Package Details: icoextract 0.1.5-1

Git Clone URL: https://aur.archlinux.org/icoextract.git (read-only, click to copy)
Package Base: icoextract
Description: Icon extractor for Windows PE files (.exe/.dll) with optional thumbnailer functionality
Upstream URL: https://github.com/jlu5/icoextract
Licenses: MIT
Conflicts: exe-thumbnailer
Provides: exe-thumbnailer
Submitter: Nocifer
Maintainer: Nocifer
Last Packager: Nocifer
Votes: 29
Popularity: 2.08
First Submitted: 2021-04-05 10:10 (UTC)
Last Updated: 2024-05-01 08:23 (UTC)

Latest Comments

1 2 3 Next › Last »

Nocifer commented on 2024-05-13 15:14 (UTC)

@yochananmarqos Until a couple of years ago I used to prefer using git tags rather than source tarballs in all my packages, until some user(s) complained about the extra storage space and bandwidth required when using tags, so I switched over to tarballs.

I too would like to utilize that extra robustness of PGP keys, and this is in my opinion a good counterargument to said user(s) (because security >>> a few kB or mB of temp storage), so I'll see to it in the near(-ish) future that I switch back to tags again and add PGP verification in the process. Thanks for the suggestion.

yochananmarqos commented on 2024-05-01 22:44 (UTC)

@Nocifer: By adding developer PGP keys, it increases the security and validity of the package. I do that in my AUR packages whether it's a signed commit, tag or tarball. It's up to you if you want to make the change, of course.

In this case, the tarball does not have a matching signature file; i.e, .tar.gz.asc.

Nocifer commented on 2024-05-01 08:47 (UTC)

Hey @yochananmarqos, I'd be happy to do that if there is a good reason for it, otherwise for the time being I'd prefer if I avoided switching to a git-based process. AFAIK Github's source archives are generated on the fly from the actual source code, so there's no chance of any xz-like shenanigans in our case. Is there a way to use Github's GPG verification with source archives of commits instead of the commits themselves?

yochananmarqos commented on 2024-04-28 21:16 (UTC)

@Nocifer: Please use the signed git tag as the source:

source=("git+https://github.com/jlu5/icoextract.git#tag=$pkgver?signed")
sha256sums=('bc0c9aa074771ff176253d9ebf631ec882776ddd71892a136e1e00a711d44253')
validpgpkeys=('D5D568B2D34AB32A337944D22EC3F60DE71C0B9D') # James Lu <james@overdrivenetworks.com>

Nocifer commented on 2023-12-30 09:27 (UTC)

@jdigi78 Done, and thanks for reporting it!

jdigi78 commented on 2023-12-30 07:12 (UTC)

If the thumbnailer appears to not be working, try icoextract-git. It's been updated with the missing MIME type. @Nocifer I'd recommend patching this pkgbuild with that change as well.

Nocifer commented on 2022-07-03 08:04 (UTC)

@dr460nf1r3 Yeah, that was a mistake; I accidentally pasted 'provides' over 'conflicts' instead of above it and then pushed the update without noticing because I was in haste to finish editing my PKGBUILDS in time to leave and go catch my vacation flight :P

dr460nf1r3 commented on 2022-06-19 17:43 (UTC)

Why exactly did you remove the conflicts array? It is needed to properly handle the removal of exe-thumbnailer.