Skip to content

fix(aur): hash all six pdfapps-bin sources instead of SKIP#53

Merged
nelsonduarte merged 1 commit into
mainfrom
fix/aur-pdfapps-bin-checksums
May 10, 2026
Merged

fix(aur): hash all six pdfapps-bin sources instead of SKIP#53
nelsonduarte merged 1 commit into
mainfrom
fix/aur-pdfapps-bin-checksums

Conversation

@nelsonduarte
Copy link
Copy Markdown
Owner

@nelsonduarte nelsonduarte commented May 10, 2026

Summary

AUR user BluePeril reported that `updpkgsums` had to be run manually every time the pdfapps-bin PKGBUILD updates, because five of the six sources used `sha256sums = SKIP`. The auxiliary sources (LICENSE, .desktop, .metainfo.xml, icon, svg) are pinned to the release tag and therefore immutable, but having real hashes makes `updpkgsums` a no-op and matches AUR conventions for binary packages.

Changes

  • `aur/pdfapps-bin/PKGBUILD`: bump pkgver to 1.13.10 and replace five `SKIP` entries with actual sha256 hashes computed against the v1.13.10 tag.
  • `aur/pdfapps-bin/.SRCINFO`: regenerate to match (pkgver + six sha256sums lines).
  • `.github/workflows/publish.yml`: rewrite the pdfapps-bin step to compute all six hashes on every release and replace the entire sha256sums block (Python in-place edit, both files). Future tags will keep the six-hash pattern automatically.

How the new workflow patches files

Switched from `sed`-based single-hash replacement to a Python heredoc that:

  1. Reads the six hashes from environment variables computed via `curl | sha256sum`.
  2. Rewrites `PKGBUILD`'s entire `sha256sums=(...)` array with a regex.
  3. Walks `.SRCINFO` line by line and replaces the six `sha256sums = ...` lines in source order.

Test plan

  • Wait for CI to pass on this PR
  • Merge, then run `publish.yml` manually with `version=1.13.10` to push the updated PKGBUILD to AUR
  • Verify on https://aur.archlinux.org/packages/pdfapps-bin that all six hashes are present
  • Reply to BluePeril on the AUR comment thread confirming the fix
  • Next release tag should keep the six-hash pattern automatically

🤖 Generated with Claude Code

@nelsonduarte @claude
fix(aur): hash all six pdfapps-bin sources instead of SKIP
68f770f 
Background: AUR user BluePeril reported that `updpkgsums` had to be
run manually every time the pdfapps-bin PKGBUILD updated, because
five of the six sources used `sha256sums = SKIP`. The auxiliary
sources (LICENSE, .desktop, .metainfo.xml, icon, svg) are pinned to
the release tag so technically immutable, but having real hashes
makes `updpkgsums` a no-op and matches AUR conventions for binary
packages.

- Update committed `aur/pdfapps-bin/PKGBUILD` + `.SRCINFO` to v1.13.10
  with sha256 of all six sources computed against the v1.13.10 tag.
- Rewrite the `publish.yml` pdfapps-bin step to compute all six hashes
  on every release and rewrite the entire sha256sums block (Python
  in-place edit, both PKGBUILD and .SRCINFO).

After this PR is merged, the next publish.yml run will push the
v1.13.10 PKGBUILD to AUR with all six hashes, addressing the user's
complaint.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@nelsonduarte nelsonduarte merged commit d852661 into main May 10, 2026
3 checks passed
@nelsonduarte nelsonduarte deleted the fix/aur-pdfapps-bin-checksums branch May 10, 2026 21:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nelsonduarte