You are not logged in.
Hi everyone, I'm new on this forum. I finished installing Arch and everything works so far. I'd like to install "Dropbox" and "Skype", but they're part of AUR. This may sound silly but if I understand correctly installing software from AUR adds the possibility for things to break in the future, especially after "pacman -Syu" updates. I don't think I'll need much stuff from AUR, so I'll try to limit its usage. I'd like to have your opinion on this. How safe is it to install a few packages from AUR in the long run? Thanks. Your time is greatly appreciated!
Offline
https://wiki.archlinux.org/index.php/Ar … Repository
Best to consult the wiki before asking in the forum.
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
Unless you are using system-critical components from the AUR (e.g. an alternative kernel or an essential hardware driver), a regular update won't break your system. Some AUR packages may break due to e.g. a change in a system library's API/ABI or version number, but usually a quick rebuild of the AUR package(s) is all that's needed. Of course, sometimes upstream fails to keep up with the latest version of libraries and the package will no longer build, but that may occur with packages in the repos too.
The main danger of AUR packages is that they are user-submitted. You have to inspect the PKGBUILD and related files yourself for malicious code (due to malevolence or incompetence) and at least check that you trust the upstream source files.
My Arch Linux Stuff • Forum Etiquette • Community Ethos - Arch is not for everyone
Offline
Unless you are using system-critical components from the AUR (e.g. an alternative kernel or an essential hardware driver), a regular update won't break your system. Some AUR packages may break due to e.g. a change in a system library's API/ABI or version number, but usually a quick rebuild of the AUR package(s) is all that's needed. Of course, sometimes upstream fails to keep up with the latest version of libraries and the package will no longer build, but that may occur with packages in the repos too.
The main danger of AUR packages is that they are user-submitted. You have to inspect the PKGBUILD and related files yourself for malicious code (due to malevolence or incompetence) and at least check that you trust the upstream source files.
Thank you. I appreciate it.
Offline