You are not logged in.

#1 2017-11-15 20:23:56

winksaville
Member
Registered: 2015-09-21
Posts: 40

PKGBUILD review request: ponyc-rpm

I created ponyc-rpm on github and would much appreciate it being reviewed. Ponyc is an open source compiler for the pony language

As I noted in README.md the reason I've created ponyc-rpm is that the ponyc compiler available in Arch Linux is broken.

Here is PKGBUILD from my repo:

pkgname=ponyc-rpm
pkgver=0.20.0_4003.0b2a2d2
mypkgver=("${pkgver//_/-}")
pkgrel=1
pkgdesc="ponyc installed via .rpm pkgs as ponyc is incompatible with LLVM5"
arch=('x86_64')
url="http://www.ponylang.org/"
license=('BSD')
#depends=('')
makedepends=('rpmextract')
source=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-$mypkgver.x86_64.rpm")
md5sums=('dd4433d3f7188accc73ff1d3eabfcf20')


build() {
  cd "$srcdir"
  rpmextract.sh ../ponyc-$mypkgver.x86_64.rpm
}
package() {
  mv $srcdir/usr $pkgdir/ #/usr is the only top-level dir in the package
}

Offline

#2 2017-11-16 00:23:01

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,447
Website

Re: PKGBUILD review request: ponyc-rpm

The following should be sufficient:

pkgname=ponyc-rpm
pkgver=0.20.0_4003.0b2a2d2
pkgrel=1
pkgdesc="ponyc installed via .rpm pkgs as ponyc is incompatible with LLVM5"
arch=('x86_64')
url="http://www.ponylang.org/"
license=('BSD')
source=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${pkgver//_/-}.x86_64.rpm")
md5sums=('dd4433d3f7188accc73ff1d3eabfcf20')

package() {
  cp -a $srcdir/usr $pkgdir/
}

No need for rpmextract, makepkg will already do that automatically with bsdtar.  I also moved the modifcation of pkgver directly to where it is used - this is mostly just cosmetic, but to me there doesn't seem to be a point in defining a new variable that is only used once.  If you do keep it as a separate variable, that variable name should start with an underscore.

I also replaced mv with cp -a so the source files are still in place if needed.  You could consider using `install` too, but cp -a will get the job done.

Last edited by Trilby (2017-11-16 00:24:08)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Online

#3 2017-11-16 08:10:14

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

Txs, much simpler. I'll give a try when I get up,  Is using cp or install considered better form? I've never used install so I have no idea one way or the other.

Offline

#4 2017-11-16 16:38:13

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

@trilby,

Worked perfectly, is there anything else I should do before submitting to AUR?

Thanks,

Wink

Offline

#5 2017-11-16 16:39:36

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,447
Website

Re: PKGBUILD review request: ponyc-rpm

I have no basis on which to assess how useful this will be, but the above should be a perfect valid PKGBUILD for submission.  Just check the AUR page for submission instructions and remember to generate a SRCINFO file.

EDIT: actually scratch that, it should list a few dependencies.  I don't know enough about what this is to judge, but namcap reports libtinfo.so.5 is a dependency, libtinfo.so is provided by ncurses, but the rpm seems to be built against an older version, so you may need a version of ncurses from the AUR as a dependency.  Namcap also suggests zlib and gcc-libs as dependencies.

Last edited by Trilby (2017-11-16 16:44:18)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Online

#6 2017-11-16 20:52:48

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

Updated my ponyc-rpm repo and here is the PKGBUILD:

# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
pkgver=0.20.0_4003.0b2a2d2
_pkgver=("${pkgver//_/-}")
pkgrel=1
pkgdesc="ponyc installed via .rpm pkgs as ponyc is incompatible with LLVM5"
arch=('x86_64')
url="http://www.ponylang.org/"
license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
source=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${pkgver//_/-}.$CARCH.rpm")
md5sums=('dd4433d3f7188accc73ff1d3eabfcf20')

package() {
  cp -a $srcdir/usr $pkgdir/
  install -Dm644 $srcdir/../LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}

The namcap output is:

$ namcap PKGBUILD
wink@wink-envy:~/prgs/ponylang/ponyc-rpm (master)
$ namcap ponyc-rpm-0.20.0_4003.0b2a2d2-1-x86_64.pkg.tar.xz 
ponyc-rpm W: Referenced library 'libtinfo.so.5' is an uninstalled dependency
ponyc-rpm W: Dependency included and not needed ('ncurses5-compat-libs')

So PKGBUILD is clean and I'm not sure how to correct the dependency warnings,
ncurses5-compat-libs does contain libtinfo.so.5:

$ sudo pacman -Qe | grep ncurses
ncurses5-compat-libs 6.0+20170902-1
wink@wink-envy:~/prgs/ponylang/ponyc-rpm (master)
$ sudo pacman -Ql | grep libtinfo
ncurses /usr/lib/libtinfo.so
ncurses /usr/lib/libtinfo.so.6
ncurses /usr/lib/libtinfo.so.6.0
ncurses5-compat-libs /usr/lib/libtinfo.so.5

And libtinfo.so.5 is installed

$ ls -al /usr/lib/libtinfo.so*
lrwxrwxrwx 1 root root     13 Oct 25 01:40 /usr/lib/libtinfo.so -> libtinfo.so.6
lrwxrwxrwx 1 root root     24 Sep 19 12:40 /usr/lib/libtinfo.so.5 -> /usr/lib/libncurses.so.5
lrwxrwxrwx 1 root root     15 Oct 25 01:40 /usr/lib/libtinfo.so.6 -> libtinfo.so.6.0
-rwxr-xr-x 1 root root 178632 Oct 25 01:40 /usr/lib/libtinfo.so.6.0

Any suggestions?

Offline

#7 2017-11-16 21:22:35

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,447
Website

Re: PKGBUILD review request: ponyc-rpm

Namcap is useful but far from infallible.  Those warnings look fine.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Online

#8 2017-11-16 22:03:01

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

That's what I thought.

After reading the Submitting Packages
I made one more change, I added conflicts ponyc and updated .SRCINFO:

$ cat PKGBUILD 
# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
pkgver=0.20.0_4003.0b2a2d2
_pkgver=("${pkgver//_/-}")
pkgrel=1
pkgdesc="ponyc installed via .rpm pkgs as ponyc is incompatible with LLVM5"
arch=('x86_64')
url="http://www.ponylang.org/"
license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
conflicts=('ponyc')
source=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${pkgver//_/-}.$CARCH.rpm")
md5sums=('dd4433d3f7188accc73ff1d3eabfcf20')

package() {
  cp -a $srcdir/usr $pkgdir/
  install -Dm644 $srcdir/../LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}

So I think its ready to go, do you agree?

Offline

#9 2017-11-16 22:05:03

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,447
Website

Re: PKGBUILD review request: ponyc-rpm

Yup, looks good, you may want to also add "provides" ponyc if that seems fitting - that way any package that requires ponyc as a dependency will be satisfied with this package instead.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Online

#10 2017-11-16 22:50:06

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

Good idea, added _ver, _ver_sig and provides, and then removed _pkgver which was unused anyway:

$ cat PKGBUILD 
# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
_ver="0.20.0"
_ver_sig="4003.0b2a2d2"
pkgver="${_ver}_${_ver_sig}"
pkgrel=1
pkgdesc="ponyc installed via .rpm pkgs as ponyc is incompatible with LLVM5"
arch=('x86_64')
url="http://www.ponylang.org/"
license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
provides=('ponyc=$_ver')
conflicts=('ponyc')
source=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.$CARCH.rpm")
md5sums=('dd4433d3f7188accc73ff1d3eabfcf20')

package() {
  cp -a $srcdir/usr $pkgdir/
  install -Dm644 $srcdir/../LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}

Offline

#11 2017-11-17 00:29:29

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

@Trilby, thank you very much for helping, I've submitted [ponyc-rpm](https://aur.archlinux.org/packages/ponyc-rpm/).

Offline

#12 2017-11-17 03:25:49

eschwartz
Fellow
Registered: 2014-08-08
Posts: 4,097

Re: PKGBUILD review request: ponyc-rpm

Uh, I think this should properly be a ponyc-bin package as the fact that it is extracted from an RPM is less important than the fact that it is upstream-blessed prebuilt binaries.

Also the PKGBUILD guidelines state that the pkgdesc should not be self-referential. So I would suggest something modeled after the community package, like "An actor model, capabilities, high performance programming language (standalone binaries)".

Also,

cp -a $srcdir/usr $pkgdir/

must be quoted:

cp -a "$srcdir/"usr "$pkgdir/"

And this must be quoted as well: `install -Dm644 $srcdir/../LICENSE` but more importantly, where does that license come from? It's not in the source=() array, and you're specifying the directory above "$srcdir" which could be anything at all, if I set the BUILDDIR variable. You cannot assume that startdir="$srcdir"/../ even if it was ever a good idea to use "$startdir" for anything!

Last edited by eschwartz (2017-11-17 03:30:35)


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#13 2017-11-17 05:44:44

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

Bug Wrangler,

Thanks for the feed back. I'll make the changes execpt I think leaving the name as ponyc-rpm is better
because it matches the name in bintray/ponylanguage.
I could eventually see possibly people wanting to create AUR packages for ponyc-debian or
pony-stable-rpm ...

Offline

#14 2017-11-17 06:32:32

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

Below is the latest PKGBUILD with Bug Wrangler's suggestions incorporated.
I removed the LICENSE file and instead fetch it directly from the ponyc source
repo, which is where the deleted version was from. I'm not sure this is the "correct"
solution, but its working. Let me know what other changes you might suggest.

Thanks again!

$ cat PKGBUILD 
# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
_ver="0.20.0"
_ver_sig="4003.0b2a2d2"
pkgver="${_ver}_${_ver_sig}"
pkgrel=1
pkgdesc="An actor model, capabilities, high performance programming language (bintray rpm binaries)"
arch=('x86_64')
url="http://www.ponylang.org/"
license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
provides=('ponyc=$_ver')
conflicts=('ponyc')
source=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.$CARCH.rpm"
        "https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE")
md5sums=('dd4433d3f7188accc73ff1d3eabfcf20'
         '38fb540199a11135e6bdc1a4d273ff00')

package() {
  cp -a "$srcdir/usr" "$pkgdir/"
  install -Dm644 "$srcdir/LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}

Offline

#15 2017-11-17 11:31:56

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,447
Website

Re: PKGBUILD review request: ponyc-rpm

Perhaps "pony-rpm-bin" would work.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Online

#16 2017-11-17 16:46:43

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

Using "ponyc-rpm-bin" seems ok (note, "ponyc-" not "pony-" since the regular package is "ponyc") if that's ok with everyone.

The regular ponyc package does not work. Its marked as out dated but is there something else we can do to indicate it doesn't work and direct them to "ponyc-rpm-bin"?

Last edited by winksaville (2017-11-17 17:07:01)

Offline

#17 2017-11-17 17:05:28

eschwartz
Fellow
Registered: 2014-08-08
Posts: 4,097

Re: PKGBUILD review request: ponyc-rpm

winksaville wrote:

Below is the latest PKGBUILD with Bug Wrangler's suggestions incorporated.
I removed the LICENSE file and instead fetch it directly from the ponyc source
repo, which is where the deleted version was from. I'm not sure this is the "correct"
solution, but its working. Let me know what other changes you might suggest.

Well, generally the problem is that if the file gets changed then the checksums will stop matching. But given this is the license file, I don't think there is a high likelihood that the license file will keep changing. smile
(The usual workaround for this is to pin each file to some sha1 commit hash or tag name, rather than branch master.)

That being said, the ideal method would be to copy the license from the extracted RPM, but this assumes that the RPM comes with the license file...

$ cat PKGBUILD 
# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
_ver="0.20.0"
_ver_sig="4003.0b2a2d2"
pkgver="${_ver}_${_ver_sig}"

Instead of splitting up the pkgver like that, you could use the following in the source url:

${pkgver/_/-}
pkgrel=1
pkgdesc="An actor model, capabilities, high performance programming language (bintray rpm binaries)"
arch=('x86_64')
url="http://www.ponylang.org/"

You should link directly to the HTTPS version of the website, to save users a trivial redirect and the possibility that they will be MITMed before connecting rather than having their traffic spied upon.
(More generally, this is why HTTP Strict Transport Security and the HSTS preload list exists.)

license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
provides=('ponyc=$_ver')
conflicts=('ponyc')
source=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.$CARCH.rpm"
        "[url]https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE[/url]")
md5sums=('dd4433d3f7188accc73ff1d3eabfcf20'
         '38fb540199a11135e6bdc1a4d273ff00')

Oh, also this is wrong. Don't use $CARCH for arch-specific sources, instead use:

source_x86_64=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.x86_64.rpm")
source=("https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE")
md5sums_x86_64=('dd4433d3f7188accc73ff1d3eabfcf20')
md5sums=('38fb540199a11135e6bdc1a4d273ff00')

Also consider using something a little more modern than md5sums on general principle -- md5sums is weak enough that it only protects against accidental file corruption. If package maintainers perform independent verification of the source files and then submit a stronger hash like sha256sums, this can offer additional protection.

For that matter, https://dl.bintray.com/pony-language/ponyc-rpm/ shows that they provide *.asc signatures for all files, so please add those sources as well and add the ponyc release manager's GPG key to the validpgpkeys array. GPG is the ideal state for all packages. smile

Last edited by eschwartz (2017-11-17 17:13:48)


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#18 2017-11-17 18:43:53

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

@Eschwartz, I'm incorporating the suggestions, the license file isn't in the rpm file so I'll just keep grabbing it from the ponyc github repo.

I've chosen to use sha256sums, I'm hesitant to switch to .asc signatures as it seems to add another step that the user has to manually do (or please show me how to do it automatically). Not only that, but there was confusion on the ponylang side about which key to use, and apparently it's the bintray key, see here and here.

I created _ver and _ver_sig so I could use _ver in the provides entry and not have to repeat myself.

Regarding changing the package to "ponyc-rpm-bin" are you ok with that? If we do change the package name, I'll need to change the ponyc/README.md so there maybe a period of time where both are needed. In actual fact, its only been up a day or so, so probably not a big deal, but what's the normal process for renaming a package (I did a search and couldn't find a good answer)?

Finally, I'm getting some warnings from namcap after updating .SRCINFO, have I done something wrong?

$ namcap PKGBUILD 
PKGBUILD (ponyc-rpm) W: Reference to x86_64 should be changed to $CARCH
PKGBUILD (ponyc-rpm) W: Non standard variable 'sha256sums_x86_64' doesn't start with an underscore
PKGBUILD (ponyc-rpm) W: Non standard variable 'source_x86_64' doesn't start with an underscore

PKGBUILD and .SRCINFO

$ cat PKGBUILD 
# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
_ver="0.20.0"
_ver_sig="4003.0b2a2d2"
pkgver="${_ver}_${_ver_sig}"
pkgrel=1
pkgdesc="An actor model, capabilities, high performance programming language (bintray rpm binaries)"
arch=('x86_64')
url="https://www.ponylang.org/"
license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
provides=('ponyc=$_ver')
conflicts=('ponyc')

source_x86_64=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.x86_64.rpm")
sha256sums_x86_64=('0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf')
source=("https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE")
sha256sums=('c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a')

package() {
  cp -a "$srcdir/usr" "$pkgdir/"
  install -Dm644 "$srcdir/LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}
wink@wink-envy:~/prgs/ponylang/ponyc-rpm (master)
$ cat .SRCINFO 
pkgbase = ponyc-rpm
	pkgdesc = An actor model, capabilities, high performance programming language (bintray rpm binaries)
	pkgver = 0.20.0_4003.0b2a2d2
	pkgrel = 1
	url = http://www.ponylang.org/
	arch = x86_64
	license = BSD
	depends = zlib
	depends = ncurses5-compat-libs
	provides = ponyc=$_ver
	conflicts = ponyc
	source = https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE
	sha256sums = c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a
	source_x86_64 = https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-0.20.0-4003.0b2a2d2.x86_64.rpm
	sha256sums_x86_64 = 0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf

pkgname = ponyc-rpm

Last edited by winksaville (2017-11-17 19:12:46)

Offline

#19 2017-11-17 21:23:08

eschwartz
Fellow
Registered: 2014-08-08
Posts: 4,097

Re: PKGBUILD review request: ponyc-rpm

winksaville wrote:

@Eschwartz, I'm incorporating the suggestions, the license file isn't in the rpm file so I'll just keep grabbing it from the ponyc github repo.

I've chosen to use sha256sums, I'm hesitant to switch to .asc signatures as it seems to add another step that the user has to manually do (or please show me how to do it automatically). Not only that, but there was confusion on the ponylang side about which key to use, and apparently it's the bintray key, see here and here.

The user will have to gpg --recv-keys $fingerprint, or alternatively add "keyserver-options auto-key-retrieve" to gpg.conf

I created _ver and _ver_sig so I could use _ver in the provides entry and not have to repeat myself.

Hmm, fair enough, I didn't notice that. If you wanted though, you could use provides=("ponyc=${pkgver%_*}") and still get the same results. Notice you MUST use double-quotes, not single-quotes or the variable will not be expanded. Take a closer look at your .SRCINFO...

Regarding changing the package to "ponyc-rpm-bin" are you ok with that? If we do change the package name, I'll need to change the ponyc/README.md so there maybe a period of time where both are needed. In actual fact, its only been up a day or so, so probably not a big deal, but what's the normal process for renaming a package (I did a search and couldn't find a good answer)?

Simply reupload a new package with a different pkgname. Depending on whether you wish to transfer AUR comments from the old package to the new package, you will then go to the old package and "Submit Request" to either merge the old package into the new package, or delete it entirely.

Finally, I'm getting some warnings from namcap after updating .SRCINFO, have I done something wrong?

$ namcap PKGBUILD 
PKGBUILD (ponyc-rpm) W: Reference to x86_64 should be changed to $CARCH
PKGBUILD (ponyc-rpm) W: Non standard variable 'sha256sums_x86_64' doesn't start with an underscore
PKGBUILD (ponyc-rpm) W: Non standard variable 'source_x86_64' doesn't start with an underscore

That is just namcap offering well-intentioned but misguided advice. See `man PKGBUILD` for the formal documentation on the source=() array and architecture-specific sources.

CARCH should indeed be preferred... when used in the build() or package() functions, not when used in source_*=()

PKGBUILD and .SRCINFO

$ cat PKGBUILD 
# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
_ver="0.20.0"
_ver_sig="4003.0b2a2d2"
pkgver="${_ver}_${_ver_sig}"
pkgrel=1
pkgdesc="An actor model, capabilities, high performance programming language (bintray rpm binaries)"
arch=('x86_64')
url="https://www.ponylang.org/"
license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
provides=('ponyc=$_ver')
conflicts=('ponyc')

source_x86_64=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.x86_64.rpm")
sha256sums_x86_64=('0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf')
source=("https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE")
sha256sums=('c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a')

package() {
  cp -a "$srcdir/usr" "$pkgdir/"
  install -Dm644 "$srcdir/LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}
wink@wink-envy:~/prgs/ponylang/ponyc-rpm (master)
$ cat .SRCINFO 
pkgbase = ponyc-rpm
	pkgdesc = An actor model, capabilities, high performance programming language (bintray rpm binaries)
	pkgver = 0.20.0_4003.0b2a2d2
	pkgrel = 1
	url = http://www.ponylang.org/
	arch = x86_64
	license = BSD
	depends = zlib
	depends = ncurses5-compat-libs
	provides = ponyc=$_ver
	conflicts = ponyc
	source = https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE
	sha256sums = c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a
	source_x86_64 = https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-0.20.0-4003.0b2a2d2.x86_64.rpm
	sha256sums_x86_64 = 0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf

pkgname = ponyc-rpm

That looks fine, except the single-quoted provides, and I really think you should enable gpg signature verification. smile There are many packages that do, and it offers dramatic security benefits. Users should be expected to know how makepkg works, which includes reading the wiki page https://wiki.archlinux.org/index.php/Ma … e_checking where it describes how to check gpg-signed PKGBUILD sources.

Also you didn't regenerate your .SRCINFO when you updated the url. :DS


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#20 2017-11-17 23:43:27

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

Eli,

I've pushed up the latest version with everything but using the signature verification and changing the name.
I try doing the signature next and then rename.

I appreciate your reviewing but this is harder than it should be. I think if we used github it would be
easier. If I'd used your pkgbuild would you have reviewed
it there?

Note: I haven't used it yet, but how hard would it be for you to create a pkgbuilds app that wrapped
your shell scripts and pubished that as an app? I think that would be nicer if the scripts were separate
from the "pkgbuild sub-modules". I feels weird to fork your project and then use the base branch, I think
I want my "pkgbuild sub-modules" in master. Just a thought, again thanks for all the help and suggestions!

$ cat PKGBUILD 
# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
_ver="0.20.0"
_ver_sig="4003.0b2a2d2"
pkgver="${_ver}_${_ver_sig}"
pkgrel=1
pkgdesc="An actor model, capabilities, high performance programming language (bintray rpm binaries)"
arch=('x86_64')
url="https://www.ponylang.org/"
license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
provides=("ponyc=$_ver")
conflicts=('ponyc')
source_x86_64=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.x86_64.rpm")
sha256sums_x86_64=('0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf')
source=('https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE')
sha256sums=('c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a')

package() {
  cp -a "$srcdir/usr" "$pkgdir/"
  install -Dm644 "$srcdir/LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}
wink@wink-envy:~/prgs/ponylang/ponyc-rpm (master)
$ cat .SRCINFO
pkgbase = ponyc-rpm
	pkgdesc = An actor model, capabilities, high performance programming language (bintray rpm binaries)
	pkgver = 0.20.0_4003.0b2a2d2
	pkgrel = 1
	url = https://www.ponylang.org/
	arch = x86_64
	license = BSD
	depends = zlib
	depends = ncurses5-compat-libs
	provides = ponyc=0.20.0
	conflicts = ponyc
	source = https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE
	sha256sums = c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a
	source_x86_64 = https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-0.20.0-4003.0b2a2d2.x86_64.rpm
	sha256sums_x86_64 = 0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf

pkgname = ponyc-rpm

Offline

#21 2017-11-18 00:02:02

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,466

Re: PKGBUILD review request: ponyc-rpm

Pulling a single file directly from git master is generally a bad idea. Any change in the repo will break your PKGBUILD. Use a specific commit if you don't have any other options.

You're already in $srcdir when the package function starts, no need to specify that that's where the usr dir and the LICENSE file are. Doesn't hurt anything, just unnecessary.

Since you only support a single architecture, you could easily just just the source array for both instead of splitting out source_x86_64

Last edited by Scimmia (2017-11-18 00:03:26)

Offline

#22 2017-11-18 01:21:45

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

@Scimmia thanks,

Here's the diff:

$ git --no-pager diff HEAD^
diff --git a/.SRCINFO b/.SRCINFO
index 22c1ca9..e385a6e 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -9,7 +9,7 @@ pkgbase = ponyc-rpm
 	depends = ncurses5-compat-libs
 	provides = ponyc=0.20.0
 	conflicts = ponyc
-	source = https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE
+	source = https://raw.githubusercontent.com/ponylang/ponyc/0.20.0/LICENSE
 	sha256sums = c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a
 	source_x86_64 = https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-0.20.0-4003.0b2a2d2.x86_64.rpm
 	sha256sums_x86_64 = 0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf
diff --git a/PKGBUILD b/PKGBUILD
index 69ed682..e8c6c97 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -13,10 +13,10 @@ provides=("ponyc=$_ver")
 conflicts=('ponyc')
 source_x86_64=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.x86_64.rpm")
 sha256sums_x86_64=('0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf')
-source=('https://raw.githubusercontent.com/ponylang/ponyc/master/LICENSE')
+source=("https://raw.githubusercontent.com/ponylang/ponyc/${_ver}/LICENSE")
 sha256sums=('c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a')
 
 package() {
-  cp -a "$srcdir/usr" "$pkgdir/"
-  install -Dm644 "$srcdir/LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+  cp -a "usr" "$pkgdir/"
+  install -Dm644 "LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
 }

And the code:

$ cat PKGBUILD
# Maintainer: Wink Saville <wink@saville.com>
pkgname=ponyc-rpm
_ver="0.20.0"
_ver_sig="4003.0b2a2d2"
pkgver="${_ver}_${_ver_sig}"
pkgrel=1
pkgdesc="An actor model, capabilities, high performance programming language (bintray rpm binaries)"
arch=('x86_64')
url="https://www.ponylang.org/"
license=('BSD')
depends=('zlib' 'ncurses5-compat-libs')
provides=("ponyc=$_ver")
conflicts=('ponyc')
source_x86_64=("https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-${_ver}-${_ver_sig}.x86_64.rpm")
sha256sums_x86_64=('0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf')
source=("https://raw.githubusercontent.com/ponylang/ponyc/${_ver}/LICENSE")
sha256sums=('c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a')

package() {
  cp -a "usr" "$pkgdir/"
  install -Dm644 "LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}
wink@wink-envy:~/prgs/ponylang/ponyc-rpm (master)
$ cat .SRCINFO
pkgbase = ponyc-rpm
	pkgdesc = An actor model, capabilities, high performance programming language (bintray rpm binaries)
	pkgver = 0.20.0_4003.0b2a2d2
	pkgrel = 1
	url = https://www.ponylang.org/
	arch = x86_64
	license = BSD
	depends = zlib
	depends = ncurses5-compat-libs
	provides = ponyc=0.20.0
	conflicts = ponyc
	source = https://raw.githubusercontent.com/ponylang/ponyc/0.20.0/LICENSE
	sha256sums = c22151b202623f11638a8f6e3eb07c5767b941b75e7585f2e270d5b87f72758a
	source_x86_64 = https://dl.bintray.com/pony-language/ponyc-rpm/ponyc-0.20.0-4003.0b2a2d2.x86_64.rpm
	sha256sums_x86_64 = 0b7dd70759603535061a19d47d12f8059656880dcb9d00550dd833c515125fcf

pkgname = ponyc-rpm

Offline

#23 2017-11-19 00:00:54

eschwartz
Fellow
Registered: 2014-08-08
Posts: 4,097

Re: PKGBUILD review request: ponyc-rpm

winksaville wrote:

Eli,

I've pushed up the latest version with everything but using the signature verification and changing the name.
I try doing the signature next and then rename.

I appreciate your reviewing but this is harder than it should be. I think if we used github it would be
easier. If I'd used your pkgbuild would you have reviewed
it there?

Possibly, although on the other hand there is something to be said about doing it here where other Arch users are more likely to see and learn from the experience.

Note: I haven't used it yet, but how hard would it be for you to create a pkgbuilds app that wrapped
your shell scripts and pubished that as an app? I think that would be nicer if the scripts were separate
from the "pkgbuild sub-modules". I feels weird to fork your project and then use the base branch, I think
I want my "pkgbuild sub-modules" in master. Just a thought, again thanks for all the help and suggestions!

It probably wouldn't be very hard, I just never thought it was very worthwhile. I might take a look at that, though.

Your PKGBUILD looks fine now, I think.

@Scimmia,
The reason I suggested using source_x86_64 is that it is "more proper", and as a result makes it immediately obvious in the PKGBUILD syntax itself, exactly how and why it would need to be changed to support other architectures, should upstream provide other arches that is.

I view it kind of like ensuring the LICENSE file is versioned despite it being unlikely to change (and indeed if it did change it would be the kind of thing you want to know, most likely to fix the license=() array), only more so. (And I did say that it is *generally* a bad idea...)


Managing AUR repos The Right Way -- aurpublish (now a standalone tool)

Offline

#24 2017-11-19 00:57:40

winksaville
Member
Registered: 2015-09-21
Posts: 40

Re: PKGBUILD review request: ponyc-rpm

Regarding the LICENSE file, the way I'm picking it up is exactly from the release tag so it should always be in sync the release. So I think we've got a good solution.

Txs again to everyone!

Offline

Board footer

Powered by FluxBB