|
|
|
|
|
|
by bachmeier
4 days ago
|
|
|
I think the issue with AUR is that you get your foot in the door with packages like spotify[1]. It does its magic to allow you to install a .deb package on your distro. I don't know how else to install the Spotify desktop app without AUR. But once you're willing to do that, why not go a little further and trust other packages? Now, someone could argue that the Spotify app isn't important, but there's a reason it has 268 votes. A better solution would be having packages like spotify in their own repo, and a separate, you-better-verify repo for the rest. [1] https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=spoti... |
|
|
> Now, someone could argue that the Spotify app isn't important, but there's a reason it has 268 votes. A better solution would be having packages like spotify in their own repo, and a separate, you-better-verify repo for the rest.
I mean yeah, but everything is trade off of volunteer + user attention. There is no trusted userâ„¢ who uses spotify, so it's not in official packages. So you as user need to maintain it yourself or rely on AUR and verify.