Skip to content

Releases: staticwire/aurtomator

v0.1.1

18 Apr 09:55
@noctuum noctuum
v0.1.1
7f91903
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.1.1 Latest
Latest

Bug-fix release focused on reliability of the AUR push path. No schema or API changes — forks can pull without action.

What's fixed

Concurrent-push ref divergence. When the scheduled cron and a manual workflow_dispatch started within ~1 second of each other, both clones computed the same new version and both pushes succeeded from git's perspective, but AUR's git-daemon ended up with HEAD and refs/heads/master pointing at two different commits. Every subsequent clone landed in detached HEAD and update-pkg.sh died with fatal: You are not currently on a branch.

Two-layer fix:

  1. Prevention — the workflow now has a concurrency: group: check-updates block with cancel-in-progress: false, so scheduled and manual triggers queue instead of racing. The running pipeline finishes its push; the next run waits its turn.
  2. Self-healupdate-pkg.sh checks git symbolic-ref -q HEAD after every clone. If the working copy comes back detached (for any reason, including future causes we haven't hit yet), it re-anchors on origin/master before touching the PKGBUILD, so the final push is always a clean fast-forward.

What's new

Detailed packages/example.yml.sample. The previous sample only showed github-release. It now documents every strategy inline — required vs optional upstream.* fields, all four github-nightly patterns, and the auto-managed fields (current, last_updated) that users should not edit by hand. The file stays copy-paste ready: the only uncommented config at the top is still the minimal github-release example.

Under the hood

  • .simplecov added so bashcov emits Cobertura XML for Codecov.
  • Two new BATS tests cover the detached-HEAD path (happy path + missing origin/master edge case). Suite is now 214 tests, all green.

Upgrading

Nothing required. git pull and you're done.

Assets 2
Loading

v0.1.0

30 Mar 18:43
@noctuum noctuum
v0.1.0
4035919
This commit was signed with the committer’s verified signature.
noctuum
GPG key ID: B9A03103DE71BFD7
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.1.0

Automated AUR package updates from a single GitHub repo. Fork it, drop in your packages, let CI handle the rest.

What it does

  • Detects new upstream versions via 13 built-in strategies (GitHub, GitLab, Gitea, PyPI, npm, crates.io, and more)
  • Clones your existing AUR package, bumps pkgver, regenerates checksums and .SRCINFO
  • Pushes to AUR with optional GPG signing
  • Creates GitHub Issues on failure
  • Runs hourly via GitHub Actions

Safety features

  • PKGBUILD audit blocks split packages, pkgver() with incompatible strategies, and mixed SKIP/real checksums for remote sources
  • Source URL validation detects HTML error pages via Content-Type check before downloading
  • namcap lint catches PKGBUILD errors before push
  • Checksum verification via makepkg --verifysource after updpkgsums
  • SSH retry with 3 attempts and connection multiplexing for AUR reliability

Supported package types

  • Binary packages (-bin) with stable download URL patterns
  • VCS packages (-git) via git-latest strategy
  • Nightly/prerelease builds (4 patterns) via github-nightly
  • Arch-specific sources (source_x86_64, source_aarch64)
  • Non-standard tag formats via tag_version_regex

Limitations

aurtomator only updates pkgver, checksums, and .SRCINFO. It does not build packages or check dependencies. See docs/SUPPORTED-PACKAGES.md for the full breakdown.

Getting started

See README for quick start and docs/SETUP.md for detailed configuration.

Loading