[aur-general] [REVIEW REQUEST] python-viivakoodi

Quentin Bourgeois quentin at bourgeois.eu
Sun Nov 27 23:10:33 UTC 2016


On 16-11-27 11:10:51, Eli Schwartz via aur-general wrote:
> On 11/27/2016 10:30 AM, Quentin Bourgeois wrote:
> > You are right I have remove this, my first goals was to sign my
> > PKGBUILD file I don't think its possible ?
> 
> No, although the AUR is HTTPS.
> 
> If people clone the package instead of downloading the snapshot (several
> AUR helpers can be configured to do that), and if they obtain your
> public key, they can use git to verify signed commits. Assuming they
> know you sign your commits.
> But no AUR helper tries to check that... and how would you know which
> key to trust?
> 
> > Inkscape (or any other tool for SVG handling) is needed if one would
> > like to see the result of generated document in SVG format. As there
> > could be a long list I am not sure if such dependencies should be put
> > into PKGBUILD, even in optdepends ?
> 
> Looking at the project README, it just generates an SVG file (and says
> you will need a program that opens SVG, like most browsers). It doesn't
> fundamentally integrate with Inkscape, and you should not add as a
> dependency every single program capable of opening a specific filetype.
> In fact, you shouldn't even add one such program. ;)
> 
> When it describes "Program to open SVG objects" as a requirement, they
> probably shouldn't have listed that in the code requirements, since it
> is only a *logical* requirement...
> 
> > I add this check in case upstream change for any reason and not break
> > the build process. The warning should be enough to let me investigate.
> > I generally don't perform operation on resource that could not be
> > present, I just applied this here too.
> 
> You should catch that when you make the package yourself before pushing
> an update to the AUR, since the install command would fail with an error
> and makepkg would abort with an error. At least, I assume you consume
> your own packages...
> 
> As a general rule, do not clutter up the PKGBUILD with things that can
> change from version to version unless it is a VCS package and the same
> PKGBUILD applies from version to version as new commits are pulled from
> the VCS source.
> Also, don't make checks like that for things which are really quite
> unlikely to change. Why do you think they might do that???
With this, I come with a simpler PKGBUILD[0] in which I push
modifications you advised. I also removed some dependencies that are
used for code coverage and building documentation, which I do not
install for now.

Did we get to something good ?

[0] https://git.bourgeois.eu/aur_python_viivakoodi.git/tree/
-------------- next part --------------
# Maintainer: Quentin Bourgeois <quentin+archlinux at bourgeois.eu>
pkgbase=viivakoodi
pkgname=("python2-$pkgbase" "python-$pkgbase")
pkgver=0.8.0
pkgrel=1
pkgdesc='Barcode generator for Python. Fork of pyBarcode project.'
arch=('any')
url="https://github.com/kxepal/$pkgbase"
license=('MIT')
makedepends+=('python-setuptools'
              'python2-setuptools')
source=("$pkgbase-$pkgver.tar.gz::https://github.com/kxepal/$pkgbase/archive/$pkgver.tar.gz")
sha256sums=('e1a17dc24975d5242202cfbb7534d69dd14eeb26bdf8a10f056c7b04904fef1e')

check() {
    cd "$srcdir/$pkgbase-$pkgver"
    
    for py_int in python3 python2; do
        msg "Testing $pkgbase-$pkgver with $py_int"
        "$py_int" ./test.py
    done
}

package_python-viivakoodi() {
    depends+=('python')
    provides+=('python2-viivakoodi')
    optdepends+=('python-pillow: render barcodes as images')
    checkdepends+=('python-pytest'
                   'python-mock'
                   'python-tox')
    cd "$srcdir/$pkgbase-$pkgver"
    python setup.py install --root="$pkgdir/" --optimize=1

    install -Dm0644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
    install -Dm0644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE.launcher"
}

package_python2-viivakoodi() {
    depends+=('python2')
    provides+=('python2-viivakoodi')
    optdepends+=('python2-pillow: render barcodes as images')
    checkdepends+=('python2-pytest'
                   'python2-mock'
                   'python2-tox') 

    cd "$srcdir/$pkgbase-$pkgver"
    python2 setup.py install --root="$pkgdir/" --optimize=1

    install -Dm0644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
    install -Dm0644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE.launcher"
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20161128/7d7aa4bb/attachment-0001.asc>


More information about the aur-general mailing list