Arch Linux User Repository

I've been trying to build the latest update via extra-x86_64-build (the easy to use wrapper around makechrootpkg used to build official repo packages for clean chroot builds) and am getting a failure during the build() function:

  - Upgrading roundcube/plugin-installer (0.3.0 => 0.3.1): Extracting archive
Plugin initialization failed (Undefined variable $installers), uninstalling plugin

Any idea what is wrong?

@RoKoInfo Thank you for the report, I changed the PKGBUILD accordingly

Hello AlphaJack, the update is not working for me right now. blind-coder gets forwarded to mstilkerich, and the release file there has a different file ending (.tar.gz instead of .tgz).

Hi, it is missing the systemd makedepends for http user/group.

@dvzrv I've switched all my packages to SHA256, however MD5 seems to be fine as download checksum

@AlphaJack: MD5 is broken and so is SHA1.

@AlphaJack: The license file for GPL2 is already in the licenses packages. You don't have to install it.

@dvzrv Thank you, I've modified the functions accordingly and added the old package in the replaces array. Are there security concerns with the md5sum hashing algorithm, regarding file integrity (and not password storage)?

@Alphajack: Thanks for picking up the plugin stuff!

A couple of notes on your PKGBUILD:

Please build things with composer in build(), not in package(). Modify the sources before build() (e.g. when using sed) in prepare() not in package(). Use more secure hashing algorithms (e.g. sha265sums, sha512sums, b2sums - you can use multiple!).

Modify file permissions and ownership using sysusers.d. It is more flexible and less dangerous than applying this in package() or an .install script.

P.S.: I will remove roundcube-rmcarddav so you can add that to the replaces array as well!