On 25 April 2024 18:26:40 GMT+02:00, [email protected] wrote: >MarsSeed [1] filed a deletion request for aiopmplus [2]: > >Useless, broken, badly packaged. Upstream code is dead on arrival. > >Depends on AUR/eaur from same owner, who submitted his own package for >deletion (PRQ#59562). [a] > >That latter application fails to run and crashes with the following >output: > >terminate called after throwing an instance of >'std::filesystem::__cxx11::filesystem_error' > what(): filesystem error: cannot set current path: No such file or >directory >Aborted (core dumped) > >Otherwise aiopmplus fails to do anything. Running 'pm' crashes with >core dump. >And when used with the expected arguments (e.g. 'pm snap install >spotify'), >it just fails to find the needed executable. > >Personal sandbox dummy packages don't belong on the AUR. > >[a]: >https://lists.archlinux.org/archives/list/aur- >[email protected]/thread/QE3E452NMMA36HJK24ZU2VJB73KMFMRG/ > >[1] https://aur.archlinux.org/account/MarsSeed/ >[2] https://aur.archlinux.org/pkgbase/aiopmplus/ Submitter has disowned this useless package.
I've discovered a security guidelines violation in the runtime code: instead relying on properly defined depends, if the user sets the CLI argument of package type to "flex", the main runtime code tries to download submitter's other hackish package called FlexPkg and copy it inside the system with sudo, and make it executable with sudo chmod. No one should use this dangerous and also superfluous shim CLI application.
