The author have committed the build script. https://github.com/ventoy/Ventoy/issues/131 @DuckSoft @jsamr
Search Criteria
Package Details: ventoy-bin 1.0.99-1
Package Actions
| Git Clone URL: | https://aur.archlinux.org/ventoy-bin.git (read-only, click to copy) |
|---|---|
| Package Base: | ventoy-bin |
| Description: | A new bootable USB solution |
| Upstream URL: | http://www.ventoy.net |
| Keywords: | boot image iso multiboot usb |
| Licenses: | GPL-3.0-or-later |
| Conflicts: | ventoy |
| Provides: | ventoy |
| Submitter: | DuckSoft |
| Maintainer: | DuckSoft (KokaKiwi, yochananmarqos, Kr1ss) |
| Last Packager: | yochananmarqos |
| Votes: | 360 |
| Popularity: | 8.17 |
| First Submitted: | 2020-05-19 06:14 (UTC) |
| Last Updated: | 2024-12-13 03:01 (UTC) |
Dependencies (7)
- bash (bash-devel-static-gitAUR, bash-devel-gitAUR, busybox-coreutilsAUR, bash-gitAUR)
- dosfstools (dosfstools-gitAUR)
- util-linux (busybox-coreutilsAUR, util-linux-selinuxAUR, util-linux-aesAUR)
- xz (xz-gitAUR)
- gtk3 (gtk3-no_deadkeys_underlineAUR, gtk3-classicAUR, gtk3-classic-xfceAUR, gtk3-patched-filechooser-icon-viewAUR) (optional) – GTK3 GUI
- polkit (polkit-gitAUR, polkit-consolekitAUR) (optional) – run GUI from application menu
- qt5-base (qt5-base-gitAUR, qt5-base-headlessAUR) (optional) – Qt5 GUI
Required by (0)
Sources (9)
springzfx commented on 2020-05-22 14:17 (UTC)
DuckSoft commented on 2020-05-19 06:10 (UTC) (edited on 2020-05-21 16:10 (UTC) by DuckSoft)
Alright, let's merge this. Merge req is sent. Awaiting official triage.
jsamr commented on 2020-05-19 00:42 (UTC) (edited on 2020-06-01 13:57 (UTC) by jsamr)
@DuckSoft Please rename this to ventoy-bin.
Also, I have security concerns about this program. It pops out of nowhere, the authors are unknown (the Github user has no prior activity, no info in the website either), no build instructions, the .exe binary has been spotted as malware by different anti-viruses (take a look at multiple reports in their issue tracker), the git repository is a mess with a lot of shipped / modified binaries.
I would recommend the community to wait for a transparency endeavor on the developers side, and even better a security audit from an independent team. Don't install untrusted code on a USB key!
EDIT: A lot of the concerns can be lifted now, see Manjaro packager comments here: https://forum.manjaro.org/t/community-ventoy-compile-from-source/143714
bcnelson commented on 2020-05-18 22:17 (UTC)
@duckSoft you should just rename the package (I belive that it is acualy make a new one with the right name and request a merge) then let someone else make the compiled version
DuckSoft commented on 2020-05-18 14:37 (UTC)
@springzfx I don't know. You know, https://github.com/ventoy/Ventoy/issues/131
springzfx commented on 2020-05-18 14:27 (UTC)
This should directly compiled form source code in PKGBUILD, otherwise please rename it to ventoy-bin
Pinned Comments