Rendered at 06:18:33 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
d3Xt3r 22 hours ago [-]
Yeah, I've been trying to get away from the AUR too. Besides switching to alternatives from the main repo like you, I've also been using AppImage, Flatpak, brew and cargo. I think the only main AUR package remaining for me (not counting dependencies) is chawan-git.
As for keeping updated on the situation, I've been following the news in the Arch Linux discord and the Github page which had the AUR malware scanning script.
lordkrandel 13 hours ago [-]
Thank you very much!
I've found alternatives or removed about 30 packages.
The only AppImage I have is Librewolf, no Flatpaks.
cui 24 hours ago [-]
What's wrong with Dropbox?
lordkrandel 23 hours ago [-]
It's installed from AUR, which has been compromised.
Might be fun to do if you are unemployed, but since you've mentioned a job it's better to just read the install script for the high level overview then install it manually.
The general idea is to find a small set of programs, in a more supported set that serves your usecase. So you learn more about a smaller number of programs. Downside is that you are now able to rewrite your entire system in a single language.
lordkrandel 13 hours ago [-]
I've succesfully uninstalled yay and removed all the packages, and am still employed.
Most were zombies and stuff that could be replaced. Rest is from Arch main repos.
As for keeping updated on the situation, I've been following the news in the Arch Linux discord and the Github page which had the AUR malware scanning script.
https://www.phoronix.com/news/Arch-Linux-AUR-400-Compromised
https://wiki.archlinux.org/title/Dropbox
The general idea is to find a small set of programs, in a more supported set that serves your usecase. So you learn more about a smaller number of programs. Downside is that you are now able to rewrite your entire system in a single language.