harden aur_pre_build

[lilydjwg]

问题类型 / Type of issues

• 其它 / other

受影响的软件包 / Affected packages

• [ ] freeradius-client ()
• [x] fsharp () #2326
• [ ] libpcl ()
• [X] flipclock (@AlynxZhou)
• [X] gnome-shell-extension-fixed-ime-list (@AlynxZhou)
• [X] gnome-shell-extension-simple-net-speed (@AlynxZhou)
• [X] gnome-shell-extension-sound-output-device-chooser (@AlynxZhou)
• [X] gnome-terminal-middle-click-close-tab (@AlynxZhou)
• [X] hikarujs (@AlynxZhou)
• [X] openrgb (@AlynxZhou)
• [X] showmethekey (@AlynxZhou)
• [ ] besttrace (@attenuation)
• [ ] gdb-multiarch (@attenuation)
• [x] flite1 (@a-wing) #2254
• [x] gebaar (@a-wing)
• [x] gnome-shell-extension-dash-to-dock (@a-wing)
• [x] hmcl (@a-wing)
• [x] hunter (@a-wing)
• [x] libsixel (@a-wing)
• [x] mellowplayer (@a-wing)
• [x] rebar3 (@a-wing)
• [x] ruby-arel (@a-wing) #2256
• [x] ruby-bundler1 (@a-wing) #2255
• [x] ruby-coderay (@a-wing)
• [x] cockroachdb-bin (@axionl)
• [x] ffsend-bin (@axionl)
• [x] gitkraken (@axionl)
• [x] kubectl-bin (@axionl)
• [x] netease-musicbox (@axionl)
• [x] pkghist (@axionl)
• [x] python-isounidecode (@axionl)
• [x] python-pylyrics (@axionl)
• [x] python-pysdl2 (@axionl)
• [x] qownnotes (@axionl)
• [x] teleport-bin (@axionl)
• [x] trizen (@axionl)
• [x] wasmer (@axionl)
• [ ] alert-after (@bennyyip)
• [ ] flow-pomodoro (@bennyyip)
• [ ] i3status-rust-git (@bennyyip)
• [ ] ghcup-hs-bin (@berberman)
• [x] acestream-engine (@BruceZhang1993)
• [x] authy (@BruceZhang1993)
• [x] cocomusic (@BruceZhang1993)
• [x] crow-translate (@BruceZhang1993)
• [x] desktop-naotu (@BruceZhang1993)
• [x] electron4-bin (@BruceZhang1993)
• [x] electron8-bin (@BruceZhang1993)
• [x] protontricks (@BruceZhang1993)
• [x] python-m3u8 (@BruceZhang1993)
• [x] python-vdf (@BruceZhang1993)
• [x] systemd-kcm (@BruceZhang1993)
• [x] android-studio (@cuihaoleo)
• [x] birdtray (@cuihaoleo)
• [x] slack-desktop (@cuihaoleo)
• [x] tinc-pre (@cuihaoleo)
• [x] yubico-piv-tool (@cuihaoleo)
• [x] adobe-source-han-mono-fonts (@dctxmei)
• [x] ariang-allinone (@dctxmei)
• [x] betterlockscreen (@dctxmei)
• [x] bibata-cursor-theme (@dctxmei)
• [x] bigtime (@dctxmei)
• [x] browsh (@dctxmei)
• [x] bsnes (@dctxmei)
• [x] cava (@dctxmei)
• [x] chromedriver (@dctxmei)
• [x] cppo (@dctxmei)
• [x] cpu-x (@dctxmei)
• [x] create_ap (@dctxmei)
• [x] discord-canary (@dctxmei)
• [x] dust (@dctxmei)
• [x] elementary-planner (@dctxmei)
• [ ] feather-fonts (@dctxmei)
• [x] firefox-esr (@dctxmei)
• [x] flat-remix (@dctxmei)
• [x] flat-remix-gnome (@dctxmei)
• [x] flat-remix-gtk (@dctxmei)
• [x] freeplane (@dctxmei)
• [x] getmail6 (@dctxmei)
• [x] gnome-shell-pomodoro (@dctxmei)
• [x] gron (@dctxmei)
• [x] hath (@dctxmei)
• [x] highway (@dctxmei)
• [x] htpdate (@dctxmei)
• [x] ibus-libzhuyin (@dctxmei)
• [x] icecat (@dctxmei)
• [x] jellyfin (@dctxmei)
• [x] jql (@dctxmei)
• [x] keeweb (@dctxmei)
• [x] kodi-standalone-service (@dctxmei)
• [x] lazydocker (@dctxmei)
• [x] lf (@dctxmei)
• [x] libcpuid (@dctxmei)
• [x] libfixposix (@dctxmei)
• [x] libjpeg-xl (@dctxmei)
• [x] lightdm-slick-greeter (@dctxmei)
• [x] linux-wifi-hotspot (@dctxmei)
• [x] mailspring (@dctxmei)
• [x] mailsync (@dctxmei)
• [x] music-dl (@dctxmei)
• [x] neovim-remote (@dctxmei)
• [x] nushell (@dctxmei)
• [x] nyxt (@dctxmei)
• [x] ocaml-biniou (@dctxmei)
• [x] ocaml-compiler-libs-repackaged (@dctxmei)
• [x] ocaml-easy-format (@dctxmei)
• [x] ocaml-menhir (@dctxmei)
• [x] ocaml-migrate-parsetree2 (@dctxmei)
• [x] ocaml-octavius (@dctxmei)
• [x] ocaml-ppx_derivers (@dctxmei)
• [x] ocaml-seq (@dctxmei)
• [x] ocaml-sexplib0 (@dctxmei)
• [x] ocaml-stdlib-shims (@dctxmei)
• [x] oomox (@dctxmei)
• [x] perl-file-rename (@dctxmei)
• [x] polybar (@dctxmei)
• [x] python-clickgen (@dctxmei)
• [x] python-pyephem (@dctxmei)
• [x] python-requests-futures (@dctxmei)
• [x] qv2ray-plugin-command (@dctxmei)
• [x] qv2ray-plugin-trojan (@dctxmei)
• [ ] r8125 (@dctxmei)
• [x] resvg (@dctxmei)
• [x] rime-cloverpinyin (@dctxmei)
• [x] rime-symbols (@dctxmei)
• [ ] rofi-themes (@dctxmei)
• [x] ruffle-git (@dctxmei)
• [x] rxvt-unicode-better-wheel-scrolling (@dctxmei)
• [x] spotify-tui (@dctxmei)
• [x] surface-control (@dctxmei)
• [x] ttf-comfortaa (@dctxmei)
• [x] ungoogled-chromium (@dctxmei)
• [x] vimix-cursors (@dctxmei)
• [x] vimix-gtk-themes (@dctxmei)
• [x] vimix-gtk-themes-git (@dctxmei)
• [x] vimix-icon-theme (@dctxmei)
• [x] vim-youcompleteme-git (@dctxmei)
• [x] virtualbox-ext-oracle (@dctxmei)
• [x] vmessping (@dctxmei)
• [x] bluez-utils-compat (@DDoSolitary)
• [x] clash-premium-bin (@DDoSolitary)
• [x] cloudflared (@DDoSolitary)
• [x] deoplete-git (@DDoSolitary)
• [x] dislocker-noruby (@DDoSolitary)
• [x] firefox-beta-bin (@DDoSolitary)
• [x] google-chrome-beta (@DDoSolitary)
• [x] hpfall-git (@DDoSolitary)
• [x] jbig2enc-git (@DDoSolitary)
• [x] jdk11-graalvm-bin (@DDoSolitary)
• [x] kernel-modules-hook (@DDoSolitary)
• [x] lib32-a52dec (@DDoSolitary)
• [x] lib32-aom (@DDoSolitary)
• [x] lib32-bluez-libs (@DDoSolitary)
• [x] lib32-chromaprint (@DDoSolitary)
• [x] lib32-dav1d (@DDoSolitary)
• [x] lib32-faac (@DDoSolitary)
• [x] lib32-faad2 (@DDoSolitary)
• [x] lib32-ffmpeg (@DDoSolitary)
• [x] lib32-fftw (@DDoSolitary)
• [x] lib32-glslang (@DDoSolitary)
• [x] lib32-gsm (@DDoSolitary)
• [x] lib32-gssdp (@DDoSolitary)
• [x] lib32-gst-plugins-bad (@DDoSolitary)
• [x] lib32-gst-plugins-ugly (@DDoSolitary)
• [x] lib32-gupnp (@DDoSolitary)
• [x] lib32-gupnp-igd (@DDoSolitary)
• [x] lib32-imath (@DDoSolitary)
• [x] lib32-jbigkit (@DDoSolitary)
• [x] lib32-lame (@DDoSolitary)
• [x] lib32-libass (@DDoSolitary)
• [x] lib32-libbluray (@DDoSolitary)
• [x] lib32-libbs2b (@DDoSolitary)
• [x] lib32-libcdio (@DDoSolitary)
• [x] lib32-libcue (@DDoSolitary)
• [x] lib32-libdc1394 (@DDoSolitary)
• [x] lib32-libdca (@DDoSolitary)
• [x] lib32-libde265 (@DDoSolitary)
• [x] lib32-libdvdcss (@DDoSolitary)
• [x] lib32-libdvdnav (@DDoSolitary)
• [x] lib32-libdvdread (@DDoSolitary)
• [x] lib32-libexif (@DDoSolitary)
• [x] lib32-libfdk-aac (@DDoSolitary)
• [x] lib32-libgme (@DDoSolitary)
• [x] lib32-libkate (@DDoSolitary)
• [x] lib32-liblrdf (@DDoSolitary)
• [x] lib32-libmms (@DDoSolitary)
• [x] lib32-libmpcdec (@DDoSolitary)
• [x] lib32-libmpeg2 (@DDoSolitary)
• [x] lib32-libnice (@DDoSolitary)
• [x] lib32-libofa (@DDoSolitary)
• [x] lib32-libreplaygain (@DDoSolitary)
• [x] lib32-libsidplay (@DDoSolitary)
• [x] lib32-libsrtp (@DDoSolitary)
• [x] lib32-libtiger (@DDoSolitary)
• [x] lib32-lilv (@DDoSolitary)
• [x] lib32-l-smash (@DDoSolitary)
• [x] lib32-lv2 (@DDoSolitary)
• [x] lib32-mjpegtools (@DDoSolitary)
• [x] lib32-neon (@DDoSolitary)
• [x] lib32-numactl (@DDoSolitary)
• [x] lib32-nvidia-utils-beta (@DDoSolitary)
• [x] lib32-opencore-amr (@DDoSolitary)
• [x] lib32-openexr (@DDoSolitary)
• [x] lib32-openjpeg2 (@DDoSolitary)
• [x] lib32-raptor (@DDoSolitary)
• [x] lib32-rtmpdump (@DDoSolitary)
• [x] lib32-sbc (@DDoSolitary)
• [x] lib32-serd (@DDoSolitary)
• [x] lib32-shaderc (@DDoSolitary)
• [x] lib32-sord (@DDoSolitary)
• [x] lib32-spandsp (@DDoSolitary)
• [x] lib32-spirv-tools (@DDoSolitary)
• [x] lib32-sratom (@DDoSolitary)
• [x] lib32-srt (@DDoSolitary)
• [x] lib32-vmaf (@DDoSolitary)
• [x] lib32-webrtc-audio-processing (@DDoSolitary)
• [x] lib32-wildmidi (@DDoSolitary)
• [x] lib32-x264 (@DDoSolitary)
• [x] lib32-x265 (@DDoSolitary)
• [x] lib32-xvidcore (@DDoSolitary)
• [x] lib32-zbar (@DDoSolitary)
• [x] lib32-zvbi (@DDoSolitary)
• [x] libnvidia-container (@DDoSolitary)
• [x] libtins (@DDoSolitary)
• [x] libva-vdpau-driver-vp9-git (@DDoSolitary)
• [x] logisim (@DDoSolitary)
• [x] mars-mips (@DDoSolitary)
• [x] mkinitcpio-numlock (@DDoSolitary)
• [x] native-image-jdk11-bin (@DDoSolitary)
• [x] nginx-mod-fancyindex (@DDoSolitary)
• [x] ntfs3-dkms (@DDoSolitary)
• [x] nvidia-beta-dkms (@DDoSolitary)
• [x] nvidia-container-toolkit (@DDoSolitary)
• [x] nvidia-utils-beta (@DDoSolitary)
• [x] ocrmypdf (@DDoSolitary)
• [x] optimus-manager (@DDoSolitary)
• [x] plymouth-theme-arch-breeze-git (@DDoSolitary)
• [x] plymouth-theme-arch-charge-big (@DDoSolitary)
• [x] plymouth-theme-arch-charge (@DDoSolitary)
• [x] plymouth-theme-arch-charge-gdm (@DDoSolitary)
• [x] plymouth-theme-arch-glow (@DDoSolitary)
• [x] plymouth-theme-arch-logo (@DDoSolitary)
• [x] plymouth-theme-arch-logo-gnomish (@DDoSolitary)
• [x] plymouth-theme-arch-logo-new (@DDoSolitary)
• [x] plymouth-theme-arch-solarized-git (@DDoSolitary)
• [x] plymouth-theme-dark-arch (@DDoSolitary)
• [x] plymouth-theme-gdm-arch (@DDoSolitary)
• [x] plymouth-theme-minimal-dark-git (@DDoSolitary)
• [x] plymouth-theme-monoarch (@DDoSolitary)
• [x] preloader-signed (@DDoSolitary)
• [x] protondb-tags (@DDoSolitary)
• [x] python-coloredlogs (@DDoSolitary)
• [x] python-humanfriendly (@DDoSolitary)
• [x] ruby-connection_pool (@DDoSolitary)
• [x] ruby-highline (@DDoSolitary)
• [x] ruby-json_pure (@DDoSolitary)
• [x] shim-signed (@DDoSolitary)
• [x] systemd-numlockontty (@DDoSolitary)
• [x] thunderbird-beta-bin (@DDoSolitary)
• [x] uvesafb-dkms (@DDoSolitary)
• [x] vdhcoapp (@DDoSolitary)
• [x] vim-airline-git (@DDoSolitary)
• [x] vim-airline-themes-git (@DDoSolitary)
• [x] vim-commentary-git (@DDoSolitary)
• [x] vim-fugitive-git (@DDoSolitary)
• [x] vim-gitgutter-git (@DDoSolitary)
• [x] vim-polyglot-git (@DDoSolitary)
• [x] waifu2x-converter-cpp-cuda-git (@DDoSolitary)
• [x] waifu2x-converter-cpp-git (@DDoSolitary)
• [x] daemonize (@DuckSoft)
• [x] dolphin-duckspace (@DuckSoft)
• [x] telegram-tdlib (@DuckSoft)
• [x] trojan-r-git (@DuckSoft)
• [x] ventoy-bin (@DuckSoft)
• [x] ca-certificates-vsign-universal-root (@DuckSoft @rayfalling)
• [x] libspotify (@edward-p)
• [x] log4c (@edward-p)
• [x] plasma5-applets-window-appmenu (@edward-p)
• [x] plasma5-applets-window-title (@edward-p)
• [x] python-casttube (@edward-p)
• [x] python-gmusicapi (@edward-p)
• [x] python-gpsoauth (@edward-p)
• [x] python-mechanicalsoup (@edward-p)
• [x] python-plexapi (@edward-p)
• [x] python-proboscis (@edward-p)
• [x] python-pychromecast (@edward-p)
• [x] python-soundcloud-git (@edward-p)
• [x] python-spotipy (@edward-p)
• [x] python-validictory (@edward-p)
• [x] aha-git (@farseerfc)
• [ ] alsi (@farseerfc)
• [x] apache-lucene (@farseerfc)
• [x] archey-git (@farseerfc)
• [x] archlinux-java-run (@farseerfc)
• [x] aurutils (@farseerfc)
• [x] breeze-plymouth (@farseerfc)
• [x] btrbk (@farseerfc)
• [x] cdate (@farseerfc)
• [x] cdecl (@farseerfc)
• [x] chez-scheme (@farseerfc)
• [x] chrome-remote-desktop (@farseerfc)
• [ ] cndrvcups-common-lb (@farseerfc)
• [ ] cndrvcups-lb (@farseerfc)
• [ ] cnijfilter2-mg3600 (@farseerfc)
• [ ] conoha-iso-git (@farseerfc)
• [ ] depot-tools-git (@farseerfc)
• [ ] eaglemode (@farseerfc)
• [ ] figlet-fonts (@farseerfc)
• [x] firefox-appmenu (@farseerfc)
• [x] firefox-kde-opensuse (@farseerfc)
• [ ] flashbench-git (@farseerfc)
• [ ] font-symbola (@farseerfc)
• [ ] freshplayerplugin (@farseerfc)
• [ ] ghostpdl (@farseerfc)
• [ ] glmark2 (@farseerfc)
• [ ] graphite-mozilla (@farseerfc)
• [ ] gtk3-classic (@farseerfc)
• [ ] ipad_charge (@farseerfc)
• [ ] jave (@farseerfc)
• [ ] jdk (@farseerfc)
• [ ] jfbview (@farseerfc)
• [ ] jlatexmath-fop (@farseerfc)
• [ ] kdeconnect-git (@farseerfc)
• [ ] kpeople-vcard-git (@farseerfc)
• [ ] libiconv (@farseerfc)
• [ ] libsolv (@farseerfc)
• [ ] libstdc++-doc (@farseerfc)
• [ ] marktext-git (@farseerfc)
• [ ] masterpdfeditor (@farseerfc)
• [ ] mbuffer (@farseerfc)
• [ ] moeditor-bin (@farseerfc)
• [x] monodevelop-stable (@farseerfc) #2326
• [ ] ncurses5-compat-libs (@farseerfc)
• [ ] obs-xdg-portal-git (@farseerfc)
• [ ] pacman-static (@farseerfc)
• [ ] pavumeter (@farseerfc)
• [ ] pkgtools (@farseerfc)
• [ ] pm2ml (@farseerfc)
• [ ] powerpill (@farseerfc)
• [ ] pygtk (@farseerfc)
• [ ] pystopwatch (@farseerfc)
• [ ] python3-aur (@farseerfc)
• [ ] python3-memoizedb (@farseerfc)
• [ ] python3-xcgf (@farseerfc)
• [ ] python3-xcpf (@farseerfc)
• [ ] qxmpp (@farseerfc)
• [ ] rar (@farseerfc)
• [ ] ripgrep-all (@farseerfc)
• [ ] rua (@farseerfc)
• [ ] simplenote-electron-bin (@farseerfc)
• [ ] stack-static (@farseerfc)
• [ ] systemd-report-entropy (@farseerfc)
• [ ] systemd-shutdown-diagnose (@farseerfc)
• [ ] texlive-dummy (@farseerfc)
• [ ] thunderbird-appmenu (@farseerfc)
• [x] timeshift (@farseerfc)
• [ ] toilet (@farseerfc)
• [ ] ttf-itxe-writing (@farseerfc)
• [ ] tusk (@farseerfc)
• [x] typora (@farseerfc)
• [ ] uefitool-git (@farseerfc)
• [ ] visual-studio-code-bin (@farseerfc)
• [ ] vitetris (@farseerfc)
• [ ] vmware-horizon-client (@farseerfc)
• [ ] vtop (@farseerfc)
• [ ] xrestop (@farseerfc)
• [ ] zchunk (@farseerfc)
• [ ] android-apktool (@felixonmars)
• [ ] aurvote (@felixonmars)
• [ ] binfmt-qemu-static (@felixonmars)
• [ ] chnroutes2-git (@felixonmars)
• [ ] chnroutes-alike-git (@felixonmars)
• [ ] dnsmasq-china-list-git (@felixonmars)
• [ ] downgrade (@felixonmars)
• [ ] fcitx5-pinyin-zhwiki (@felixonmars)
• [ ] glib2-static (@felixonmars)
• [ ] glibc-linux4 (@felixonmars)
• [ ] lib32-tk (@felixonmars)
• [ ] linux-lts414 (@felixonmars)
• [ ] linux-lts44 (@felixonmars)
• [ ] linux-lts49 (@felixonmars)
• [ ] nodejs-jshint (@felixonmars)
• [ ] pakku (@felixonmars)
• [ ] pcre-static (@felixonmars)
• [ ] pypinyin (@felixonmars)
• [ ] qemu-user-static (@felixonmars)
• [ ] arch-hs-git (@felixonmars @berberman)
• [x] package-query (@felixonmars @DDoSolitary)
• [x] adguardhome (@frantic1048)
• [x] code-transparent (@frantic1048)
• [x] elvish (@frantic1048)
• [x] flacon (@frantic1048)
• [x] font-victor-mono (@frantic1048)
• [x] gitter (@frantic1048)
• [x] kreogist-mu (@frantic1048)
• [x] nvm (@frantic1048)
• [x] pencil (@frantic1048)
• [x] plex-hama-bundle-git (@frantic1048)
• [x] plex-media-server (@frantic1048)
• [x] scrcpy (@frantic1048)
• [x] ttf-merriweather (@frantic1048)
• [x] ttf-merriweather-sans (@frantic1048)
• [x] ttf-oswald (@frantic1048)
• [x] ttf-quintessential (@frantic1048)
• [x] ttf-signika (@frantic1048)
• [ ] fcitx5-pinyin-zhwiki-rime (@h0cheung @farseerfc)
• [x] nordic-theme (@hamkido)
• [x] anbox-image (@heavysink)
• [x] blockify (@heavysink)
• [x] brave-bin (@heavysink)
• [x] cemu (@heavysink)
• [x] clipit (@heavysink)
• [x] conan (@heavysink)
• [x] cwiid (@heavysink) #2264
• [x] dbus-cpp (@heavysink) #2267
• [x] deadbeef-mpris2-plugin (@heavysink)
• [x] dotnet-core-bin (@heavysink) #2266
• [x] eclipse-antlr-runtime (@heavysink) #2268
• [x] eclipse-dltk-core (@heavysink) #2268
• [x] eclipse-dltk-python (@heavysink) #2268
• [x] eclipse-emf (@heavysink)
• [x] eclipse-platform (@heavysink)
• [x] fstrcmp (@heavysink)
• [x] fs-uae-arcade-devel (@heavysink) #2269
• [x] fs-uae-devel (@heavysink) #2269
• [x] fs-uae-launcher-devel (@heavysink) #2269
• [x] genymotion (@heavysink)
• [x] github-desktop-bin (@heavysink)
• [x] google-chrome-dev (@heavysink)
• [x] icu60 (@heavysink)
• [x] jdownloader2 (@heavysink)
• [x] kega-fusion (@heavysink)
• [x] lastpass (@heavysink)
• [x] lib32-libmng (@heavysink)
• [x] lib32-muparser (@heavysink)
• [x] lib32-ncurses5-compat-libs (@heavysink)
• [x] lib32-qt4 (@heavysink)
• [x] lib32-sdl_sound (@heavysink)
• [x] lib32-wxgtk3 (@heavysink)
• [x] libart-lgpl (@heavysink)
• [x] libblocksruntime (@heavysink)
• [x] libdispatch (@heavysink)
• [x] libpthread-stubs (@heavysink)
• [x] libuvc (@heavysink)
• [x] llvm40 (@heavysink)
• [x] mysql (@heavysink)
• [x] nintendo-udev (@heavysink)
• [x] palemoon (@heavysink)
• [x] pamac-aur (@heavysink)
• [x] pcem (@heavysink)
• [x] phonon-qt4 (@heavysink)
• [x] process-cpp (@heavysink) #2267
• [x] properties-cpp (@heavysink)
• [x] pyqt4 (@heavysink)
• [x] python-node-semver (@heavysink)
• [x] python-patch-ng (@heavysink)
• [x] python-pluginbase (@heavysink)
• [x] python-sip-pyqt4 (@heavysink)
• [x] qemu-git (@heavysink)
• [x] qt4 (@heavysink)
• [x] rambox-bin (@heavysink)
• [x] skypeforlinux-preview-bin (@heavysink)
• [x] skypeforlinux-stable-bin (@heavysink)
• [x] soci (@heavysink)
• [x] tintin (@heavysink)
• [x] tome4 (@heavysink)
• [x] ttf-mplus (@heavysink)
• [x] webcamoid (@heavysink)
• [x] xnp2 (@heavysink)
• [x] yay (@heavysink)
• [x] 3dmeshmetric-bin (@hubutui)
• [x] camlpdf (@hubutui)
• [x] cpdf (@hubutui)
• [x] mafft (@hubutui)
• [x] pspp (@hubutui)
• [x] python-atari-py (@hubutui)
• [x] python-colorful (@hubutui)
• [x] python-cupy (@hubutui)
• [x] python-dm-tree (@hubutui)
• [x] python-google (@hubutui)
• [x] python-opencensus (@hubutui)
• [x] qupath-bin (@hubutui)
• [x] spread-sheet-widget (@hubutui)
• [x] tikzit (@hubutui)
• [x] x11docker (@hubutui)
• [X] mirror (@ideal)
• [x] gowitness (@imlonghao)
• [x] lazynpm (@imlonghao)
• [x] nali-cli (@imlonghao)
• [x] trivy (@imlonghao)
• [x] pacroller-git (@isjerryxiao)
• [x] pacroller (@isjerryxiao)
• [x] needrestart-git (@isjerryxiao @dctxmei)
• [ ] needrestart (@isjerryxiao @dctxmei)
• [x] deepin-anything-git (@justforlxz)
• [x] deepin-api-git (@justforlxz)
• [x] deepin-control-center-git (@justforlxz)
• [x] deepin-daemon-git (@justforlxz)
• [x] deepin-desktop-base-git (@justforlxz)
• [x] deepin-desktop-schemas-git (@justforlxz)
• [x] deepin-dock-git (@justforlxz)
• [x] deepin-file-manager-git (@justforlxz)
• [x] deepin-gettext-tools-git (@justforlxz)
• [x] deepin-launcher-git (@justforlxz)
• [x] deepin-network-utils-git (@justforlxz)
• [x] deepin-polkit-agent-ext-gnomekeyring-git (@justforlxz)
• [x] deepin-polkit-agent-git (@justforlxz)
• [x] deepin-pw-check-git (@justforlxz)
• [x] deepin-qt5integration-git (@justforlxz)
• [x] deepin-qt5platform-plugins-git (@justforlxz)
• [x] deepin-qt-dbus-factory-git (@justforlxz)
• [x] deepin-session-shell-git (@justforlxz)
• [x] deepin-session-ui-git (@justforlxz)
• [x] disomaster-git (@justforlxz)
• [x] dtkcommon-git (@justforlxz)
• [x] dtkcore-git (@justforlxz)
• [x] dtkgui-git (@justforlxz)
• [x] dtkwidget-git (@justforlxz)
• [x] golang-deepin-gir-git (@justforlxz)
• [x] golang-deepin-lib-git (@justforlxz)
• [x] golang-github-linuxdeepin-go-dbus-factory-git (@justforlxz)
• [x] golang-github-linuxdeepin-go-x11-client-git (@justforlxz)
• [x] startdde-git (@justforlxz)
• [x] aria2-fast (@kaseiwang)
• [x] armadillo (@kaseiwang)
• [x] envoyproxy (@kaseiwang)
• [x] nginx-mainline-boringssl (@kaseiwang)
• [x] rslsync (@kaseiwang)
• [x] i2p (@KenOokamiHoro)
• [x] java-service-wrapper (@KenOokamiHoro)
• [x] obfs4proxy (@KenOokamiHoro)
• [ ] parsoid-git (@KenOokamiHoro)
• [ ] restbase-git (@KenOokamiHoro)
• [x] breeze-blurred-git (@MarvelousBlack)(#2242)
• [x] etherwake (@MarvelousBlack)(#2278)
• [x] google-chrome (@MarvelousBlack)
• [x] i3-gaps-next-git (@MarvelousBlack)
• [x] pacmixer (@MarvelousBlack)(#2229)
• [x] pikaur (@MarvelousBlack)
• [x] wine-osu (@MarvelousBlack)
• [x] libeb (@masakichi)
• [x] litecli (@masakichi)
• [x] mecab-ipadic (@masakichi)
• [x] ttf-migu (@masakichi)
• [x] lean-community (@megrxu @dctxmei)
• [x] python-mathlibtools (@megrxu @dctxmei)
• [ ] amarok (@oldherl)
• [ ] archlinux-artwork (@oldherl)
• [ ] ds9 (@oldherl)
• [ ] exaile (@oldherl)
• [ ] google-earth-pro (@oldherl)
• [ ] jcloisterzone (@oldherl)
• [ ] minify (@oldherl)
• [ ] onedrive-abraunegg (@oldherl)
• [ ] pcf2bdf-git (@oldherl)
• [ ] python-astropy-helpers (@oldherl)
• [ ] python-astropy (@oldherl)
• [ ] python-pyerfa (@oldherl)
• [ ] taglib-extras (@oldherl)
• [ ] tango-icon-theme-extras (@oldherl)
• [ ] tango-icon-theme (@oldherl)
• [ ] tio (@oldherl)
• [x] bilibili-live-helper-bin (@OriginCode)
• [x] ciel (@OriginCode)
• [x] dino-git (@OriginCode)
• [x] fsearch-git (@OriginCode)
• [x] inxi (@OriginCode)
• [x] isoimagewriter (@OriginCode)
• [x] linux-froidzen (@OriginCode)
• [x] linuxqq (@OriginCode)
• [x] snapper-gui-git (@OriginCode)
• [x] stepmania (@OriginCode)
• [x] systemd-boot-pacman-hook (@OriginCode)
• [x] zorin-desktop-themes-git (@OriginCode)
• [x] zorin-desktop-themes (@OriginCode)
• [x] dxvk-bin (@PeterCxy)
• [x] evdev-right-click-emulation (@PeterCxy)
• [x] gnome-shell-extension-gsconnect (@PeterCxy)
• [x] hyper (@PeterCxy)
• [x] kwin-lowlatency (@PeterCxy)
• [x] mozc (@PeterCxy)
• [x] python-misaka (@PeterCxy)
• [x] tornado_systemd (@PeterCxy)
• [ ] bomi-git (@petronny)
• [ ] bypy-git (@petronny)
• [ ] cataclysm-dda-ncurses (@petronny)
• [ ] eclipse-vrapper (@petronny)
• [ ] gn-git (@petronny)
• [ ] gnome-shell-extension-topicons-plus-git (@petronny)
• [ ] gnome-shell-extension-volume-mixer-git (@petronny)
• [ ] hpoj (@petronny)
• [ ] js-beautify (@petronny)
• [ ] kmozillahelper (@petronny)
• [ ] libnatspec (@petronny)
• [ ] megatools (@petronny)
• [ ] minecraft-launcher (@petronny)
• [ ] minecraft-server (@petronny)
• [ ] mpd-notification-git (@petronny)
• [ ] onedrive-git (@petronny)
• [ ] openh264 (@petronny)
• [ ] opsu (@petronny)
• [ ] p7zip-natspec (@petronny)
• [ ] pinyin-completion (@petronny)
• [ ] proftpd (@petronny)
• [ ] python-multiprocess (@petronny)
• [ ] qt-installer-framework (@petronny)
• [ ] rssdrop (@petronny)
• [ ] spigot (@petronny)
• [ ] ttf-wps-fonts (@petronny)
• [ ] unzip-natspec (@petronny)
• [ ] vim-fcitx (@petronny)
• [ ] vim-pathogen (@petronny)
• [ ] vim-tern (@petronny)
• [ ] webstorm (@petronny)
• [ ] wxmedit (@petronny)
• [ ] xscreensaver-arch-logo (@petronny)
• [ ] zotero (@petronny)
• [ ] ats2-contrib (@poscat0x04)
• [ ] ats2-postiats (@poscat0x04)
• [ ] nodejs-spago (@poscat0x04)
• [ ] prezto-git (@poscat0x04)
• [ ] purescript (@poscat0x04)
• [ ] v2ray-rules-git (@poscat0x04)
• [ ] visual-studio-code-insiders-bin (@poscat0x04)
• [ ] multimc5 (@Rasphino)
• [ ] pacman-pstatus (@renyuneyun)
• [x] cling (@Sasasu)
• [ ] cqlsh (@Sasasu)
• [x] criu (@Sasasu)
• [x] kjieba (@Sasasu)
• [ ] mergerfs (@Sasasu)
• [x] mycli (@Sasasu)
• [x] packetsender (@Sasasu)
• [x] pgcli (@Sasasu)
• [ ] python2-cassandra-driver-git (@Sasasu)
• [x] python-pgspecial (@Sasasu)
• [ ] python-pipsi (@Sasasu)
• [x] qbittorrent-enhanced-git (@Sasasu)
• [x] svp (@Sasasu)
• [x] bear (@SilverRainZ) https://github.com/archlinuxcn/repo/issues/2633
• [x] ddnet (@SilverRainZ)
• [x] etcd (@SilverRainZ) https://github.com/archlinuxcn/repo/issues/2665
• [x] fcitx-skin-material (@SilverRainZ)
• [x] fluent-reader (@SilverRainZ)
• [x] fontweak (@SilverRainZ)
• [x] gdm-plymouth (@SilverRainZ)
• [x] git-extras (@SilverRainZ)
• [x] graphene-git (@SilverRainZ)
• [x] jekyll (@SilverRainZ) Orphaned by #2207
• [x] libinput-gestures (@SilverRainZ)
• [x] lice-git (@SilverRainZ)
• [x] mentohust (@SilverRainZ)
• [x] nord-tilix (@SilverRainZ)
• [x] noto-fonts-emoji-blob (@SilverRainZ)
• [x] nutstore (@SilverRainZ)
• [x] plymouth (@SilverRainZ)
• [x] pnglite (@SilverRainZ)
• [x] pnmixer-gtk3 (@SilverRainZ)
• [x] postman-bin (@SilverRainZ)
• [x] pyenv-virtualenv (@SilverRainZ)
• [x] rocketchat-desktop (@SilverRainZ)
• [x] ruby-benchmark-ips (@SilverRainZ) Orphaned by #2207
• [x] ruby-benchmark_suite (@SilverRainZ) Orphaned by #2207
• [x] ruby-em-websocket (@SilverRainZ) Orphaned by #2207
• [x] ruby-http_parser.rb (@SilverRainZ) Orphaned by #2207
• [x] ruby-jekyll-paginate (@SilverRainZ) Orphaned by #2207
• [x] ruby-jekyll-watch (@SilverRainZ) Orphaned by #2207
• [x] ruby-kramdown-parser-gfm (@SilverRainZ) Orphaned by #2207
• [x] ruby-liquid (@SilverRainZ) Orphaned by #2207
• [x] ruby-listen (@SilverRainZ) Orphaned by #2207
• [x] ruby-ruby_dep (@SilverRainZ) Orphaned by #2207
• [x] ruby-terminal-table (@SilverRainZ) Orphaned by #2207
• [x] ruby-yajl-ruby (@SilverRainZ) Orphaned by #2207
• [x] stockfish (@SilverRainZ)
• [x] tor-browser (@SilverRainZ)
• [x] trayer-srg (@SilverRainZ)
• [x] vim-plug-git (@SilverRainZ)
• [x] vim-plug (@SilverRainZ)
• [x] wrk (@SilverRainZ)
• [x] xflux (@SilverRainZ)
• [ ] deepin-fonts-wine (@Skywol)
• [ ] deepin-udis86 (@Skywol)
• [ ] deepin-wine32-preloader (@Skywol)
• [ ] deepin-wine32 (@Skywol)
• [ ] deepin-wine32-tools (@Skywol)
• [ ] deepin-wine-binfmt (@Skywol)
• [ ] deepin-wine-helper (@Skywol)
• [ ] deepin-wine-plugin (@Skywol)
• [ ] deepin-wine-plugin-virtual (@Skywol)
• [ ] deepin-wine-uninstaller (@Skywol)
• [ ] lib32-freetype2-infinality-ultimate (@Skywol)
• [x] emacs-evil (@swordfeng)
• [x] emacs-undo-tree (@swordfeng)
• [x] gnome-shell-extension-appindicator-git (@swordfeng)
• [x] gnome-shell-extension-dash-to-dock-git (@swordfeng)
• [x] gnome-shell-extension-dash-to-panel-git (@swordfeng)
• [x] google-drive-ocamlfuse (@swordfeng)
• [x] libreoffice-extension-languagetool (@swordfeng)
• [x] poi (@swordfeng)
• [x] zpaq (@swordfeng)
• [ ] python-imageio (@Universebenzene)
• [ ] python-pywavelets (@Universebenzene)
• [ ] cloog (@VOID001)
• [ ] gnome-mime-data (@VOID001)
• [ ] goocanvas1 (@VOID001)
• [ ] isl (@VOID001)
• [ ] libbonobo (@VOID001)
• [ ] mingw-w64-gcc-base (@VOID001)
• [ ] mingw-w64-headers-bootstrap (@VOID001)
• [ ] orbit2 (@VOID001)
• [ ] osl (@VOID001)
• [ ] perl-cpanel-json-xs (@VOID001)
• [ ] perl-gnome2-wnck (@VOID001)
• [ ] perl-goo-canvas (@VOID001)
• [ ] perl-gtk2-imageview (@VOID001)
• [ ] perl-gtk2-unique (@VOID001)
• [ ] perl-json-maybexs (@VOID001)
• [x] alacritty-ligatures-git (@wfxr)
• [x] apache-tools (@wfxr)
• [x] awesome-git (@wfxr)
• [x] bfg (@wfxr)
• [x] compton-tryone-git (@wfxr)
• [x] dive (@wfxr)
• [x] dog-dns-git (@wfxr)
• [x] duf (@wfxr)
• [x] edex-ui-git (@wfxr)
• [x] eva-git (@wfxr)
• [x] feroxbuster-git (@wfxr)
• [x] neovide-git (@wfxr)
• [x] sddm-sugar-dark (@wfxr)
• [x] sddm-sugar-light (@wfxr)
• [x] termshark-git (@wfxr)
• [x] xcolor (@wfxr)
• [x] anaconda (@xgdgsc)
• [x] cppreference-qt (@xgdgsc)
• [x] electronic-wechat (@xgdgsc)
• [x] mendeleydesktop (@xgdgsc)
• [x] opencv-docs (@xgdgsc)
• [x] python-numpy-doc (@xgdgsc)
• [x] python-scipy-doc (@xgdgsc)
• [x] rstudio-desktop-bin (@xgdgsc)
• [ ] 1password (@Xuanwo)
• [ ] autojump (@Xuanwo)
• [ ] beancount (@Xuanwo)
• [ ] canta-kde-git (@Xuanwo)
• [ ] cht.sh (@Xuanwo)
• [ ] exercism (@Xuanwo)
• [ ] fava (@Xuanwo)
• [ ] flutter (@Xuanwo)
• [ ] insomnia (@Xuanwo)
• [ ] intellij-idea-ultimate-edition (@Xuanwo)
• [ ] libselinux (@Xuanwo)
• [ ] libsepol (@Xuanwo)
• [ ] makisu (@Xuanwo)
• [ ] ngrok (@Xuanwo)
• [ ] nomad (@Xuanwo)
• [ ] python-magic-ahupp (@Xuanwo)
• [ ] sublime-merge (@Xuanwo)
• [ ] swagger-codegen (@Xuanwo)
• [ ] teamcity (@Xuanwo)
• [ ] teamviewer (@Xuanwo)
• [ ] tidb (@Xuanwo)
• [ ] tikv-pd (@Xuanwo)
• [ ] tikv (@Xuanwo)
• [ ] zsh-pure-prompt (@Xuanwo)
• [ ] zulip-desktop (@Xuanwo)
• [x] android-emulator (@yan12125)
• [x] android-platform (@yan12125)
• [x] android-sdk-build-tools (@yan12125)
• [x] android-sdk-platform-tools (@yan12125)
• [x] android-sdk (@yan12125)
• [x] android-x86-64-system-image (@yan12125)
• [x] c++utilities (@yan12125)
• [x] libfm-qt-git (@yan12125)
• [x] liblxqt-git (@yan12125)
• [x] libqtxdg-git (@yan12125)
• [x] libsysstat-git (@yan12125)
• [x] lxqt-admin-git (@yan12125)
• [x] lxqt-openssh-askpass-git (@yan12125)
• [x] lxqt-panel-git (@yan12125)
• [x] lxqt-qtplugin-git (@yan12125)
• [x] lxqt-sudo-git (@yan12125)
• [x] lxqt-themes-git (@yan12125)
• [x] pavucontrol-qt-git (@yan12125)
• [x] python-pyvisa-py (@yan12125)
• [x] python-pyvisa (@yan12125)
• [x] qps-git (@yan12125)
• [x] wayfire (@yan12125)
• [x] xfwm4-theme-breeze (@yan12125)
• [x] amule-dlp-git (@ykelvis)
• [x] baka-mplayer-git (@ykelvis)
• [x] clion (@ykelvis)
• [x] emacs-git (@ykelvis)
• [x] emacs-native-comp-git (@ykelvis)
• [x] ffmpeg3.4 (@ykelvis)
• [x] gconf (@ykelvis)
• [x] go-for-it-git (@ykelvis)
• [x] goland (@ykelvis)
• [x] grub2-theme-arch-leap (@ykelvis)
• [x] gstreamer0.10-base (@ykelvis)
• [x] gstreamer0.10 (@ykelvis)
• [x] kindlegen (@ykelvis)
• [x] libgccjit (@ykelvis)
• [x] linux-mainline (@ykelvis)
• [x] makemkv (@ykelvis)
• [x] megasync (@ykelvis)
• [x] mpdscribble (@ykelvis)
• [x] mpv-bash-completion-git (@ykelvis)
• [x] netatalk (@ykelvis)
• [x] netease-cloud-music (@ykelvis)
• [x] obapps (@ykelvis)
• [x] obkey-git (@ykelvis)
• [x] opera-beta (@ykelvis)
• [x] opera-developer (@ykelvis)
• [x] pnmixer (@ykelvis)
• [x] qtwebkit (@ykelvis)
• [x] repacman (@ykelvis)
• [x] smartgit (@ykelvis)
• [x] spotify (@ykelvis)
• [x] system-tools-backends (@ykelvis)
• [x] ttf-monaco (@ykelvis)
• [x] unagi (@ykelvis)
• [x] virtio-win (@ykelvis)
• [x] yandex-browser-beta (@ykelvis)
• [x] libpdfium-nojs (@ykelvis @DDoSolitary)
• [x] screengrab-git (@ykelvis @yan12125)
• [x] dhcptest-git (@YuutaW)
• [x] adcli (@YuutaW @wfxr)
• [ ] comgr (@yuyichao)
• [ ] franz (@yuyichao)
• [ ] hsakmt-roct (@yuyichao)
• [ ] hsa-rocr (@yuyichao)
• [ ] libevhtp-seafile (@yuyichao)
• [ ] llvm-amdgpu (@yuyichao)
• [ ] plib (@yuyichao)
• [ ] rocclr (@yuyichao)
• [ ] rocm-clang-ocl (@yuyichao)
• [ ] rocm-cmake (@yuyichao)
• [ ] rocm-device-libs (@yuyichao)
• [ ] rocminfo (@yuyichao)
• [ ] rocm-opencl-runtime (@yuyichao)
• [ ] seafile-client (@yuyichao)
• [ ] seafile (@yuyichao)
• [x] coursera-dl-git (@zsrkmyn)
• [x] nvchecker-git (@zsrkmyn)
• [x] picom-git (@zsrkmyn)

---

aur_pre_build API 支持指定 AUR 维护者已经有一段时间了，不过采用率很不好看。现在我计划将指定 AUR 维护者作为必填，以避免 AUR 包被别人接手后加入恶意或者垃圾代码。

maintainers 参数可以是 str 或者 list[str]，指定信任的 AUR 维护者/最后打包者。如果 lilac 打包时，最后打包者不在这个参数里，将会拒绝打包。请各维护者更新相关包，指定该参数。

---

There has been some time that the aur_pre_build API supports specifying AUR maintainers. However, it's not widely used. Now I'm going to make it mandatory to specify AUR maintainers to avoid AUR packages with evil or poor code that's added by later adopter.

The maintainers argument can be str or list[str] to specify trusted AUR maintainers / last packagers. When lilac packages, if the last packager is not in this argument, lilac will refuse to package. Please add this argument for your packages!

[lilacbot]

NOTE: some affected packages are unmaintained:

• freeradius-client is depended by ocserv (@farseerfc)
• fsharp is depended by monodevelop-stable (@farseerfc)
• libpcl is depended by ocserv (@farseerfc)

Some maintainers (perhaps outside contributors) cannot be assigned: @Rasphino, @edward-p, @OriginCode, @xgdgsc, @Xuanwo, @hamkido, @felixonmars, @kaseiwang, @rayfalling, @Universebenzene, @Skywol, @renyuneyun, @farseerfc, @isjerryxiao, @oldherl, @imlonghao, @swordfeng, @ideal, @PeterCxy, @VOID001, @yuyichao, @petronny, @h0cheung, @MarvelousBlack, @zsrkmyn, @megrxu, @berberman, @heavysink, @KenOokamiHoro, @frantic1048, @SilverRainZ, @hubutui, @masakichi, @wfxr, @ykelvis, @poscat0x04, @justforlxz, @yan12125, @YuutaW, @Sasasu

[petronny]

呃，那我不想用这个参数怎么办呢，指定None? 我目前还没有遇到需要这种白名单的包，不是觉得这个很有必要。。。

如果真要做的话，估计需要一个脚本直接批量添加现有maintainers，手动改不现实。

[OriginCode]

shadowsocks-libev-qrcode does not fetch updates from AUR, please remove it from the list.

[lilydjwg]

On Mon, May 10, 2021 at 05:02:46AM -0700, Jack Wu wrote:

shadowsocks-libev-qrcode does not fetch updates from AUR, please remove it from the list.

Removed. It was a false positive.

-- Best regards, lilydjwg

[lilydjwg]

On Mon, May 10, 2021 at 04:43:38AM -0700, Jingbei Li wrote:

呃，那我不想用这个参数怎么办呢，指定None? 我目前还没有遇到需要这种白名单的包，不是觉得这个很有必要。。。

防患于未然嘛。

如果真要做的话，估计需要一个脚本直接批量添加现有maintainers，手动改不现实。

嗯，就等人写出来了。

-- Best regards, lilydjwg

[lilydjwg]

Note that pre_build in lilac.yaml does not support arguments; it's just a function name. You'll need to use pre_build_script to write code.

[OriginCode]

Note that pre_build in lilac.yaml does not support arguments; it's just a function name. You'll need to use pre_build_script to write code.

Fixed. XD

[edward-p]

Done by https://github.com/archlinuxcn/repo/commit/ce8209a3345eb35b1103e835b12c0f83ed2c9251

[axionl]

https://github.com/archlinuxcn/repo/commit/ea479e378aecb0b31a32944a605b290115f82f2b

[heavysink]

无意冒犯，其实我个人认为这个做法最好是鼓励而不是强制。

如果有稳定maintainer，而且上游代码更新频率低不怎么出问题的包还好。AUR有些包是很不稳定的，经常换maintainer。据我观察，上游大更新导致编译出问题的时候AUR包maintainer的更换频率会大大提升，因为遇到一个编译问题无法解决的话有些maintainer会选择直接弃包让能解决的人上。而如果手动指定maintainer的话会有些不灵活。

至于AUR包被添加恶意代码的问题，这个我个人认为是archlinux AUR本身的监管以及投诉渠道的问题。窃以为这个不该由Archlinuxcn承担。

我比较赞同@petronny，我的话如果AUR包有稳定的maintainer我会添加信任maintainer，但不采用这个参数的包也应该被允许。

[BruceZhang1993]

至于AUR包被添加恶意代码的问题，这个我个人认为是archlinux AUR本身的监管以及投诉渠道的问题。窃以为这个不该由Archlinuxcn承担。

由于 AUR 本身是要求用户安装时自己检查和审核打包脚本的安全性，而 Arch CN 源相当于帮用户跳过了这一步骤，那么 Arch CN 就需要对打出的软件包进行基本的检查和审核，所以还是需要承担的 @heavysink

[petronny]

由于 AUR 本身是要求用户安装时自己检查和审核打包脚本的安全性，而 Arch CN 源相当于帮用户跳过了这一步骤，那么 Arch CN 就需要对打出的软件包进行基本的检查和审核，所以还是需要承担的

这么说的话，我有了一个新的idea。

能否让lilac在监测到AUR maintainer变了的时候，打包时自己加上一个post_upgrade()，告诉用户这个包的维护者变了，提醒用户注意？ 这样我们就不用自己检查，让用户去检查就好了。

[petronny]

甚至可以是监测出不仅仅是version bump的那种upgrade的时候都给出提醒。 告诉用户这个包最近的更新包含额外改动。

[heavysink]

至于AUR包被添加恶意代码的问题，这个我个人认为是archlinux AUR本身的监管以及投诉渠道的问题。窃以为这个不该由Archlinuxcn承担。

由于 AUR 本身是要求用户安装时自己检查和审核打包脚本的安全性，而 Arch CN 源相当于帮用户跳过了这一步骤，那么 Arch CN 就需要对打出的软件包进行基本的检查和审核，所以还是需要承担的 @heavysink

个人觉得不需要审核的是官方源，既然用户选择了第三方源，就需要自己承担一部分责任。Unofficial repo有warning: The official Arch Linux Developers and the Trusted Users do not perform tests of any sort to verify the contents of these repositories. It's your decision whether to trust their maintainers, and you take full responsibility for any consequences of using any unofficial repository.

不知道这么说何不合适...

[DDoSolitary]

@petronny 我觉得不是很理想，首先安装包这个操作本身就不安全了，因为 aur 维护者可以加安装脚本，然后考虑到 archcn 的使用情况，打包者也确实有责任在一定程度上检查 pkgbuild 。

而且相比自己维护包，直接从 aur 拿基本都没啥工作量了，要求在 maintainer 变更的时候检查一下也不过分吧，实际上我经常担心 aur 维护者把包或者是我写在 lilac.py 里的脚本弄坏了，甚至希望可以每当 aur 更新的时候都能够手动检查修改情况再决定是直接打包还是需要修一修。

[DDoSolitary]

@heavysink 警告里也说了，用户自行选择是否相信非官方仓库的维护者，让 archcn 尽可能地成为一个用户可以给予一定信任的仓库总是好的。

[AlynxZhou]

https://github.com/archlinuxcn/repo/commit/8ac49d83ceaa91cb2d2394d24919253ee50fb07f

[justforlxz]

e1a3039e86b675bd749ee6ec925958306fb0762c

[MarvelousBlack]

无意冒犯，其实我个人认为这个做法最好是鼓励而不是强制。

如果有稳定maintainer，而且上游代码更新频率低不怎么出问题的包还好。AUR有些包是很不稳定的，经常换maintainer。据我观察，上游大更新导致编译出问题的时候AUR包maintainer的更换频率会大大提升，因为遇到一个编译问题无法解决的话有些maintainer会选择直接弃包让能解决的人上。而如果手动指定maintainer的话会有些不灵活。

至于AUR包被添加恶意代码的问题，这个我个人认为是archlinux AUR本身的监管以及投诉渠道的问题。窃以为这个不该由Archlinuxcn承担。

我比较赞同@petronny，我的话如果AUR包有稳定的maintainer我会添加信任maintainer，但不采用这个参数的包也应该被允许。

主要是還有個問題，由 aur 帶進來的惡意代碼可能會影響到編譯機，之前就是可以從 aur 帶進來一個 lilac.py 和 lilac.yaml（雖然現在不允許了）。

[hubutui]

我的包处理完了．

[KenOokamiHoro]

Added current maintainers in https://github.com/archlinuxcn/repo/commit/c4d306c17820c1217a1055e0579859eeadf3cbc5 .

[a-wing]

Added current maintainers in 11df7853872496beb3eabd084933a435ef5fb44c .

[heavysink]

处理完毕

[ideal]

需要合并一下：#2275

[AlynxZhou]

需要合并一下：#2275

Done.

[frantic1048]

一楼的「受影响的软件包」列表的勾勾是会自动随着 master 更新而变动么，还是维护者确认变动已经进入 master 之后去手动点呢 :eyes:

[MarvelousBlack]

一楼的「受影响的软件包」列表的勾勾是会自动随着 master 更新而变动么，还是维护者确认变动已经进入 master 之后去手动点呢 👀

手動

[peeweep]

@dctxmei firefox-esr 的lilac 报错可能是由此引起的，请修复

https://build.archlinuxcn.org/packages/#/firefox-esr/logs/1633384211