On 21-04-19 18:52, Brett Cornwall via aur-general wrote:
Hello, George! Nice to meet you.
Nice to meet you too! :)
I took a look at some of your packages and have some feedback for you!
- I like that you added PGP signing since you're upstream as well.
- License is GPL3, not GPL, which means GPLv2 or any later version .
Just a nitpick.
Thanks for pointing that out, just updated the package.
I'm in the process of upstreaming this module into the community.general collections, so hopefully it makes the cut soon. I just need a lot more time. :)
- Your cleanup commit makes great improvements when you adopted it.
I really enjoyed cleaning that particular package up. Nice to see my adjustments are well received.
- Nice job adding PGP verification when adopting
- HTTPS source can be used instead of HTTP
Updated source protocol, as well as leaving a note in the PKGBUILD regarding the expired PGP signature. The last release was made prior to the signature expiring, so hopefully upstream has a new signature by the next release. It's a fairly stable package, so I don't expect a new release anytime soon.
The rest of the packages I viewed left me without comment, which is good. You've got a good grasp on best practices for packaging! I particularly like how you've heeded the tip on the PKGBUILD wiki page and extracted out an MIT license from a readme for a package without a dedicated file. :)
Trial and error. Mostly lots of error. I view packaging as a sort of puzzle to solve iteratively. It is enjoyable most of the time.
Overall, it looks very good! I've noticed that your commit messages are generally unhelpful, though: They often use a stock "upgpkg: blah" rather than actually telling what work was done.
That's actually a fair criticism, which I've used to improve the git log for the package updates that I've specifically mentioned above.
I also took a look at the packages you maintain and intend on bringing into [community]. Most of those Go packages download vendor libraries on buildtime. The Go package guidelines  make no mention of vendoring so I'd like to get some clarification from someone else on whether or not this is kosher.
About that ... ^W^W^W
I see Foxboron has answered that for me. \o/