Hello everyone,
Today i noticed by chance that the aur/tor-browser package is gone and
replaced by extra/torbrowser-launcher
That worries me a bit because as a user of an aur helper i did either
not receive or see a notice about that so i stayed on version 12.5.3-1
that was the last one on aur without noticing it was getting outdated.
I just wonder if that's common practice? This case is particularly
unlucky in my eyes because tor browser has a special role in the
security concepts of many people and because the new package is spelled
torbrowser-launcher a search in both databases with "yay tor-browser" in
september only showed me the aur result.
So i just wanted to ask if there is any possibility to make that
transition better because i assume i'm not the only user out there who
didn't notice.
And more thought that i had even though i didn't want to check in order
to cause unnecessary chaos: Is the name tor-browser now blocked in aur
or could anyone just upload a malicious package to that name and until
somebody notices that everyone who has the old tor browser and uses an
aur helper for updates gets a malicious version?
Regards
Zehka
- tor-browser depublication and replacment Zehka
-
