[aur-general] About the vuescan-bin package updating problm

[Eli Schwartz]

On 5/29/21 3:18 AM, Pasha Finkelshteyn wrote:
> I don't know if it's compatible with AUR/Arch policies, but what can sto
> us from writing python-selenium script, which will find actual download
> URL and will check its checksum and if it's differrent — will update
> everything needed?

There are AUR packages that do this sort of thing using overridden
DLAGENTS=() rather than the standard curl one in makepkg.conf; some use
complicated referer magic, some need to answer form input before getting
the download url, some do scripted interactions using lynx. A selenium
driven download shouldn't be a problem.

The problem here is that the current download url is trivially
downloaded with curl/wget, but it's not versioned. It's basically
https://url.com/files/vuescan.rpm

That being said, I suppose a custom dlagent could be used to first check
the downloads page, check if the right version is listed, and refuse to
download if the wrong version (and thus the wrong checksums) is listed
as available.

-- 
Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20210529/717f8d44/attachment.sig>