason to instantly jump to extreme conclusions based on any of this. Regards, -- Tom Swartz