[aur-requests] [PRQ#22119] Deletion Request for visual-studio-code-insiders
daurnimator [1] filed a deletion request for visual-studio-code- insiders [2]: Does not follow PKGBUILD guidelines - pkgver uses external resources (curls vendor website) - possibly confusion around sources and pkgver - missing -bin suffix for a binary package [1] https://aur.archlinux.org/account/daurnimator/ [2] https://aur.archlinux.org/pkgbase/visual-studio-code-insiders/
I wish this came in as a comment first and not a deletion request. To address the complaint:
pkgver uses external resources (curls vendor website)
The version of the insiders build changes dozens of times a day as it's automated upstream. I don't see anything in AUR guidelines against pkgver using external resources, but I'm open to suggestions here.
possibly confusion around sources and pkgver
No idea what this means.
missing -bin suffix for a binary package
Omitting the suffix is common and popular practice on AUR [1][2][3][4][5][6] when the source code is not available. Visual Studio Code is a closed source, proprietary product. So I'm not sure a rename is warranted here but I'd be happy to change it if a TU says so. [1] https://aur.archlinux.org/packages/dropbox/ [2] https://aur.archlinux.org/packages/spotify/ [3] https://aur.archlinux.org/packages/google-chrome/ [4] https://aur.archlinux.org/packages/teamviewer/ [5] https://aur.archlinux.org/packages/jdk/ [6] https://aur.archlinux.org/packages/google-earth-pro/ On Tue, 3 Nov 2020, at 12:29, notify@aur.archlinux.org wrote:
daurnimator [1] filed a deletion request for visual-studio-code- insiders [2]:
Does not follow PKGBUILD guidelines - pkgver uses external resources (curls vendor website) - possibly confusion around sources and pkgver - missing -bin suffix for a binary package
[1] https://aur.archlinux.org/account/daurnimator/ [2] https://aur.archlinux.org/pkgbase/visual-studio-code-insiders/
On 11/3/20 7:38 AM, Duru Can Celasun wrote:
I wish this came in as a comment first and not a deletion request.
To address the complaint:
pkgver uses external resources (curls vendor website)
The version of the insiders build changes dozens of times a day as it's automated upstream. I don't see anything in AUR guidelines against pkgver using external resources, but I'm open to suggestions here.
Hmm, looks like this is curling the upstream "latest" redirect to find out the version. Also, the version is *different* depending on the $CARCH ???
possibly confusion around sources and pkgver
No idea what this means.
Well, given that the $pkgver is used to download the source, then *later* modified to be the result of some curl, you'll be quite lucky if it ever downloads to the right name. Furthermore, if you download the source once, then rerun makepkg, you can trivially end up in a situation where: - you reuse an old cached source in the extraction stage and package() - the package version is newer than the actual contents This is quite wrong and I agree with daurnimator that I'm not really sure this should be a package if this sort of hack is needed... The purpose of pkgver() is exclusively to inspect the download and determine a version from there, e.g. using version control downloads to pull self-updating sources and inspecting the version control metadata to derive a version.
missing -bin suffix for a binary package
Omitting the suffix is common and popular practice on AUR [1][2][3][4][5][6] when the source code is not available. Visual Studio Code is a closed source, proprietary product.
So I'm not sure a rename is warranted here but I'd be happy to change it if a TU says so.
This I do agree with you on, since "project-name" is the preferred name of the package, and must build from source "if possible", while "project-name-bin" is the name for "alternative builds for something that usually builds from source". -- Eli Schwartz Bug Wrangler and Trusted User
Request #22119 has been accepted by Foxboron [1]. [1] https://aur.archlinux.org/account/Foxboron/
participants (3)
-
Duru Can Celasun
-
Eli Schwartz
-
notify@aur.archlinux.org