Search results for tag #aur
![[?]](https://cdn.transfem.social/files/5814adab-8e22-4cf8-8e9a-f826080a1753.png)
Okay, #lazyfedi: I like NixOS, and my battery life is somehow better than on Arch, but the differences from a standard system are killing me.Also I'm a little worried about Arch, given I extensively used the AUR and it recently got pwned pretty hard. I like the rolling aspect of Arch, though! What distribution should I drop on my Framework 13 (and, soon, 13 Pro) next, friends? Is Arch actually okay again? Is there another distro that I might dig, or am I just hosed?
![[?]](https://f2.tchncs.de/accounts/avatars/109/308/879/564/079/885/original/4aa882f14392cb62.png)
Bei Software aus dem AUR gehen die Meinungen stark auseinander. Die kürzlichen Angriffe auf das Community-verwaltete Verzeichnis geben aber sicher allen zu denken. Ein Überblick und wie ich an Software-Installation herangehe:
![[?]](https://files.mastodon.social/accounts/avatars/110/945/611/773/144/511/original/202839eb5e7a4865.jpg)
Ein lesenswerter Artikel von @lianedubowy zur aktuellen AUR-Situation, der aufzeigt, worauf bei der Nutzung geachtet werden sollte und welche Alternativen es gibt:
![[?]](https://s3.eu-central-2.wasabisys.com/mastodonworld/accounts/avatars/110/773/856/856/176/735/original/730c783685092d83.jpg)
Dan Dungaciu (#AUR (#AlianțaPentruUnireaRomânilor)): #Guvern␁ul #Veștea nu are cum să treacă de #Parlament.
#AUR (#AlianțaPentruUnireaRomânilor) cere alegeri anticipate.
![[?]](https://cdn.social.linux.pizza/system/accounts/avatars/112/191/986/223/560/037/original/65338944c2b3e961.png)
This week's Linux and FOSS news:
LINUX NEWS
After the AUR Malware Flood, Yay v13 Lets You Script Your Own Safety Net:
https://feed.itsfoss.com/link/24361/17363250/yay-v13-release
Canonical's New AI Tool Wants You to Talk to Ubuntu Instead of Type:
https://feed.itsfoss.com/link/24361/17363827/myna-ai-speech-to-text-tool
(I mean, if it's fully local, than it isn't that bad, especially if there's a way to disable the keyboard shortcut, so that users who don't need this feature won't accidentally turn on and share microphone input.)
Ubuntu flavours now need a beta release to ship:
https://www.omgubuntu.co.uk/2026/06/ubuntu-flavours-mandatory-beta-release
Debian-Based SparkyLinux 2026.06 Rolling Brings Linux Kernel 7.1 Support:
https://9to5linux.com/debian-based-sparkylinux-2026-06-rolling-brings-linux-kernel-7-1-support
Tails 7.9 Anonymous OS Rolls Out with Tor Browser and Firmware Updates:
https://linuxiac.com/tails-7-9-anonymous-os-rolls-out-with-tor-browser-and-firmware-updates/
openSUSE’s Agama 22 Installer Brings Usability and Accessibility Improvements:
https://9to5linux.com/opensuses-agama-22-installer-brings-usability-and-accessibility-improvements
Shelly 2.4 GUI Package Manager for Arch Linux Released with New Features:
https://9to5linux.com/shelly-2-4-gui-package-manager-for-arch-linux-released-with-new-features
Valve releases SteamOS 3.8 stable with Steam Machine support:
https://videocardz.com/newz/valve-releases-steamos-3-8-stable-with-steam-machine-support
Slackware-Based PorteuX 2.7 Released with Linux 7.1, KDE Plasma 6.7, and More:
https://9to5linux.com/slackware-based-porteux-2-7-released-with-linux-7-1-kde-plasma-6-7-and-more
Plasma 6 comes to Slackware:
https://blog.slackware.nl/kde-plasma-6_25-12-for-slackware-current/
KDE Plasma 6.7 release brings per-monitor desktops, revives Oxygen:
https://www.omgubuntu.co.uk/2026/06/kde-plasma-6-7-released
Ubuntu Touch OTA 2.0 Promises Support for the Nothing Phone, Beta Out Now:
https://9to5linux.com/ubuntu-touch-ota-2-0-promises-support-for-the-nothing-phone-beta-out-now
Phosh Mobile Settings update:
https://social.phosh.mobi/@phosh/statuses/01KTYGFJYYQMWQAEDNR7QMTXE8
Livi 0.5.0 mobile video player released:
https://social.phosh.mobi/@phosh/statuses/01KTGTF5JQJSMMQPYHEH97K041
(more Linux and FOSS news in comments)
#WeeklyNews #News #Linux #LinuxNews #AUR #Arch #Yay #Ubuntu #SparkyLinux #Tails #TailsOS #openSUSE #Shelly #SteamOS #Slackware #PorteuX #KDE #KDEPlasma #UbuntuTouch #UBports #Phosh #Livi #DesktopLinux #LinuxDesktop #LinuxMobile #MobileLinux #LinuxDistro #DistroRelease #DesktopEnvironment #FosseryTech
![[?]](https://s3.us-east-005.backblazeb2.com/mastohirad/accounts/avatars/113/952/291/208/179/100/original/510030c6e48eba5f.jpg)
If you use Arch Linux or an Arch-based distribution and want to use AUR packages, always remember to read the PKGBUILD before installing or updating any package.
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/303/411/386/181/184/original/06aa90198c3941a8.png)
In the past I had hard times to convince people that the only sane way to use the AUR repository is to manually vet every build script and source. For years people discarded any form of such advice and blindly installed AUR packages left and right. I guess those times are finally over?!
Still I'm somewhat baffled how many, otherwise security aware, people are shocked about the current AUR malware debacle.
What really surprised me is that it took so long for someone or some group to do it.
So I'm asking myself: But what if it hasn't?
What if someone was more cautious, pulled something more sophisticated, only to compromise a "real" package maintainer and had pivoted from there?
One questions how carefully are maintainers using the AUR?!
![[?]](https://mastodon.circlewithadot.net/system/accounts/avatars/115/097/788/009/568/618/original/cbfb8940633be92d.jpeg)
I deal with the AUR as an Arch user like this:
1.) If a project maintains their own repo, I tend to feel ok using the AUR for it.
2.) For a project either not in the AUR or is but not maintained by the project themselves, I use flatpak if its official, or use distrobox to install the version the project maintains/suggests
Never install from the AUR if the project doesn't maintain the repo themselves
Petrișor Peiu: Trompetele #PSD (#PartidulSocialDemocrat) ne reproșează că nu vrem să votăm un nou guvern #PSD (#PartidulSocialDemocrat)-#NicușorDan. Dar de ce nu-i presează oamenii ăștia pe #NicușorDan și pe #PSD (#PartidulSocialDemocrat) să voteze un guvern #AUR (#AlianțaPentruUnireaRomânilor)?
#GeorgeSimion, președintele pentru partidul extremist #AUR (#AlianțaPentruUnireaRomânilor), a fost reales vicepreședinte pentru partidul 🌍#europe␁an ECR.
#Știri #România #UE #UniuneaEuropeană #Extremism
![[?]](https://media.norden.social/accounts/avatars/111/709/852/735/406/958/original/a92cec69046b433e.png)
![[?]](https://nbg1.your-objectstorage.com/tno-mastodon/accounts/avatars/111/434/264/745/920/273/original/52ff85db085a2a1d.jpg)
Russian Spam & Profanities Are Now Plaguing The #ArchLinux #AUR
#NicușorDan evită să mai respingă învestirea #Guvern␁ului cu voturile parlamentarilor #AUR (#AlianțaPentruUnireaRomânilor): Am desemnat un premier să facă o majoritate. E o discuție care îl vizează pe primul ministru.
![[?]](https://s3.eu-central-2.wasabisys.com/mastodonworld/accounts/avatars/109/454/106/935/186/473/original/25d79d022cbecf3d.png)
#NicușorDan nu mai pare a avea o problemă cu faptul că Adrian #Veștea ar putea avea nevoie de voturile #AUR (#AlianțaPentruUnireaRomânilor) pentru a trece de #Parlament: “Eu l-am desemnat ca să facă o majoritate, mai departe o să discutăm” a răspuns președintele după ce a fost întrebat direct dacă admite că #Veștea nu poate trece fără voturile extremiștilor.
🔗 https://biziday.ro/?p=361304
Dungaciu, numărul 2 în #AUR (#AlianțaPentruUnireaRomânilor): Nu votăm guvernul #Veștea. Parlamentarii #AUR (#AlianțaPentruUnireaRomânilor) vor spune „Prezent. Nu votez!”.
![[?]](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAEAAAABAAQAAAACCEkxzAAAAUUlEQVQoz43R0QkAMQwCUDdw/y3dwEvsvzlL4X1IoQkAisKmwfAFT3RgJHbQezpSRoXEqeqCL9BJBf7h3QbOCCxV5EVWMEMwG7K1/WODtlvxAYTtEsDU9F34AAAAAElFTkSuQmCC)
#Linux wird zur Zielscheibe: Was der #AUR-Vorfall wirklich zeigt.
Aktuell wird in der Linux-Welt wieder über einen Vorfall rund um das AUR diskutiert. Das #AUR ist eine #Community-Paketquelle für #Arch #Linux und # Systeme wie #CachyOS, #EndeavourOS oder #Manjaro.
Für mich zeigt dieser Fall nicht, dass Linux plötzlich unsicher ist. Er zeigt eher etwas anderes:
Linux wird beliebter. Und dadurch wird Linux auch interessanter als Ziel.
@FrumpelLabs
Extremistul #Simion, mesaj criptic: #AUR (#AlianțaPentruUnireaRomânilor) are 90 de parlamentari. Ei semnează și votează orice moțiune și suspendare.
#Guvern␁ul #Veștea are nevoie de voturile #AUR (#AlianțaPentruUnireaRomânilor), în orice scenariu bazat pe informațiile actuale.
O demonstrație pe înțelesul președintelui #NicușorDan.
![[?]](https://vit.am/snac/ololduck/s/avatar-766707d3d7101a2681f0a44e4983a895.png){kind=avatar}
Abbaye is a Static Site Generator (#SSG) for your #software releases, for those of us who can't or won't use a full-featured software forge.
Big release!
Some refactoring to make the code easier to maintain, some small bugfixes (mainly introduced by the new features :p).
But the star features of this release are:
- Artifact categories and naming: artifacts are now categorized and named consistently, making it easier to understand what each artifact is for, if you choose to do so. It is done via the new
[[builder]]category,nameandcommentkeys in the configuration file. - Add multi-format support. It's still in the early stages but it's functional and supports HTML or Gemtext (for all my #smolweb folks out there).
- Add support for non-interactive terminals, as in the case of a CI/CD pipeline. You'll still see progress via some log messages and not be stuck on a black screen without any information! (note: this requires the use of
abbaye --verbose)
abbaye self-update to get the latest version.Here's Abbaye's 0.8.0 page, as built with Abbaye itself: https://vit.am/~ololduck/abbaye/0.8.0/
#Rust #SmallWeb #Rustlang #StaticSiteGenerator
Alt...
view of abbaye's revamped sidebar where you can see that downloadable items now have names, categories and descriptions
#Guvern␁ul #Veștea – #PSD (#PartidulSocialDemocrat) – #NicușorDan, așteptat să depună lista de miniștri.
Negocieri cu parlamentari din partidele extremiste #AUR (#AlianțaPentruUnireaRomânilor), POT și SOS.
#Știri #România #București #Extremism
Peiu dă „asigurări” că #AUR (#AlianțaPentruUnireaRomânilor) nu votează #Guvern␁ul #Veștea: Nu putem vota un guvern care este expresia lui #NicușorDan.
#Veștea a anunțat că mizează pe voturile #AUR (#AlianțaPentruUnireaRomânilor).
Mohammad Murad (#AUR (#AlianțaPentruUnireaRomânilor)): Voi vota guvernul #Veștea dacă prezintă un program pentru cetățeni.
Adrian #Veștea, #PrimMinistrul lui #NicușorDan, anunță că nu își depune mandatul și așteaptă voturile extremiștilor din #AUR (#AlianțaPentruUnireaRomânilor): ”Nu am nici un fel de rezervă. Nu mă deranjează deloc că vor fi și parlamentari #AUR (#AlianțaPentruUnireaRomânilor) care mă vor vota din patriotism”.
Abbaye is a Static Site Generator (#SSG) for your #software releases, for those of us who can't or won't use a full-featured software forge.
This release simply fixes some minor issues and introduces #git branch/tag inclusion/exclusion when building the browsable repository as well as the https-cloneable one.
I had some work-in-progress branches on another project and wanted to publish a release for a small fix, and i saw that my work branches were still there, so… there you have it.
This release also includes an #AUR package but shhhhh! it's not 100% ready yet :D
Anyway, enjoy this release with abbaye self-update!
Here's Abbaye's 0.7.1 page, as built with Abbaye itself: https://vit.am/~ololduck/abbaye/0.7.1/
For the next release, i plan to add artifact categories so we can present artifacts in a more structured way. If you look at the "downloads" section, you'll see it's starting to be a bit crowded and unclear what does what.
![[?]](https://mastodon.derg.nz/system/accounts/avatars/109/259/098/898/567/697/original/0e750feca4895c2c.png)
It's easy to dunk on Arch's #AUR issues while ignoring what's going on.
- It involves some accounts that have been around for years, this is a sophisticated and well-planned attack.
- As much as AUR is very central to Arch, every big distro has its own 'alternative' package platform, like Fedora's Copr and Ubuntu's PPAs.
- Despite early discovery and coordinated efforts, it is still ongoing.
I think the rest of the ecosystem should take this as a warning.
Linux is not just magically secure.
![[?]](https://social.anoxinon.de/system/accounts/avatars/110/961/717/175/355/540/original/aaa8e449590df717.png)
Arch Linux: AUR für Neuregistrierungen gesperrt
https://linuxnews.de/arch-linux-aur-registrierungen-gesperrt/ #archlinux #aur #linux #linuxnews
![[?]](https://cdn.fosstodon.org/accounts/avatars/000/306/948/original/83798cf674e2e1d3.png)
![[?]](https://assets.chaos.social/accounts/avatars/000/202/039/original/64e6f1a86076e442.jpg)
General reminder among the entire #AUR thing.
If you depend on AUR packages, make sure they are maintained. Maintain them yourself if you need to, either as a local clone or in the AUR.
If you find yourself maintaining AUR packages and depending on a *lot* of things from the AUR (10+ packages). Ask yourself "huh, maybe I should become a package maintainer in the official repositories?".