Package Details: hydroxide 0.2.23-3

Git Clone URL: https://aur.archlinux.org/hydroxide.git (read-only, click to copy)
Package Base: hydroxide
Description: A third-party, open-source ProtonMail CardDAV, IMAP and SMTP bridge
Upstream URL: https://github.com/emersion/hydroxide
Keywords: carddav go imap protonmail protonmail-bridge smtp
Licenses: MIT
Submitter: arnottcr
Maintainer: arnottcr (Stetsed)
Last Packager: arnottcr
Votes: 12
Popularity: 1.28
First Submitted: 2020-01-04 21:41 (UTC)
Last Updated: 2022-05-18 14:14 (UTC)

Latest Comments

Ranguvar commented on 2022-05-11 03:42 (UTC)

Please consider adding options=(!lto).

Some packages in core repos already do, for the benefit of users who have LTO enabled globally.

This package fails to build with LTO enabled.

tam1m commented on 2021-11-29 09:51 (UTC) (edited on 2021-11-29 10:02 (UTC) by tam1m)

Edit:

Don't really get whats happening. https://aur.archlinux.org/packages/hydroxide-git builds fine with my default config including lto.

These are my flags

CFLAGS="-march=native -O2 -pipe -fno-plt -fexceptions -Wp,-D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fstack-clash-protection -fcf-protection"

CXXFLAGS="$CFLAGS -Wp,-D_GLIBCXX_ASSERTIONS


Could you add options=('!lto')?

Build breaks for me with lto enabled

==> Starting build()...
# github.com/emersion/hydroxide/cmd/hydroxide
_cgo_callers: relocation target x_cgo_callers not defined
_cgo_init: relocation target x_cgo_init not defined
_cgo_mmap: relocation target x_cgo_mmap not defined
_cgo_munmap: relocation target x_cgo_munmap not defined
_cgo_notify_runtime_init_done: relocation target x_cgo_notify_runtime_init_done not defined
_cgo_sigaction: relocation target x_cgo_sigaction not defined
_cgo_thread_start: relocation target x_cgo_thread_start not defined
net._cgo_3c1cec0c9a4e_C2func_getaddrinfo: relocation target _cgo_3c1cec0c9a4e_C2func_getaddrinfo not defined
net._cgo_3c1cec0c9a4e_Cfunc_freeaddrinfo: relocation target _cgo_3c1cec0c9a4e_Cfunc_freeaddrinfo not defined
net._cgo_3c1cec0c9a4e_Cfunc_gai_strerror: relocation target _cgo_3c1cec0c9a4e_Cfunc_gai_strerror not defined
runtime._cgo_setenv: relocation target x_cgo_setenv not defined
runtime._cgo_unsetenv: relocation target x_cgo_unsetenv not defined
runtime.cgo_yield: relocation target _cgo_yield not defined
.rela: relocation target _cgo_yield not defined
.rela: relocation target x_cgo_setenv not defined
.rela: relocation target x_cgo_unsetenv not defined
.rela: relocation target _cgo_3c1cec0c9a4e_C2func_getaddrinfo not defined
.rela: relocation target _cgo_3c1cec0c9a4e_Cfunc_freeaddrinfo not defined
.rela: relocation target _cgo_3c1cec0c9a4e_Cfunc_gai_strerror not defined
.rela: relocation target x_cgo_init not defined
.rela: relocation target x_cgo_thread_start not defined
/usr/lib/go/pkg/tool/linux_amd64/link: too many errors
unexpected fault address 0x7f8f9c9f9e08
fatal error: fault
==> ERROR: A failure occurred in build().
Aborting...

rEnr3n commented on 2021-10-10 01:54 (UTC)

You need to import the dev's key.

gpg --recv-keys 34FF9526CFEF0E97A340E2E40FDE7BE0E88F5E48

djdeets commented on 2021-10-09 21:33 (UTC)

For me Hydroxide fails to build with the error:

==> Validating source files with sha512sums...
    hydroxide-0.2.20.tar.gz ... Passed
    hydroxide-0.2.20.tar.gz.sig ... Skipped
==> Verifying source file signatures with gpg...
    hydroxide-0.2.20.tar.gz ... FAILED (unknown public key 0FDE7BE0E88F5E48)
==> ERROR: One or more PGP signatures could not be verified!
Failed to build hydroxide

Ranguvar commented on 2021-08-27 01:52 (UTC)

Please consider adding options=(!lto) as some packages in core repos already do, for the benefit of users who have LTO enabled globally.

This package fails to build with LTO enabled.

Ultracoolguy commented on 2021-06-08 18:06 (UTC)

So I noticed the package was flagged out of date, so I went ahead and updated it. Note that I removed the .sig and the pgp key because the former had expired.

If you need help with something else let me know.

# Maintainer: Colin Arnott <colin@urandom.co.uk>
# Maintainer: Nitroretro <nitroretro@protonmail.com>

pkgname=hydroxide
pkgver=0.2.18
pkgrel=1
pkgdesc="A third-party, open-source ProtonMail CardDAV, IMAP and SMTP bridge"
arch=('x86_64')
url="https://github.com/emersion/${pkgname}"
license=('MIT')
depends=('glibc')
makedepends=('go')
source=("${url}/releases/download/v${pkgver}/${pkgname}-${pkgver}.tar.gz")
sha512sums=('79997fb1aaa4c942f169a27c66cc3a92fd765e846a3278b809d732105a58eb6bfe9980ed8de3bdcdd3cebce824382fba226dd68fd4805f0b63ce0e68486c04be')

prepare() {
    cd "${pkgname}-${pkgver}"
    mkdir -p build
}

build() {
    cd "${pkgname}-${pkgver}"

    export CGO_CPPFLAGS="$CPPFLAGS"
    export CGO_CFLAGS="$CFLAGS"
    export CGO_CXXFLAGS="$CXXFLAGS"
    export CGO_LDFLAGS="$LDFLAGS"
    export GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw"

    go build -o build ./cmd/...
}

package() {
    cd "${pkgname}-${pkgver}"
    install -Dm755 -- "build/${pkgname}" "${pkgdir}/usr/bin/${pkgname}"
    install -Dm644 -- "LICENSE" "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}

commented on 2020-04-29 08:56 (UTC)

Thanks! If you have any questions about the changes feel free to ask.

arnottcr commented on 2020-04-29 03:48 (UTC)

You seem interested and aware of community standards, happy to hand share management and let you push best practices. Added you as a Co-Maintainer, so feel free to realign things as appropriate.

commented on 2020-04-29 03:31 (UTC)

However, I am kind of partial to the minimalism achieved by relying upon the toolchain to fetch source, so let me know your thoughts.

The tarball already contains a go.sum file. It will always be the same as the one that you had when committing the package since we're checking the checksum of the tarball.

More info: Go package guidelines#Modern Go project (for Go >=1.11)


Also, go-pie vs go?

Building towards go-pie should be preferred for security reasons. I haven't encountered any issues with building against go-pie and when I tried hydroxide out everything seemed to be working as intended.

More info: Go package guidelines#Building


The license is a good touch that I always miss, is that documented somewhere, as it is not in the samples.

The reason you don't see the sample PKGBUILDs copying the license is that the license is GPL and it's already located at /usr/share/licenses/common/GPL/license.txt. MIT is treated as a common license, but technically each one is a different license due to the Copyright [...] line being included, which is why you have to copy it.

More info: PKGBUILD#license


I suggest you take a look at the following ArchWiki pages when you have time:

commented on 2020-04-29 03:31 (UTC)

However, I am kind of partial to the minimalism achieved by relying upon the toolchain to fetch source, so let me know your thoughts.

The tarball already contains a go.sum file. It will always be the same as the one that you had when committing the package since we're checking the checksum of the tarball.

More info: Go package guidelines#Modern Go project (for Go >=1.11)


Also, go-pie vs go?

Building towards go-pie should be preferred for security reasons. I haven't encountered any issues with building against go-pie and when I tried hydroxide out everything seemed to be working as intended.

More info: Go package guidelines#Building


The license is a good touch that I always miss, is that documented somewhere, as it is not in the samples.

The reason you don't see the sample PKGBUILDs copying the license is that the license is GPL and it's already located at /usr/share/licenses/common/GPL/license.txt. MIT is treated as a common license, but technically each one is a different license due to the Copyright [...] line being included, which is why you have to copy it.

More info: PKGBUILD#license


I suggest you take a look at the following ArchWiki pages when you have time:

arnottcr commented on 2020-04-29 02:58 (UTC)

So, I was definitely trying something out here and am not surprised that it does not align with existing package samples. That being said, I am happy to introduce the build stripping, and FLAGS.

However, I am kind of partial to the minimalism achieved by relying upon the toolchain to fetch source, so let me know your thoughts. Also, go-pie vs go?

The license is a good touch that I always miss, is that documented somewhere, as it is not in the samples.

commented on 2020-04-29 02:44 (UTC)

I didn't realize this was on the AUR and I made a PKGBUILD myself. I noticed your PKGBUILD doesn't necessarily respect the Go package guidelines.

Here's the PKGBUILD that I made:

# Maintainer: Nitroretro <nitroretro@protonmail.com>

pkgname=hydroxide
pkgver=0.2.14
pkgrel=1
pkgdesc="A third-party, open-source ProtonMail CardDAV, IMAP and SMTP bridge"
arch=("x86_64")
url="https://github.com/emersion/hydroxide"
license=("MIT")
depends=("glibc")
makedepends=("go-pie")
source=("${url}/releases/download/v${pkgver}/${pkgname}-${pkgver}.tar.gz"
    "${url}/releases/download/v${pkgver}/${pkgname}-${pkgver}.tar.gz.sig")
sha512sums=("21f07c88e3e33319672d60e1ba062dd18f2e04767a7c70616007098743f8d6e2f53e325f688c910f53d34823257a0e9c60057a1ac899757c37877f36352cdb16"
            "SKIP")
validpgpkeys=("34FF9526CFEF0E97A340E2E40FDE7BE0E88F5E48")

build() {
    cd "${pkgname}-${pkgver}"
    go build \
        -trimpath \
        -ldflags "-extldflags ${LDFLAGS}" \
        "./cmd/${pkgname}"
}

package() {
    cd "${pkgname}-${pkgver}"
    install -Dm755 "${pkgname}" "${pkgdir}/usr/bin/${pkgname}"
    install -Dm644 "LICENSE" "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}

Feel free to use it however you want!