[aur-general] TU Application: Daniel Bermond (dbermond)

Eli Schwartz eschwartz at archlinux.org
Sun Oct 14 22:14:40 UTC 2018


On 10/14/18 5:35 PM, Daniel Bermond via aur-general wrote:
> I usually don't use pgp on my aur packages because people tend to
> complain a lot about building issues. They fail to handle the keys and
> start complaining to the packager, and this is a big stress. When
> dealing with repository packages this is another story, of course. Since
> this was raised as a main issue, I'll be adding the pgp checks back again.

It's very simple to handle people who refuse to learn how the AUR works:
refuse to acknowledge anything they say, and simply respond with "learn
how to makepkg".

Removing pgp checks in the general case is not okay, even if "it's just
an AUR package, so no one cares about security because it's all garbage,
right?"

> I know that we should not use msg2 because it's makepkg internal. But it
> helps to diagnose user problems by helping to identify at which stage a
> build error is happening. For sure I can remove it if required to. ;)

I've yet to come across a single justified case of using msg2, anyone
who knows how to read an error message in the first place doesn't need
this help.

There's no rule against it per se, but I regard it as... messy.
Especially in the example Doug indicated, it seems to be wildly
overcomplicating the build and package functions.

-- 
Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20181014/dbe698e0/attachment-0001.asc>


More information about the aur-general mailing list