Package Details: dbflux 0.6.0-1

Git Clone URL: https://aur.archlinux.org/dbflux.git (read-only, click to copy)
Package Base: dbflux
Description: A fast, keyboard-first database client
Upstream URL: https://github.com/0xErwin1/dbflux
Licenses: MIT, Apache-2.0
Submitter: 0xErwin
Maintainer: 0xErwin
Last Packager: 0xErwin
Votes: 0
Popularity: 0.000000
First Submitted: 2026-04-05 15:23 (UTC)
Last Updated: 2026-06-17 00:22 (UTC)

Latest Comments

welwood08 commented on 2026-06-15 13:29 (UTC) (edited on 2026-06-15 13:37 (UTC) by welwood08)

FYI the sha256sums in the PKGBUILD are still from v0.4.2 (they were not updated at the same time as the version bump to v0.4.7).

Whilst investigating this build failure, I noticed releases are signed but this PKGBUILD does not verify the signatures. Automatic verification is easily achieved with the validpgpkeys array and adding the signature files to the source arrays. For example, with the sha256sums for v0.5.6:

-source_x86_64=("${url}/releases/download/v${pkgver}/dbflux-linux-amd64.tar.gz")
-source_aarch64=("${url}/releases/download/v${pkgver}/dbflux-linux-arm64.tar.gz")
+source_x86_64=("${url}/releases/download/v${pkgver}/dbflux-linux-amd64.tar.gz"{,.asc})
+source_aarch64=("${url}/releases/download/v${pkgver}/dbflux-linux-arm64.tar.gz"{,.asc})

-sha256sums_x86_64=('ef8cd737d5c3783b43281fed94689b24237f3cc2cd1c2d1d06fc5dfe3da487f5')
-sha256sums_aarch64=('de8dde2c23edda17f1f3897b6cf0b56e476740f11134ab8e1ab02e309e6893b2')
+sha256sums_x86_64=('6458e1636f8b613fce3b771202797bd473efda02667e9ae8cf11622b6b51920e' 'SKIP')
+sha256sums_aarch64=('731e07bf1c777220ea1b0423817a1dcc65740caadd5bc4a7c9c1ec8fc71fa1eb' 'SKIP')
+
+validpgpkeys=('B39EB98E8860DAFB05670073A614B7D25134987A')