[aur-general] Enforcing AUR package quality (was Re: Trusted user application: Drew DeVault)
brent s.
bts at square-r00t.net
Thu Feb 28 16:33:36 UTC 2019
On 2/28/19 11:22 AM, Daniel M. Capella via aur-general wrote:
> On February 28, 2019 8:58:06 AM EST, Jerome Leclanche <jerome at leclan.ch> wrote:
>
> <snip>
>
>> OT: We should maybe have the AUR lint PKGBUILDs on git push (and
>> reject really bad ones) if we want to improve that situation.
>>
>> J. Leclanche
>
> I've been thinking enforcing the use of makechrootpkg and namcap on package submission should be introduced, and maybe even on major (and minor?) version bumps for packages following semver. Inb4 yes I'm aware of the number of false-positives in namcap.
>
> --
> Best,
> polyzen
>
you could get around the namcap false-positives by maybe assigning a
"quality score" instead of a pass/fail, with a certain required
threshold set.
there aren't really enough data points for a really useful scoring in
namcap alone, though, so you'd want to implement other scoring points too.
e.g.:
- 50 for a successful makechrootpkg
- 10 for each namcap test pass
- 10 for proper comment per spec[0] (i.e. '#\s*(M|m)aintainer:', etc.)
and anything higher than, i dunno, 70 or 80 is considered pass and below
is fail.
or just attach a warning for each namcap failure to the package's info
in the AUR.
[0]
https://wiki.archlinux.org/index.php/Arch_package_guidelines#PKGBUILD_prototype
--
brent saner
https://square-r00t.net/
GPG info: https://square-r00t.net/gpg-info
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20190228/c1ae1da1/attachment.sig>
More information about the aur-general
mailing list