On 23/04/21 01:30PM, Levente Polyak wrote:
Hi there,
Hey anthraxx!
I've been talking to Christian off-list and nobody yet seemed to have posted packaging feedback so I somehow squeezed in a bit of time and gave him a couple of packaging feedback lately. Just for transparency find that list here as well:
Thank you again for taking the time, its really appreciated! If I only knew what I unleashed on myself with that tiny little question ;) Most of your feedback I have already implemented in the PKGBUILDs, just some was not released to the AUR yet as I will wait for the next upstream release to include the changes.
pawxel - you need to declare all submodule sources in the sources array, or they always get cloned freshly. take a look how "mono" does it, also note the submodule update command etc
Thank you for that remark, somehow I missed this information when reading the article about VCS packages ... I guess I have to read until the end the next time :D https://wiki.archlinux.org/title/VCS_package_guidelines#Git_submodules
prometheus-mosquitto-exporter - you may also want to specify something like -X main.Version=${pkgver} so the binary reports the correct thing - prometheus-mosquitto-exporter.service a good start for hardening, but maybe you can borrow some more options depending on what it needs to access. things that come to my mind to look up what kind of hardening is available in the service is umurmur, caddy, tor, postgresql
Yes, I already thought about ways I could harden the systemd service but tbh that's an area which is very new to me ... To start out reasonable I just took the services of prometheus-node-exporter and modified them :p But I will definitely check that out since I find learning some systemd hardening interesting beyond the scope of packaging prometheus-mosquitto-exporter!
google-chrome-beta: google-chrome-dev - printing messages in the install file on every upgrade does not sound right
The google-chrome* packages could generally see some improvements, but I am rather conservative with regard to changes in them as their userbase is really large :D But the changes you suggested have already been implemented. General question: Is the Rule regarding custom variables and functions beginning with an underscore also applicable for .install files?
kopia: - we have tests, lets use them
Yes some of these currently seem to fail, that's why I put this change on hold while I investigate whats going wrong there. Maybe this is a bug I have to fix in packaging kopia or these are issues upstream has to figure out. https://github.com/christian-heusel/aur/pull/2
Good luck, Cheers, Levente
Thanks! Cheers, Chris