Arch Linux User Repository

THE PKGBUILD IS NOW CONSIDERED LIKE A VCS ONE, THIS MEAN IT WILL NOT BE BUMPED FOR EVERY VERSION, REPORT ONLY BUILD PROBLEMS NOT NEW VERSIONS!!

THE PKGBUILD IS NOW CONSIDERED LIKE A VCS ONE, THIS MEAN IT WILL NOT BE BUMPED FOR EVERY VERSION, REPORT ONLY BUILD PROBLEMS NOT NEW VERSIONS!!

THE PKGBUILD IS NOW CONSIDERED LIKE A VCS ONE, THIS MEAN IT WILL NOT BE BUMPED FOR EVERY VERSION, REPORT ONLY BUILD PROBLEMS NOT NEW VERSIONS!!

OCR is only available for the professional edition, OCR files should be splitted to a separate pkgbuild? Send your opinion at my email

The pkgbuild is now considered like a VCS one, this mean it will NOT be bumped for every version, report ONLY build problems not new versions.

Complainers who can't read: 20

Rebuild!

This package is a chore for any package maintainer because of the frequent updates and the way it is distributed.

@FabioLolix, I'd just go ahead and maintain this like a git package, skipping the checksums and generating the pkgver automatically. Then users can just update the package from the AUR whenever they feel the urge to do so. I've uploaded a PKGBUILD which does this here: https://gist.github.com/agraef/69f9c18b9a520059ce22ec4b1ba8a652

Note that this uses wget and grep/sed to extract the current version number from the author's website. This might need tweaking when the layout of https://www.hamrick.com/alternate-versions.html changes.

Man, this package is nearly unmaintained. Checksums don't match, updates need fresh install and so on. Worst maintainer.

at the very least, all URLs should be HTTPS-based

skipping the signature is no option, honestly.

@emmerkar I think it probably has to have SKIP for the sha256sum for the package tar file unless it is going to be updated every release which has not been the case in the past.

sha256ssum for x86-64 package should be upgraded to 504769596aaebe61808daf08e603ccbf06582e6b909ef7390c141098e23b26b2

source_i686=("$pkgname-x32-$(date +%F-%H-%M).tgz::http://www.hamrick.com/files/vuex3297.tgz") source_x86_64=("$pkgname-x64-$(date +%F-%H-%M).tgz::http://www.hamrick.com/files/vuex6497.tgz")

still using HTTP for x86/x86_64. Signature skipping is insecure.

New version available, v9.7.28. Running this PGKBUILD works, but need to skip checksum for it to install the new version.

It would be good to switch the download URL to HTTPS. HTTP combined with signature skipping looks insecure.

patch for recent version:

--- PKGBUILD
+++ PKGBUILD @@ -3,7 +3,7 @@ pkgname=vuescan-bin _pgmname=vuescan _srcname=VueScan -pkgver=9.6 +pkgver=9.6.43 pkgrel=1 pkgdesc="A powerful proprietary scanning tool developed by Hamrick Software" arch=('i686' 'x86_64') @@ -14,15 +14,15 @@ options=(!strip)

source=('LICENSE' 'vuescan.sh' 'vuescan.desktop') -source_i686=('http://www.hamrick.com/files/vuex3296.tgz') -source_x86_64=('http://www.hamrick.com/files/vuex6496.tgz') +source_i686=('https://d2bwyyzfw77fhf.cloudfront.net/vuex3296.tgz') +source_x86_64=('https://d2bwyyzfw77fhf.cloudfront.net/vuex6496.tgz')

md5sums=('e4d56c48bc5ac80b83630238a7ab658d' 'da269332a033a101a4509d34f1552c10' '10fc10eedb71fa56bb7f1c6e29d63e3b') +md5sums_i686=('510631f922ef57b894b0e16f6b1f79e7') +md5sums_x86_64=('9351190cea1b804d4631524cfe619625') # Skip checksum as package always provides latest version regardless -md5sums_i686=('SKIP') -md5sums_x86_64=('SKIP')

package() { cd "$srcdir"