Helo,
All of my packages are maintained by CI and are auto-updating. I don't have the time (or to phrase it better: I'm not willing to invest the time) to do tasks, I can easily automate, manually. On the other hand all of my package-update-automations are patching the build and then executing it in a clean environment. If the package does not build the automation will break and notify me to have a look at what's broken.
Using CI/CD to automate a task isn't the problem, its where the task is manually pushing the package to the AUR without any testing.
In the end: What's the difference between a maintainer just modifying version and checksums and then pushing the broken package to AUR and an automation doing the same? Also: What's the difference between a maintainer patching version and checksums, executing a clean build and then pushing it and an automation doing the same? - Nothing.
Because automation can't spot errors, human beings can!
So yeah, in my opinion maintainers (or automations) should at least do a clean build on update before pushing it. Putting up a policy against automations will just lead to maintainers still doing it in secret or to maintainers dropping a bunch of packages to orphan.
Fine by me, I strongly believe if you adopt a package you should put all the effort you can into it, when one maintainer falls another takes their place. I test every build before I push it to upstream, apart from certain tools which I do not use or do not know how to use because I adopted it because it needed a maintainer. TL;DR automation on a different remote, sure, but automatically pushing to the AUR should be strictly prohibited! -- Polarian GPG signature: 0770E5312238C760 Website: https://polarian.dev JID/XMPP: polarian@polarian.dev