It's an implementation detail, you're saying it like they're completely free form. Not really, they have a very specific structure that every package adheres to.
Parsing them currently requires evaluating them as shell scripts. Should be obvious how bad of an idea it is, especially in the context of the AUR (which is why it requires you to push a dumbed down metadata file called SRCINFO along with PKGBUILD — which is then used to show package info in the web UI you're probably familiar with).
Being able to safely parse PKGBUILDs without running them would certainly be an improvement.
Nah, you can keep both. Arch and Alpine are the only two distributions where I bother to build proper packages for everything because their package managers make it so easy to do the right thing.
It might be the 20th package manager in existence, which would be a problem, if Debian maintainers did not release a 20th way to build .debs just a year or two ago, mostly (but not really) deprecating the previous 19 ways. No thanks.
It's already reality in my country, where you cannot access online banking for any banks except via their mobile applications, which (of course) refuse to work on anything rooted or running non-stock firmware.
Have you tried both? mpv is able to play high resolution HEVC videos backwards at real time by holding the "previous frame" key. VLC can't reliably jump backwards even at second intervals, forget about reverse playback.
Inter is the only libre typeface that has good coverage, and produces readable small text on terrible 80 DPI displays. I've tested probably hundreds of them.
It blocks many more countries than just the UK because it's the lowest effort way of fighting "AI" scrapers.
imgur was created as a sort of protest against how terrible most image hosting platforms were back then, went down the drain several years later, and it's now just like they were.
It turns out that running free common internet infrastructure at scale is both hard and expensive, unfortunately. What we really need is a non-profit to run something like imgur.
Because it's an LLM spambot, it "saw" a couple of keywords and wrote a comment that's vaguely relevant to the article at hand. Do help with kicking it out by flagging its comments.
Ugh, thought at first you might be just being mean but a quick look at its other comments 100% confirms. I don’t understand — what’s even the point of such comment slop. I mean on Reddit it’s for karma and selling accounts or whatever. But here on HN?
Which is covered by GP's second suggestion. I add short random password-like strings to these aliases to thwart spammers who might be trying obvious aliases, turning e.g paypal@example.com into paypal.nsi873g@example.com
On Gmail foo+bar@gmail.com is an “alias” for foo@gmail.com. So if you give someone foo+randomstring@gmail.com hoping that will help you map random string to that particular sender, you’re fucked - because anyone who sees foo+randomstring@gmail.com knows it’s an alias for foo@gmail.com, they can just email that directly and bypass your cleverness.
If you’re using a sane alias provider like you described, then it’s likely not an issue.
Parsing them currently requires evaluating them as shell scripts. Should be obvious how bad of an idea it is, especially in the context of the AUR (which is why it requires you to push a dumbed down metadata file called SRCINFO along with PKGBUILD — which is then used to show package info in the web UI you're probably familiar with).
Being able to safely parse PKGBUILDs without running them would certainly be an improvement.
reply