Arch Linux User Repository

@seifferth, npm audit fix is just a suggestion. Hopefully, the app stops requiring python2 soon as Arch is aiming to drop that asap. Also, here's the issue I opened upstream - https://github.com/brrd/abricotine/issues/285. I do not per se agree with rephrasing the urgent need to move away from python2 as an 'enhancement', but I guess someone at least read it.

However, for your personal info, if curious, npm audit fix by default will not override requested versions and should not cause any such issues - it will only try to update "point" releases where possible. Moreover, even like it is now, your package produces a different build depending on the time of its build anyway. It has nothing to do with your setup, it's just how it is with packages and specifically npm. Distributable software is designed to work around this fact. ;) And finally, the github issue you mention does have a valid point, but about a different thing - they don't want their direct dependencies to be different for debugging purposes and forced that choice on their users. Not a great solution, but a solution to a problem nonetheless. You as a packager can make your own decisions about all of that differently if you wish. So it's up to you.

Thanks, kgizdov, for the note concerning python2. I've added it to makedepends as you suggested.

I'm not sure about running npm audit fix, however, since that might introduce unpredictable build errors. See https://github.com/brrd/abricotine/issues/270 for an explanation on why abricotine doesn't use the latest version of its dependencies. Running npm audit fix would also mean that different builds of the same package version would produce different packages, depending on the time of the build, which doesn't seem right. I do appreciate the security implications of the current policy --- both mine and upstream ---, though, so I'd be happy to discuss the issue further, if you like.

This package does not build in a clean chroot - it's missing python2 in makedepends. Also consider running npm audit fix after the npm install command.

Looks like upstream has changed the contents of the 1.0.0 release after I made the update. Thanks for the fix, silvio.

Building of 1.0.0 breaks with a sha256sum problem. Also the patchnames are changed.

commit ac2c853f134901de4ce4b1364af7ef781ea29f37 (HEAD -> master)
Author: Silvio Fricke <silvio.fricke@gmail.com>
Date:   Wed Apr 29 19:45:44 2020 +0200

    fix sha256 and naming of PKGFILE

diff --git a/.SRCINFO b/.SRCINFO
index b68146a..069c7e9 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = abricotine
        pkgdesc = A markdown editor with inline preview
        pkgver = 1.0.0
-       pkgrel = 1
+       pkgrel = 2
        url = http://abricotine.brrd.fr
        arch = x86_64
        license = GPL3
@@ -10,7 +10,7 @@ pkgbase = abricotine
        depends = libxss
        source = abricotine-1.0.0.tar.gz::https://github.com/brrd/abricotine/archive/1.0.0.tar.gz
        source = abricotine.desktop
-       sha256sums = a762d53c1870a93179ddf1de8a24a30141975da84059295c40a99ae18d38e1b3
+       sha256sums = ed12ba3d518b87bbd965b09a25c931d827c2250deb6af0d6c5137ff3795a0575
        sha256sums = 164d0042ffe461ca0418709a59be29b433055589b661be4d6555c07df42b383c

 pkgname = abricotine
diff --git a/PKGBUILD b/PKGBUILD
index 3c4f10f..5ac7833 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -3,7 +3,7 @@

 pkgname=abricotine
 pkgver=1.0.0
-pkgrel=1
+pkgrel=2
 pkgdesc="A markdown editor with inline preview"
 arch=('x86_64')
 url="http://abricotine.brrd.fr"
@@ -12,18 +12,18 @@ depends=('libxss')
 makedepends=('npm' 'nodejs-lts-erbium')
 source=("abricotine-${pkgver}.tar.gz::https://github.com/brrd/abricotine/archive/${pkgver}.tar.gz"
         "abricotine.desktop")
-sha256sums=('a762d53c1870a93179ddf1de8a24a30141975da84059295c40a99ae18d38e1b3'
+sha256sums=('ed12ba3d518b87bbd965b09a25c931d827c2250deb6af0d6c5137ff3795a0575'
             '164d0042ffe461ca0418709a59be29b433055589b661be4d6555c07df42b383c')

 build() {
-  cd "${srcdir}/Abricotine-${pkgver}"
+  cd "${srcdir}/${pkgname}-${pkgver}"

   npm install --cache ../cache --devdir="${srcdir}/devdir"
   npm run packager
 }

 package() {
-  cd "${srcdir}/Abricotine-${pkgver}"
+  cd "${srcdir}/${pkgname}-${pkgver}"

   install -d "${pkgdir}/opt/abricotine"
   cp -r dist/*/* "${pkgdir}/opt/abricotine"

The build errors seem to be caused by node-spellchecker, which relies on features of nodejs that have been deprecated in recent versions. I added nodejs-lts-dubnium to makedepends, which should fix the build issues. Please let me know if you continue experiencing problems.

Build errors seem to be related to the spellchecker library, which doesn't compile with the latest version of node. I can't get the current git version to compile with the latest version of node on Arch Linux either. Problems with that particular library are known upstream but haven't been completely solved yet. I'll look into it shortly, if I get time.

I also added an abricotine-bin package to the AUR that relies on pre-built binaries of the latest release, which are downloaded from the upstream github page. You may want to use that package until the issue has been solved.

I continue having various build errors.

I pushed a workaround that fixes outdated dependencies in package.json during prepare(). I hope this fixes it for now. Could you try again and see if the errors persist?

Various build errors.