You are not logged in.

Pages: 1

#1 2014-03-17 19:26:32

rdahlgren
Member
From: Middle States, USA
Registered: 2014-02-17
Posts: 36
Website

[Solved] AUR vs Community repo?

What is the process by which some packages are allowed to be part of the community repo, while others are relegated to the AUR?

I was looking at the update list today and noticed the package profanity in the community repository. I'm a big fan of curses-based UI, so I took a look at the project. In the help out section, it is stated that "The original author knew next to nothing about coding real applications in C, XMPP, or building and installing software on Linux when starting the project". Cute.

Looking at the project's GitHub issue list, I then see a reported buffer overflow - likely caused by the uninhibited use of strcpy throughout.

My point here is: if a newbie project begging for a remote code exploit can make it into the community repo, why is something like mscgen in the AUR? Who vets these things?

I apologize for the ranty-ness of this post.

Last edited by rdahlgren (2014-03-17 22:40:03)

@ScaleItRon | http://dahlgren.so | https://github.com/influenza
PGP: FB3E4542

Offline

#2 2014-03-17 19:28:58

HalosGhost
Forum Moderator
From: Twin Cities, MN
Registered: 2012-06-22
Posts: 2,092
Website

Re: [Solved] AUR vs Community repo?

rdahlgren wrote:

What is the process by which some packages are allowed to be part of the community repo, while others are relegated to the AUR?

Nothing is relegated. Rather, if a TU wants to maintain it, then they'll move it into [community].

Who vets these things?

The TU that maintains it, hopefully.

I apologize for the ranty-ness of this post.

Yeah, avoid ranting; it's rather frowned upon on this BBS.

All the best,

-HG

Code of Conduct

Offline

#3 2014-03-17 19:35:28

drcouzelis
Member
From: Connecticut, USA
Registered: 2009-11-09
Posts: 4,092
Website

Re: [Solved] AUR vs Community repo?

Your exact question is in the wiki: https://wiki.archlinux.org/index.php/AU … mmunity.3F

Offline

#4 2014-03-17 21:05:43

rdahlgren
Member
From: Middle States, USA
Registered: 2014-02-17
Posts: 36
Website

Re: [Solved] AUR vs Community repo?

Ah, so it is! Thanks for the wiki link.

@ScaleItRon | http://dahlgren.so | https://github.com/influenza
PGP: FB3E4542

Offline

#5 2014-03-17 21:18:54

HalosGhost
Forum Moderator
From: Twin Cities, MN
Registered: 2012-06-22
Posts: 2,092
Website

Re: [Solved] AUR vs Community repo?

Please remember to mark your thread title with [Solved] at the beginning if your question was answered.

All the best,

-HG

Last edited by HalosGhost (2014-03-17 21:19:02)

Code of Conduct

Offline

Pages: 1

Board footer

Powered by FluxBB