Can you audit my PKGBUILD?

pataracts · 2016-04-11 03:46:11

Hey all,

Today, I couldn't find a font that I wanted on the AUR, so I wrote a PKGBUILD (first time). I think I have followed the Arch packaging standards correctly. Can you look over it to make sure it is okay before I submit it to the AUR?

_font_name=YosemiteSanFranciscoFont
pkgname=ttf-yosemitesanfrancisco
pkgver=1.0
pkgrel=1
pkgdesc="Apple's San Francisco from OSX Yosemite."
arch=(any)
depends=(fontconfig xorg-font-utils)
source=("https://github.com/supermarin/YosemiteSanFranciscoFont/archive/master.zip")
md5sums=("SKIP")

install=$pkgname.install

package() {
        install -Dm644 ${srcdir}/${_font_name}-master/System\ San\ Francisco\ Display\ Regular.ttf ${pkgdir}/usr/share/fonts/SFNS\ Display/System\ San\ Francisco\ Display\ Regular.ttf
        install -Dm644 ${srcdir}/${_font_name}-master/System\ San\ Francisco\ Display\ Bold.ttf ${pkgdir}/usr/share/fonts/SFNS\ Display/System\ San\ Francisco\ Display\ Bold.ttf
        install -Dm644 ${srcdir}/${_font_name}-master/System\ San\ Francisco\ Display\ Thin.ttf ${pkgdir}/usr/share/fonts/SFNS\ Display/System\ San\ Francisco\ Display\ Thin.ttf
        install -Dm644 ${srcdir}/${_font_name}-master/System\ San\ Francisco\ Display\ Ultralight.ttf ${pkgdir}/usr/share/fonts/SFNS\ Display/System\ San\ Francisco\ Display\ Ultralight.ttf
}

ewaller · 2016-04-11 03:49:23

Three comments.
Do not skip md5sums.
Is it possible to not have spaces in your file names?
What about the license declaration?

pataracts · 2016-04-11 04:10:20

Hmm... well here is the site where I found the font originally:

https://github.com/supermarin/YosemiteSanFranciscoFont

When I unzip the file, the filenames are like that. So I'm not sure that I can get rid of the spaces. As for the md5sum, should I create that myself? As far as I can see, the original uploader didn't provide a md5sum, although they did provide an "install.sig" file within the .zip. Is there a way I could use that instead? Concerning the licensing, the fonts were created by Apple. On the original site, I found this:

You must be a registered Apple Developer to use these fonts. Do not download if you don't have a paid Apple Developer Program account.

Does this mean I should not be sharing this PKGBUILD in the first place?

ewaller · 2016-04-11 04:22:11

Generate the MD5 sums with the makepkg --geninteg switch

I am not a lawyer, but I would say that clause is a bit problematic. The copyright issue is not with the PKGBUILD itself, but one should not release something that encourages or enables others to violate copyright. At least, that is what my personal ethics dictate. Of course, if one has a paid Apple Developer Program account, it would be permissible to use such a tool.

pataracts · 2016-04-11 04:37:48

Okay, what do you think? I added a description, a license, a md5sum, and a url. Thanks for all your help by the way.

_font_name=YosemiteSanFranciscoFont
pkgname=ttf-yosemitesanfrancisco
pkgver=1.0
pkgrel=1
pkgdesc="Apple's San Francisco from OSX Yosemite. You must be a registered Apple Developer to use these fonts. Do not download if you don't have a paid Apple Developer Program account."
arch=(any)
license=('Proprietary')
depends=(fontconfig xorg-font-utils)
url=https://github.com/supermarin/YosemiteSanFranciscoFont
source=("https://github.com/supermarin/YosemiteSanFranciscoFont/archive/master.zip    ")
md5sums=('7898e0130aef93cf21817cdee3a6a956')

install=$pkgname.install

package() {
        install -Dm644 ${srcdir}/${_font_name}-master/System\ San\ Francisco\ Disp    lay\ Regular.ttf ${pkgdir}/usr/share/fonts/SFNS\ Display/System\ San\ Francisco\ D    isplay\ Regular.ttf
        install -Dm644 ${srcdir}/${_font_name}-master/System\ San\ Francisco\ Disp    lay\ Bold.ttf ${pkgdir}/usr/share/fonts/SFNS\ Display/System\ San\ Francisco\ Disp    lay\ Bold.ttf
        install -Dm644 ${srcdir}/${_font_name}-master/System\ San\ Francisco\ Disp    lay\ Thin.ttf ${pkgdir}/usr/share/fonts/SFNS\ Display/System\ San\ Francisco\ Disp    lay\ Thin.ttf
        install -Dm644 ${srcdir}/${_font_name}-master/System\ San\ Francisco\ Disp    lay\ Ultralight.ttf ${pkgdir}/usr/share/fonts/SFNS\ Display/System\ San\ Francisco    \ Display\ Ultralight.ttf
}

Last edited by pataracts (2016-04-11 04:38:28)

headkase · 2016-04-11 04:51:13

Hmm, following the links back to the source leads to this page: Repository taken down due to DMCA notice.

That would make me think that those files, at the new location, are eventually going to be subject to Apple's lawyers and then your PKGBUILD will be broken because the source files are nuked.

Scimmia · 2016-04-11 04:54:53

Don't use a zip/tarball of master. Either use a release or make a proper -git PKGBUILD.
Where is the install scriptlet? It needs to run fc-cache, mkfontscale, and mkfontdir. This won't be necessary in a couple more weeks, but at that point, you don't need the depends either.
You should quote any paths that include variables that you don't control, like ${srcdir} and ${pkgdir}. You have no way of knowing if they contain spaces.
There's really no reason to run "install" 4 times. It's capable of installing more than one file at a time, especially if you use the "-t" option.

pataracts · 2016-04-11 05:15:01

Right. Well it looks like the site where I found the font was taken down and issued a DMCA notice (hope that wasn't my fault ). Unfortunately, this renders my PKGBUILD rather useless, although I did learn something about the process.

Just for the sake of curiosity... why is it bad to use a zip/tarball of master?

EDIT: It would appear that the repository is back up... unsure of how to proceed at this point.

Last edited by pataracts (2016-04-11 05:16:50)

Arch Linux

#1 2016-04-11 03:46:11

Can you audit my PKGBUILD?

#2 2016-04-11 03:49:23

Re: Can you audit my PKGBUILD?

#3 2016-04-11 04:10:20

Re: Can you audit my PKGBUILD?

#4 2016-04-11 04:22:11

Re: Can you audit my PKGBUILD?

#5 2016-04-11 04:37:48

Re: Can you audit my PKGBUILD?

#6 2016-04-11 04:51:13

Re: Can you audit my PKGBUILD?

#7 2016-04-11 04:54:53

Re: Can you audit my PKGBUILD?

#8 2016-04-11 05:15:01

Re: Can you audit my PKGBUILD?

Board footer