[aur-general] About the vuescan-bin package updating problm

Eli Schwartz eschwartz at archlinux.org
Sun May 30 02:18:15 UTC 2021


On 5/29/21 3:18 AM, Pasha Finkelshteyn wrote:
> I don't know if it's compatible with AUR/Arch policies, but what can sto
> us from writing python-selenium script, which will find actual download
> URL and will check its checksum and if it's differrent — will update
> everything needed?

There are AUR packages that do this sort of thing using overridden
DLAGENTS=() rather than the standard curl one in makepkg.conf; some use
complicated referer magic, some need to answer form input before getting
the download url, some do scripted interactions using lynx. A selenium
driven download shouldn't be a problem.

The problem here is that the current download url is trivially
downloaded with curl/wget, but it's not versioned. It's basically
https://url.com/files/vuescan.rpm

That being said, I suppose a custom dlagent could be used to first check
the downloads page, check if the right version is listed, and refuse to
download if the wrong version (and thus the wrong checksums) is listed
as available.

-- 
Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20210529/717f8d44/attachment.sig>


More information about the aur-general mailing list