Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Package no longer in AUR #45

Closed
axb993 opened this issue Aug 2, 2018 · 4 comments
Closed

Package no longer in AUR #45

axb993 opened this issue Aug 2, 2018 · 4 comments

Comments

@axb993
Copy link

axb993 commented Aug 2, 2018

Not sure if you're already aware of this, I just found this package so no clue when it happened but the pacui-git page is still in Google's cache so it must have been recent. Hope this is the right place to tell you this.
@seafox
Copy link

seafox commented Aug 2, 2018
edited by excalibur1234
Loading

Start reading here

@axb993
Copy link
Author

axb993 commented Aug 2, 2018

@seafox Thank you, suppose I should close this then. Extremely disappointing though, completely banning the package because it can be used carelessly is nonsensical to me, by that logic pacman should be banned for allowing --force...

If disclaimers were added to each of these functions explaining what they do and why they are discouraged, only proceeding if the user acknowledges the risks, their "harmful behavior" argument would be invalid if I'm understanding their reasoning correctly, instead educating users that aren't aware of the function's risks while still allowing users to take said risks for whatever reason. (eg. DANGER! This installs packages without verifying their signatures. Without signature verification there is no guarantee that the downloaded package is legitimate, potentially letting attackers replace the package with whatever they wish. THIS OPTION IS HIGHLY DISCOURAGED AND MAY DAMAGE YOUR SYSTEM, USE AT YOUR OWN RISK. Continue?)

I don't see how that could be considered "actively harmful", "potentially harmful" sure but many tools are, functionality shouldn't be restricted to cater to those careless enough to ignore the warnings. Otherwise, if this change still doesn't meet their standards, maybe these options could be disabled by default, requiring users to manually set an environment variable or flag to allow potentially damaging functions? If making users go out of their way to specify "Yes, I understand this could destroy my installation" isn't enough I doubt anything would be, there's a point where the user has to be held responsible.

/my2cents

@axb993 axb993 closed this as completed Aug 2, 2018
@excalibur1234
Copy link
Owner

excalibur1234 commented Aug 2, 2018
edited
Loading

please feel free to open an issue about any of the "bad stuff" (why pacui got kicked out of the AUR).

however, PLEASE DO NOT argue like "this behavior is strongly discouraged by arch linux / pacman". i already know why beginners are discouraged from using certain functionality!
instead, describe a situation in which a certain part of pacui's code can actually be harmful.
then, i am glad to implement more secure code (or accept your tips or pull request doing the same).

when i first heard criticism, i did my best to describe pacui's behavior and ask for suggestions about improving pacui's code without losing too much functionality.
unfortunately, i have not received any suggestions how the situation can be improved.
instead, that post got used as prove pacui uses partial updates in the next round of criticism.

@excalibur1234 excalibur1234 mentioned this issue Aug 22, 2018
Closed
@freed00m
Copy link

Forum archived, the new link https://archived.forum.manjaro.org/t/pacui-removed-from-aur/54716

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@seafox @excalibur1234 @freed00m @axb993