[aur-general] Trusted user application: Drew DeVault
Levente Polyak
anthraxx at archlinux.org
Mon Feb 25 08:58:38 UTC 2019
Hi,
Your build script on the CI does not produce reproducible packages as it uses a own simple wrapper to call makepkg. F.e. If there is no SOURCE_DATE_EPOCH defined to now or the value already passed it does not create uniform mtimes.
What I have noticed as well, f.e where you are upstream plus downstream, there is CPPFLAGS as well which, at least downstream, we must ensure finds its way into the compilation flags.
Out of curiosity, what kind of upstream watch are you using to be made aware of new releases?
Vgo-git:
Should use go-pie as makedepends like all packages that work
it should respect LDFLAGS via extflags like gitea does.
Does not contain git makedepends, you should build in clean chroot via makechroot aka extra- wrapper from devtools to catch such case
python:
None of your python packages, neither in aur nor in your repo build CI are running any unit tests while most of them provide tests upstream. Using github sources and running unit tests to catch regressions is highly recommended, please go through them :-)
Cheers,
Levente
More information about the aur-general
mailing list