You are not logged in.

#1 2014-03-17 19:26:32

rdahlgren
Member
From: Los Angeles, CA, USA
Registered: 2014-02-17
Posts: 35
Website

[Solved] AUR vs Community repo?

What is the process by which some packages are allowed to be part of the community repo, while others are relegated to the AUR?

I was looking at the update list today and noticed the package profanity in the community repository. I'm a big fan of curses-based UI, so I took a look at the project. In the help out section, it is stated that "The original author knew next to nothing about coding real applications in C, XMPP, or building and installing software on Linux when starting the project". Cute.

Looking at the project's GitHub issue list, I then see a reported buffer overflow - likely caused by the uninhibited use of strcpy throughout.

My point here is: if a newbie project begging for a remote code exploit can make it into the community repo, why is something like mscgen in the AUR? Who vets these things?

I apologize for the ranty-ness of this post.

Last edited by rdahlgren (2014-03-17 22:40:03)

Offline

#2 2014-03-17 19:28:58

HalosGhost
Member
From: Twin Cities, MN
Registered: 2012-06-22
Posts: 1,486
Website

Re: [Solved] AUR vs Community repo?

rdahlgren wrote:

What is the process by which some packages are allowed to be part of the community repo, while others are relegated to the AUR?

Nothing is relegated. Rather, if a TU wants to maintain it, then they'll move it into [community].

Who vets these things?

The TU that maintains it, hopefully.

I apologize for the ranty-ness of this post.

Yeah, avoid ranting; it's rather frowned upon on this BBS.

All the best,

-HG


"All errors are ᴘᴇʙᴋᴀᴄ errors—It's just a matter of narrowing down which keyboard and chair." -Trilby
\ldots

Offline

#3 2014-03-17 19:35:28

drcouzelis
Member
From: Connecticut, USA
Registered: 2009-11-09
Posts: 3,424
Website

Re: [Solved] AUR vs Community repo?

Your exact question is in the wiki: https://wiki.archlinux.org/index.php/AU … mmunity.3F

Offline

#4 2014-03-17 21:05:43

rdahlgren
Member
From: Los Angeles, CA, USA
Registered: 2014-02-17
Posts: 35
Website

Re: [Solved] AUR vs Community repo?

Ah, so it is! Thanks for the wiki link.

Offline

#5 2014-03-17 21:18:54

HalosGhost
Member
From: Twin Cities, MN
Registered: 2012-06-22
Posts: 1,486
Website

Re: [Solved] AUR vs Community repo?

Please remember to mark your thread title with [Solved] at the beginning if your question was answered.

All the best,

-HG

Last edited by HalosGhost (2014-03-17 21:19:02)


"All errors are ᴘᴇʙᴋᴀᴄ errors—It's just a matter of narrowing down which keyboard and chair." -Trilby
\ldots

Offline

Board footer

Powered by FluxBB