https://github.com/conqp/repotool/blob/ … ool.py#L16
I suppose this is some remainder from an earlier version, since "pkgpath" seems unused?
https://github.com/conqp/repotool/blob/ … ool.py#L45
This is going to be slow with large amounts of packages; you can either do a direct comparison on "=" (most common case which does not require calling vercmp) or use pyalpm. In particular: https://github.com/jelly/pyalpm/blob/6b … .c#L71-L78
Also typos: "Cehcks".
https://github.com/conqp/repotool/blob/ … ol.py#L132
Similar though I suppose "isolate" is not called as often. cf. https://docs.python.org/3/library/tarfile.html instead of going through pacman for pkgbase/version.
https://github.com/conqp/repotool/blob/ … ol.py#L102
.db.tar.xz is not the only valid repo-add extension; it's better to resolve the .db symbolic link.
https://github.com/conqp/repotool/blob/ … ol.py#L112
https://github.com/conqp/repotool/blob/ … ol.py#L134
Similarly .pkg.tar.xz is not the only valid package extension. You can't immediately find out the extension from a repository alone though.
https://github.com/conqp/repotool/blob/ … ol.py#L126
I'd consider adding a warning that an existing signature was found. That way it's clear that something else than repotool signed the package.
https://github.com/conqp/repotool/blob/ … ol.py#L153
I assume this runs repo-add with the system UTF-8 locale, which may cause issues with some tools like expac/pacutils. See https://bugs.archlinux.org/task/49342
It would also be worthwhile to test how repotool behaves with arbitrary repository names. As far as I know, all characters apart from \n (newline) and / (path separator) are possible.
]]>