[Dev] Nonfree AUR Packages
Kuba Kukielka
kzer-za at cryptolab.net
Mon Jun 29 15:48:52 GMT 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 29/06/15 08:15, Kuba Kukielka wrote:
>
>
> On 28/06/15 23:02, fauno wrote:
>> Kuba Kukielka <kzer-za at cryptolab.net> writes:
>
>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
>>>
>>> Hello!
>>>
>>> Using a program named `aurlist`, some sed commands and a php
>>> script, I compiled a list of every single package in AUR 3.
>>>
>>> - - https://d.maxfile.ro/cknuewoqlk.out
>>>
>>> With this, I wrote a php script that downloaded every single
>>> PKGBUILD in the AUR repo. And then used yet another php script
>>> to sort them into folders based of the license tag in the
>>> PKGBUILD. I compiled a list of nonfree packages my script found
>>> (there are probably more). My script is not 100% accurate so I
>>> need to go through it manually.
>>>
>>> My list is on a etherpad.
>>>
>>> - - https://pad.riseup.net/p/nonfree_aur
>>>
>>> I've not finished it yet so any contribution is welcome.
>>>
>>> (Note that this does not include AUR 4)
>>>
>>> Here are some status of the current folders.
>>>
>>> - - free = 48,216 packages - - nonfree = 297 packages - -
>>> custom = 5,265 packages - - other = 3,646 packages
>
>> very cool! but please take into account that because the
>> pkgbuild's license says it's free, it doesn't necessarily means
>> the source code is.
>
>> i've found several packages where the maintainer just left the
>> default value, or didn't even check, so i'm guessing many of the
>> 48k free packages are really mislabeled.
>
>> still, great work!
>
>
> Thanks!
>
> I'm going to finish checking the list today, it's tedious but it
> has to be done.
>
> I know that a lot of the free packages are nonfree but it is
> really difficult/time-wasting to co through them all.
>
> The only may I can think of doing this semi-automatically is by
> making a script that finds the source, downloads it and then tries
> to find the LICENSE/COPYING file. If successful, it will print out
> the license, the license would be analysed by me and then the file
> would get moved to a free/nonfree folder. If my script did not find
> a LICENSE, it would move it into a no_license folder.
>
> I might take a look in the other folder and add some of the more
> less popular licenses.
>
> I also came across a problem, my script moved the file to nonfree
> if the PKGBUILD had "none" in it, meaning no license. This package
> called `cava` was labelled "no license" but after looking at the
> source, it wan the MIT license.
>
> But that's what you have to deal with if you are working with
> user-generated content.
>
I finished looking over the list, may someone look over my pad and add
the packages with the plus (+) next to them to the blacklist please?
- - https://pad.riseup.net/p/nonfree_aur
I would also like someone to look over the packages with a (?) or (-)
to see if they are free or not.
I might also consider doing AUR 4 too.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJVkWjbAAoJEI2NIwdfk/klw40P/ilNLNB+yyXcJ/4P121l21YA
2oIddKLVIo3wmcBN1d+7KUgJ+9z1WDwefy/iCQOaOf7ELKR4Tvrdr7AU/GpDIZUy
Tao+33P/h9yLE3OegEldOHKTIdP0YawH/vbU6ZLDjROyS0iGWDzb2NUsxrPEvh0g
3+u/iubCRJTXmNP4cagd6CueMZ+E007wBimNjf2semID0rduJTMNZv7Wx8KyBpjn
3CqxVnyXrsQwBHVDFZmQzBSchyJBk9OhWM1ExHX1wOxG9mHFLWZY7McAkVu++meQ
VCvkV6oizCtNJUTW2jHitGEC9iqvq+hRrkW5rPGQAQ/418guTsaqYz5SNOg/k9Vi
1hLMysPGlO4HQP6hLX9ZOar1U4eCKWC7DY0rK6h2YLKfIRmItoAswiFuRTMqGcOD
wN2JWEYMhaC+BvNzZwPu1ocistofUN8XHv78I7hBlBf4yYd5HOt4klJ7WmNqdCJm
xvIxSb7PDh9JPKYOLxZM2Jtn/jUjFx+V3735A5Mjmr2UWp74tverZQ8+3+/zGqvd
Cscy9x2lNR5lDWWRzCLo0bAT/C0iRcrS3ReBkJKwZHFlzOZuNP+OvWgYiDUKiOX1
onJUmGr/mBiNFy20+IDfmCUVrBq5MI9RIhmwxK0bqEhYM5onWoh/EXFW3Yq6fTbg
FeO/+mXatu66WDq868uD
=asoT
-----END PGP SIGNATURE-----
More information about the Dev
mailing list