[aur-general] Maintenance issues with metasploit-git package

Jesse McClure jmcclure at cns.umass.edu
Thu Aug 21 13:41:21 EDT 2014


On Thu, Aug 21, 2014 at 07:27:30PM +0200, Johannes Löthberg wrote:
> On 21/08, Massimiliano Torromeo wrote:
> >On Thu, Aug 21, 2014 at 6:00 PM, ​ <483ken at gmail.com> wrote:
> >That package is really really bad but this point makes it borderline
> >malicious. A package that wants to touch my home directory should be
> >immediately removed IMO.
> 
> Not only that, he was told about several problems with the package in the
> comments but refused to accept that they were problems and told the person
> who commented on them to "NOT WASTE [HIS] TIME AGAIN".. To be honest it
> doesn't sound like he's fit to maintain AUR packages.

Agreed on all the above points.  But further, the responses to comments
seem borderline abusive.  When one maintains a PKGBUILD they can - to an
extent - do things however they wish.  But the following comment from
the maintainer just screams irony:

"PLEASE do not comment unless you have spent significant time thinking
about what you are going to say or going to ask. "

I don't know anything about this package - but the maintainer who
offered this advice can be clearly seen in the comments to not have
followed his own advice.  I don't know whether axper's comments may be
right or wrong, but they were continually offered in a tactful and
responsible manner.

One can do whatever they wish with their own PKGBUILDs, but implicit in
having them held on the AUR server is an agreement to interact with the
community of Arch Users in a responsible and appropriate manner.

This implicit requirement does not seem to be currently being met by the
maintainer.

-Jesse
AKA Trilby on archlinux.org


More information about the aur-general mailing list