Package Details: ledger-live 2.79.1-1

Git Clone URL: https://aur.archlinux.org/ledger-live.git (read-only, click to copy)
Package Base: ledger-live
Description: Maintain your Ledger devices
Upstream URL: https://github.com/LedgerHQ/ledger-live
Keywords: bitcoin cryptocurrency wallet
Licenses: MIT
Submitter: meriadec
Maintainer: phnx47
Last Packager: phnx47
Votes: 19
Popularity: 0.063011
First Submitted: 2018-07-19 09:01 (UTC)
Last Updated: 2024-04-25 08:32 (UTC)

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 .. 12 Next › Last »

sudoforge commented on 2022-11-15 02:07 (UTC)

Should I do it?

i have absolutely no opinion on the matter. personally, i would have probably moved the package to use fnm, too. it's small and fast, plus, it gets cool points for being rewritten in rust.

that said, nvm is more well-known and battle-tested, and likely not as foreign to people who write node regularly, or to people who don't write in node at all -- it's this latter group that has likely never even heard of fnm.

phnx47 commented on 2022-11-15 01:50 (UTC) (edited on 2022-11-15 01:50 (UTC) by phnx47)

@sudoforge I can use nvm instead of fnm. Should I do it?

sudoforge commented on 2022-11-15 01:47 (UTC)

@verdrisarko: baseless fearmongering serves nobody. Show me the enlargened attack vector and I'll revert the change.

@phnx47: the wiki page talks about nvm, yes, but not fnm.

phnx47 commented on 2022-11-15 01:25 (UTC) (edited on 2022-11-15 01:36 (UTC) by phnx47)

@vedrisarko Build issues with different NodeJS versions. LedherHQ build it with NodeJS 16 and put info to .nvmrc: https://github.com/LedgerHQ/ledger-live/blob/develop/.nvmrc.

Here 3 options:

1) Test with every NodeJS after changes. It is what I did before, but it is time consuming.

2) Pin dependency to nodejs-lts-gallium. This will be conflicts dependency with rebuild if you use different NodeJS version in your machine.

3) Use fnm or nvm and read version from .nvmrc: check '4. Using nvm' - https://wiki.archlinux.org/title/Node.js_package_guidelines. fnm is better alternative for nvm. But both of them from AUR.

@vedrisarko Do you have any issue with this? If you worry about 'make' dependencies, you can use ledger-live-bin.

vedrisarko commented on 2022-11-14 20:16 (UTC)

This package worked 100% in 2.49.2-4 before you added package fnm.

Why did you add package fnm?

Adding package fnm just increased the attack vector likelihood of this package and decreased the security potential of this package. fnm is an unnecessary package.

BEWARE

phnx47 commented on 2022-11-13 06:57 (UTC)

@sudoforge No worries! Thank you for your feedback!

sudoforge commented on 2022-11-13 06:54 (UTC)

i don't think i've actually updated that package since adopting it; it's wildly out of date and needs to be dramatically improved. thanks for reminding me about that!

i think my brain is fried from a long day; you're absolutely right that dist isn't relevant. anyway, glad you were able to get the invalid symlink / erroneous copy fixed!

phnx47 commented on 2022-11-13 06:38 (UTC) (edited on 2022-11-13 06:38 (UTC) by phnx47)

@sudoforge You are also use copy instead of move in your packages. What is your point? https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=google-appengine-go#n53

phnx47 commented on 2022-11-13 06:33 (UTC)

@sudoforge It is no difference for package size. Only pkgdir uses. I never see anyone moves files from srcdir to pkgdir, only copy.

srcdir This points to the directory where makepkg extracts or symlinks all files in the source array.

pkgdir This points to the directory where makepkg bundles the installed package, which becomes the root directory of your built package.

sudoforge commented on 2022-11-13 06:21 (UTC)

All of the files that you're copying from linux-unpacked. Because you're copying instead of moving, you're duplicating the entire contents of that directory.

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 .. 12 Next › Last »