[aur-general] PKGBULD validation
Patrick Ziegler
p.ziegler96 at gmail.com
Tue Sep 6 16:53:21 UTC 2016
Thank you very much for the feedback, seems like I still have some
work to do. Unfortunately I didn't have time today, I'll try to take a
better look and implement the changes tomorrow and will report back
with the new and improved version.
2016-09-05 20:06 GMT+02:00 Eli Schwartz via aur-general
<aur-general at archlinux.org>:
> On 09/05/2016 12:17 PM, Patrick Ziegler via aur-general wrote:
>> Hello everyone,
>>
>> This is my first mail in here and I am ready to submit my first
>> PKGBUILD to the AUR. But before I do that, I would like you to have a
>> look at it, to make sure that nothing is wrong with it. I have already
>> been through all the related wiki pages, namcap only complains about
>> unnecessary dependencies (since this is a python project, we can
>> ignore that) and the package seems to build and install fine on my
>> system.
>
> Nothing wrong with the package, but I can think of several things re:
> standards, coding, and duplication that you might want to fix.
>
>> # Maintainer: Patrick Ziegler <p.ziegler96 at gmail dot com>
>> # Contributor: Patrick Ziegler <p.ziegler96 at gmail dot com>
>
> Contributors are people who helped write the PKGBUILD but are not
> maintainers. Don't list yourself twice. :)
>
>> pkgname="notification-mount"
>> pkgver=1.0.0
>> pkgrel=1
>> pkgdesc="Script to show notification for a block device with mount option"
>> arch=('any')
>> url="https://github.com/patrick96/notification-mount"
>> license=('GPL3')
>> depends=('python3' 'python-gobject' 'python-notify2' 'udevil')
>
> The package is "python", not "python3". Also, it is implied by the other
> python modules it depends on, although it is okay to explicitly depend
> on it.
>
>> makedepends=('git')
>> provides=('notification-mount')
>> conflicts=('notification-mount')
>
> Why does this package provide and conflict *itself*???
> Save that for the *-git version.
>
> And for the *-git version, I prefer to copy-paste across all my PKGBUILDs:
>
> provides=("${pkgname%-git}")
> conflicts=("${pkgname%-git}")
>
>
>> source=("${pkgname}::git+${url}.git#tag=v${pkgver}")
>
> Do not do this... download the tarball.
>
> source=("${pkgname}-${pkgver}.tar.gz::${url}/archive/v${pkgver}.tar.gz")
>
>> md5sums=("SKIP")
>
> There is no good reason to use ancient hash methods when sha256sums or
> similar exists. :)
> This provides more protection against malicious downloads, rather than
> just accidental corruption like the weak md5sums does.
>
>>
>> package() {
>> cd "$srcdir/$pkgname" || exit
>> install -D -m755 "./notification-mount.py"
>> "$pkgdir/usr/bin/notification-mount.py"
>> ln -s "notification-mount.py" "$pkgdir/usr/bin/notification-mount"
>
> Why are you installing the script twice, with and without a .py
> extension? Just imagine if every script in /usr/bin/ ended with .sh ;)
>
>> for _f in "./examples/*"
>> do
>> install -D -m644 $_f
> "$pkgdir/usr/share/$pkgname/examples/$(basename $_f)"
>> done
>> install -D -m644 ./examples/notification-mount.service \
>> "$pkgdir/usr/lib/systemd/user/notification-mount.service"
>> }
>
> There is only one example, and it is a systemd unit. Install the systemd
> unit, but don't copy it into /usr/share as well...
>
> --
> Eli Schwartz
More information about the aur-general
mailing list