[ateles]

> Luckily for most packages this is reasonably doable, IFF you trust the upstream sources they fetch from.

Don't forgot to also check the applied patch files. Many AUR builds include custom patches to make something work, making this a convenient way add something malicious into the build. An extreme example for patches is ventoy's 1355 line long PKGFILE [0] sourcing lots of patches both from external domains as well from the git server on aur.archlinux.org itself.

[0]: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=vento...

[dathinab]

For completeness another trick to deceive people can be to have (git/http) sources from places other then just the official repo, like in the example you linked. When changed they will just show up as a a "hash" change... which is fine for the original upstream source (if trusted) but not for anything else.

But in general I would think 4 times about installing any AUR package no longer reasonable reviewable in the parts not either in official packages or the upstream source (including patches, dependencies, etc.).

Sometimes throwing something into an untrusted OCI image you run in a VM (instead of lightweight containers) is just the better option... sadly, also often still painful to setup.