[aur-dev] AUR 4 and licensing

Lukas Fleischer lfleischer at archlinux.org
Mon Apr 13 12:50:38 UTC 2015

On Mon, 13 Apr 2015 at 14:26:08, David Manouchehri wrote:
> > Showing it during a push would be flawed because then it's too late for
> them not to agree to it.
> A Git pre-commit hook on the server side should be fine. On the web side of
> the AUR, a list of accepted ToS users should be kept, and then on every
> push check to see if they've been added. Reminding users about the GPL on a
> push probably isn't a bad idea either.
> I can't remember how to get the current commiter's email address, but the
> hook would probably look something like this.
> ```
> if [ ! -f /tmp/userlist_accepted/$git_email ]; then
>   printf "Please visit https://aur.archlinux.org/ and accept the terms of
> service first.\n"
>   exit 1
> done
> printf "All content posted to the AUR must be licensed under GPLv3.\n"
> ```
> If maintaining another list of private email addresses is too much of a
> pain, just hash them and the list could be public without any privacy
> concerns (assuming it isn't md5sum or something equally weak).

In order to `git push` a package repository, you need to add your SSH
public key to the AUR profile which means you need to log into the web
interface and accept the ToS. No need for something complicated
involving Git hooks and email address filters.

More information about the aur-dev mailing list