Search Criteria
Package Details: pkcs11-provider 0.3-1
Package Actions
Git Clone URL: | https://aur.archlinux.org/pkcs11-provider.git (read-only, click to copy) |
---|---|
Package Base: | pkcs11-provider |
Description: | OpenSSL 3.0 provider for PKCS#11 hardware-backed private keys |
Upstream URL: | https://github.com/latchset/pkcs11-provider |
Licenses: | Apache-2.0 |
Submitter: | grawity |
Maintainer: | grawity |
Last Packager: | grawity |
Votes: | 0 |
Popularity: | 0.000000 |
First Submitted: | 2022-11-05 11:38 (UTC) |
Last Updated: | 2024-01-23 16:33 (UTC) |
Dependencies (12)
- openssl (openssl-gitAUR, openssl-staticAUR)
- p11-kit (p11-kit-gitAUR)
- autoconf-archive (autoconf-archive-gitAUR) (make)
- automake (automake-gitAUR) (make)
- gcc (gccrs-gitAUR, gcc11AUR, gcc-gitAUR) (make)
- git (git-gitAUR) (make)
- libtool (libtool-gitAUR) (make)
- expect (check)
- gnutls (gnutls-gitAUR) (check)
- nss (nss-hgAUR) (check)
- opensc (opensc-gitAUR) (check)
- softhsm (softhsm-gitAUR) (check)
Latest Comments
pspacek commented on 2023-06-21 09:52 (UTC)
FTR checkdepends= is missing opensc package (for pkcs11-tool).
grawity commented on 2023-06-07 14:01 (UTC) (edited on 2023-06-07 14:03 (UTC) by grawity)
All other "security-critical" packages are pinned, they're just pinned to a specific release version instead of a commit hash. OpenSSH is pinned to "9.3p1". Fundamentally it's the same thing. (Except pkcs11-provider didn't have any releases for most of this package's lifetime.)
*-git
packages on AUR are the only kind of packages that aren't pinned, and usually it's the opposite recommendation as many AUR helpers do not bother checking for new commits in the upstream repo (i.e. once they install an unpinned package, many users won't notice any updates happening unless the packager continues to manually bump the pkgver).thesola10 commented on 2023-06-07 13:53 (UTC)
The pinned commit you provide has failing unit tests (so does latest, but fewer). I'd also suggest not pinning a specific commit on AUR packages, let them update themselves, especially when it comes to security-critical software like this.