* Hector Martinez-Seara <[email protected]> [2014-06-05 08:56:00 +0300]: > Notice that before AUR 3 just calling "makepkg --source" was enough. Any > good reason > for this change? If there any possibility as Philip proposes that this is > done in the serve side?
I believe (though not 100% sure) this is the reason:
The old way things were done is the AUR parsing the PKGBUILD without
actually sourcing it to get version info, so you can't kill the AUR
server with mean stuff in your PKGBUILD. This breaks on a lot of
corner cases.
The new way is you sourcing the PKGBUILD locally (which *can't* be
done on the server side) and generating a machine-readable file from
the informations in the PKGBUILD.
mkaurball really just is a wrapper around makepkg --source which
generates this .AURINFO file after generating the source tarball.
Note you can (for now) still force-upload old-style packages:
error: failed to upload ...: The source package does not contain
any meta data. Please use `mkaurball` to create AUR source
packages. Support for source packages without .AURINFO entries
will be removed in an upcoming release! You can resubmit the
package if you want to proceed anyway.
But I agree, adjusting the permissions probably should (and AFAIK
could be done safely) on the server side.
Florian
--
http://www.the-compiler.org | [email protected] (Mail/XMPP)
GPG 0xFD55A072 | http://the-compiler.org/pubkey.asc
I love long mails! | http://email.is-not-s.ms/
pgp9wWK2OZQ1b.pgp
Description: PGP signature
