I would like to point out the following facts:

The package I do provide is built from source, based on the code hosted here: https://github.com/popcorn-official/popcorn-desktop
You can report found spyware there (can you prove me is there any? A clamscan?)
On my side, I do have no malware:
$ clamscan /mnt/build/archlinux/chroots/bauerbill/popcorntime/popcorntime-0.3.10-8-x86_64.pkg.tar.xz /mnt/build/archlinux/chroots/bauerbill/popcorntime/popcorntime-0.3.10-7-x86_64.pkg.tar.xz: OK
I could approve on redistributed binary builds, but this is not the case, as users build their package theirselves.
The sources you provide are by far more suspicious, as the website you point to redirect to a Git repository which has as homepage an no-existing one.
The claims provided in the link are quite general; there is no actual proof and the link provided by the 'spyware team', which is:
https://blog.popcorntime.sh/popcorn-time-safety-and-ransomware/
provides by far better description and information.

To finish up, deleting the package is something I wouldn't like to do; I would be glad to switch to another fork, if you can provide me a good one.

Giovanni SantiniComputer scientist and geek

giovannisantini93@yahoo.it

https://giovannisantini.tk

On lug 17 2018, at 8:18 am, notify@aur.archlinux.org wrote:

flacks [1] filed a deletion request for popcorntime [2]:

Package reportedly distributes viruses/spyware https://www.popcorn-
time.is/official-statement.html

[1] https://aur.archlinux.org/account/flacks/
[2] https://aur.archlinux.org/pkgbase/popcorntime/