Quoting Levente Polyak via aur-general (2018-11-14 17:00:38) > Hi Daniel, > > Small summary of things I repeatedly noticed: > > - # Generated by mksrcinfo v8 Wed Nov 14 05:46:26 UTC 2018 > I would say remove this ancient package from your system > and use makepkg --printsrcinfo instead
Done. > - if a setup.py uses entry_points for scripts that > means setuptools is not just a make but a hard dependency Totally forgot about this. Thank you for listing all the packages that need the change; will roll this out. > - tests are awesome <3 run them whenever possible! more is better! > pulling sources from github is favorable when you get free tests > and sometimes manpages/docs Will work with the upstreams to distribute these. I prefer to use published offerings as they are what the authors intend to be used. GitHub autogenerated tarballs are also subject to change: https://marc.info/?l=openbsd-ports&m=151973450514279&w=2 For Rust sources there's also this problem: https://doc.rust-lang.org/cargo/faq.html#why-do-binaries-have-cargolock-in-version-control-but-not-libraries Crates explicitly filter out lock files. `publish-lockfile` for binary crates is still only available in Cargo nightly. Communication is already in progress with the relevant upstreams. > > [+] Running xxarhtna --verbose --pedantic > > asciinema-rs: > - provides asciinema, but where is the conflicts? Done. > black-git: > - this should be called python-black > - running unit tests is missing > - setuptools is a hard dependency, setup.py uses entry_points > - python-aiohttp should be a checkdepends otherwise tests > deactivate several things Didn't request to be a co-maintainer for this, and haven't looked at the pkgbuild yet. Will pass the notes along. > espeak-ng: > - That shouldn't provide espeak, its not a drop in replacement > and breaks stuff, this epoch on espeak is for a reason: > > https://git.archlinux.org/svntogit/community.git/commit/trunk?h=packages/espeak&id=fee824f6ed964b1bab1586fdc4342577f2a57bf2 > - autogen.sh should be a prepare() thing Well then. Done. > firefox-bookmarkdupes: > - building from source will have nice signatures I check these against upstream checksums: `curl -I https://addons.mozilla.org/firefox/downloads/latest/bookmark-dupes/ | grep Digest` Building Fx extensions is among the last things I want to do. :p Pretty sure I would have to setup an AMO account to then also sign the extension myself. > gitleaks: > - there are tests available for check() Done. > mwic > - the hack does upstream do, it will create .py files in usr/share/mwic/lib/ > that lack the pyo/pyc files and if running as root the imports will > create untracked files in that directory that will remain forever Will see what can be done. > pcaudiolib > - prepare() is a better place for autogen.sh Done. > pulldown-cmark > - there is a Cargo.lock lets use --locked for reproducible builds > this requires to pull unstripped sources from github > - there are also tests available but whatever upstream does, some of > them seem to fail? investigate? https://github.com/raphlinus/pulldown-cmark/pull/152#issuecomment-435519277 > shaderc: > - i'm sorry, i gonna need to pull this into [extra] as part > of an update. thanks for the work C'est la vie. > python-black: > - setuptools is a hard dependency, setup.py uses entry_points > - python-aiohttp should be a checkdepends otherwise tests > deactivate several things Done. > python-soco: > - there are tests available for check() via py.test Requires jumping through hoops. See the note: https://soco.readthedocs.io/en/latest/development/unittests.html?highlight=test#running-the-unit-tests > - maybe distribute some docs as well like manpages from docs dir I don't see any manpages there. This is a library. > razercfg: > - razercfg.install could be removed, ldconfig systemd-tmpfiles and udevadm > are handled via hooks Done. > - do we _really_ need to split razer mouse tool UI and daemon here? > doubt it tbh. The UI is completely optional. ¯\_(ツ)_/¯ > speedtest-zpeters: > - whats wrong with the tests? maybe comment? Don't remember exactly. Either way, the packaged release reports the wrong results, and a complete rewrite is in progress. > spotify-adkiller-git: > - i dont like file-type postfixes in /usr/bin they should be removed > and ADKILLER= be adjusted Done. > spt: > - this needs a build() func, don't build implicitly in package() Done. > - CPPFLAGS are not respected and should be populated properly > an upstream patch for that would be best Will have to figure that out. > termtosvg: > - there are nice manpages for this CLI tool in the upstream sourceso on GH https://github.com/nbedos/termtosvg/pull/77 Poked upstream for a release. > trust-dns-server: > - there are tests that could be run via check() Done. \o/ > > [*] xxarhtna report finished > > cheers, > Levente Thank you very much for the review. Go LDFLAGS is still on the todo. Packaging for Go has perhaps been more traumatizing than even Node.js. -- Best, polyzen
signature.asc
Description: signature
