You are not logged in.
I know that the AUR policy says that no code must be included with the PKGBUILD if you are not a trusted user. But, how do you deal with packages that do not have their version number in the file name: http://www.somesite.com/someproject.tar.gz instead of http://www.somesite.com/someproject-1.0.tar.gz. The problem is that when ''someproject.tar.gz" gets updated, and it will, your AUR package is broken. The MD5 sums won't match and patches may not apply either. You can get around the MD5 problem by not including a MD5 sum, and the package might install correctly if the patches still apply. However, the package version in the PKGBUILD will not match the version of what it installed on disk.
Offline
You always may upgrade the pkgrel number and update the new MD5 sum. After that, the package isn't the same as before and you see there is a newer version. If the PKGBUILD doesn't work right, you get the feedback on the AUR page in the comments, and can do something about it. Do you have a real package, which behaves like this, or is it a hypotetical question?
Offline
I have came across a few. It's not hypothetical at all.
Offline
So them the pkgrel isn't enough, or does it solve the problem according your needs? I can't see any problem, doing it this way. Or am I missing something?
Offline
I have some TeX related packages and it is some kind of politics to not have a pkgver in the filename there. But there are announcements on the certain mailing lists or users complain.
So if the version number is stated in one of the distributed files, I take that. Most of the cases can be solved that way. The remaining cases drag0nl0rd's suggestion is doable.
Offline