[aur-general] PKGBULD validation

Eli Schwartz eschwartz93 at gmail.com
Mon Sep 5 18:06:52 UTC 2016 

On 09/05/2016 12:17 PM, Patrick Ziegler via aur-general wrote:
> Hello everyone,
> 
> This is my first mail in here and I am ready to submit my first
> PKGBUILD to the AUR. But before I do that, I would like you to have a
> look at it, to make sure that nothing is wrong with it. I have already
> been through all the related wiki pages, namcap only complains about
> unnecessary dependencies (since this is a python project, we can
> ignore that) and the package seems to build and install fine on my
> system.

Nothing wrong with the package, but I can think of several things re:
standards, coding, and duplication that you might want to fix.

> # Maintainer: Patrick Ziegler <p.ziegler96 at gmail dot com>
> # Contributor: Patrick Ziegler <p.ziegler96 at gmail dot com>

Contributors are people who helped write the PKGBUILD but are not
maintainers. Don't list yourself twice. :)

> pkgname="notification-mount"
> pkgver=1.0.0
> pkgrel=1
> pkgdesc="Script to show notification for a block device with mount option"
> arch=('any')
> url="https://github.com/patrick96/notification-mount"
> license=('GPL3')
> depends=('python3' 'python-gobject' 'python-notify2' 'udevil')

The package is "python", not "python3". Also, it is implied by the other
python modules it depends on, although it is okay to explicitly depend
on it.

> makedepends=('git')
> provides=('notification-mount')
> conflicts=('notification-mount')

Why does this package provide and conflict *itself*???
Save that for the *-git version.

And for the *-git version, I prefer to copy-paste across all my PKGBUILDs:

provides=("${pkgname%-git}")
conflicts=("${pkgname%-git}")


> source=("${pkgname}::git+${url}.git#tag=v${pkgver}")

Do not do this... download the tarball.

source=("${pkgname}-${pkgver}.tar.gz::${url}/archive/v${pkgver}.tar.gz")

> md5sums=("SKIP")

There is no good reason to use ancient hash methods when sha256sums or
similar exists. :)
This provides more protection against malicious downloads, rather than
just accidental corruption like the weak md5sums does.

>
> package() {
>   cd "$srcdir/$pkgname" || exit
>   install -D -m755 "./notification-mount.py"
> "$pkgdir/usr/bin/notification-mount.py"
>   ln -s "notification-mount.py" "$pkgdir/usr/bin/notification-mount"

Why are you installing the script twice, with and without a .py
extension? Just imagine if every script in /usr/bin/ ended with .sh ;)

>   for _f in "./examples/*"
>   do
>     install -D -m644 $_f
"$pkgdir/usr/share/$pkgname/examples/$(basename $_f)"
>   done
>   install -D -m644 ./examples/notification-mount.service \
>     "$pkgdir/usr/lib/systemd/user/notification-mount.service"
> }

There is only one example, and it is a systemd unit. Install the systemd
unit, but don't copy it into /usr/share as well...

-- 
Eli Schwartz

More information about the aur-general mailing list