Package Todo Lists

Todo lists are used by the developers when a rebuild of a set of packages is needed. This is common when a library has a version bump, during a toolchain rebuild, or a general cleanup of packages in the repositories. The progress can be tracked here, and completed todo lists can be browsed as well.

Name Creation Date Creator Description Package Count Incomplete Count Status
jsoncpp 1.9.2 2020-03-28 Levente Polyak packages go to [staging] 10 8 Incomplete
`go get` usage inside PKGBUILDs 2020-03-28 Morten Linderud Packages using "go get" or other unreproducible ways to fetch dependencies when go modules are available and/or vendor folders. Please contact Foxboron if you have questions or if upstream is weird and you are unsure how to package this properly. I'll fix it for you. 6 6 Incomplete
gst-plugins-good split 2020-03-27 Jan Alexander Steffens Two plugins were split out from gst-plugins-good: gst-plugin-gtk gst-plugin-qmlgl Please check whether your packages need either and fix their deps. 61 35 Incomplete
go 1.14 rebuild 2020-02-26 Morten Linderud Rebuild for the go 1.14 release https://golang.org/doc/go1.14 Rebuilt packages goes straight to the community/extra repositories. 116 2 Incomplete
Perl transient openssl dependencies 2020-02-08 Santiago Torres These packages may implicitly depend on perl via the base package->pacman->openssl->perl, and *may* depend on perl (due to mentioning the regular expression "perl" in a script). Verify if your package depends on perl and add it as a depend because openssl will stop depending on it; if it is a false positive, simply mark this TODO as complete. Read more on: https://bugs.archlinux.org/task/54887 235 113 Incomplete
alpm-hooks should use Type = Path, not File 2020-01-19 Eli Schwartz pacman 5.2 deprecated hooks which use the "File" type; see https://git.archlinux.org/pacman.git/commit/?id=39c20ad4f1d5f6e915b5be8976b6a94885ca3b0c for details. We should use the renamed type, which is "Path". This change is a simple find/replace and has no side effects. 29 6 Incomplete
Remove usage of makepkg subroutines from PKGBUILDs 2020-01-17 David Runge The use of makepkg subroutines has been discussed in an old ticket [1]. In 2017 a warning about this was added to namcap and recently the wiki has been been updated to reflect this [2]. A list of packages (with false positives) can be found here [3]. Time for a cleanup! As a sidenote: If you find, that you are shadowing a test run in check() (e.g. `test || warning "Test is broken"`) please consider *why* you are doing this and whether only a subset of the tests can be run instead (e.g. because parts of the tests are integration tests anyways, that can not be run in makechrootpkg). [1] https://bugs.archlinux.org/task/43502 [2] https://wiki.archlinux.org/index.php/Arch_package_guidelines#Package_etiquette [3] https://pkgbuild.vdwaa.nl/?q=(msg%20%7Cmsg2%20%7Cwarning%20%7Cerror%20%7Cplain%20)&i=nope&files=.*%2Ftrunk%2FPKGBUILD&repos= 229 187 Incomplete
Conversion of programs that use Python 2 to Python 3 2019-12-23 Chih-Hsuan Yen Python 2.7 branch is going to be EOL'ed on 2020-01-01 [1]. A previous Todo [2] suggests to remove unused Python 2 libraries. In this Todo, I suggest to investigate programs that still use Python 2, either as runtime dependency or build/check dependencies, and see if it's possible to use Python 3 instead. Notes for some packages are available at https://wiki.archlinux.org/index.php/User:Yan12125/python3-conversion. Whenever you have changed a package to use Python 3, feel free to either move the corresponding row to the Done section or simply remove the row. Also, feel free to update notes if there are something new (e.g., a new Python 3-compatible version released, patches merged, new patches proposed, ...). Package can go directly into the repo; [staging] is not necessary. [1] https://devguide.python.org/ [2] https://www.archlinux.org/todo/die-python2-die/ 202 107 Incomplete
gnome-keyring dependency replacement with org.freedesktop.secrets 2019-12-01 Bruno Pagani Following keepassxc 2.5.0 release, we now have two implementations of org.freedesktop.secrets. We decided in https://bugs.archlinux.org/task/64283 to have both packages provide this virtual name, and now every package depending on this keyring should be switched to this dep. I’ve listed all packages currently depending on gnome-keyring, it might happen that some packages are depending on it for reasons other than org.freedesktop.secrets service, if so just let me know and mark them as done. Package can go directly into the repo, [staging] is not necessary. 16 1 Incomplete
Fix unquoted variables which break building the package in certain scenarios 2019-09-20 Robin Broda These packages have unquoted variables to paths which can contain spaces, this will lead to word-splitting during variable expansion and break the building of these packages. This is a packaging bug, fixes do not require a rebuild and can simply go to trunk. 549 281 Incomplete
Replace legacy python2-sphinx usage with python-sphinx 2019-04-11 Daniel M. Capella Sphinx >=2.0.0 only supports Python 3. Note, there is no need to rip it out: python2-sphinx usage can mostly be replaced with python-sphinx usage which will produce the very same docs even for python2 libraries. 54 7 Incomplete
Phasing out gconf and libglade 2019-03-27 Balló György GConf was used in GNOME 2 as the settings storage daemon. It's deprecated since 2010 in favor of GSettings, and does not receive any fixes since 2013. Libglade is deprecated in favor of GtkBuilder since 2009, and does not receive any fixes since then. After a half year of the proposals[1][2], we try to get rid from these packages. This list contains all applications that depend on these libraries. If the package can be built without these libraries, do so. Otherwise, contact with upstream for a solution, or remove the package. Updated packages can go straight to extra/community. [1] https://lists.archlinux.org/pipermail/arch-dev-public/2018-September/029373.html [2] https://lists.archlinux.org/pipermail/arch-dev-public/2018-September/029378.html 29 3 Incomplete
Die python2, die! 2019-02-16 Allan McRae Python 2 reaches End of Life on 2020-01-01. We currently have >950 python2 modules in the repos. A lot of these are not used by any other package in the repositories. These can be removed. Note the packages in this list have not taken makedepends/checkdepends requirements into account. Check the package page to look for these before removing. 427 38 Incomplete
Remove js185 from the repos 2017-07-10 Jelle van der Waa js185 is the legacy version of the JavaScript interpreter, it has numerous security issues therefore packages should update to js or js38 where possible. 4 1 Incomplete
libmypaint 1.5.1 2020-03-23 Levente Polyak please rebuild into [staging] 3 0 Complete
dav1d 0.6.0 soname bump 2020-03-22 Levente Polyak please put packages into staging 5 0 Complete
Phasing out PyGTK 2020-03-14 Balló György PyGTK was used to create GTK2 applications in python2. It's deprecated and unmaintained since 2011 in favor of PyGObject, and does not receive any fixes since then. We try to get rid from this package. This list contains all applications that depend on PyGTK. What should be done: - If PyGObject port is available and usable, then try to update. - Otherwise, if the PyGTK usage can be disabled, build without it. (gimp, nmap) - Otherwise, if the package has inactive upstream, then remove it. More details: https://lists.archlinux.org/pipermail/arch-dev-public/2020-March/029896.html 10 0 Complete
krb5 1.18 soname bump 2020-02-20 Levente Polyak please put rebuilds into staging 3 0 Complete
libgit2 0.99 rebuild 2020-02-19 Lukas Fleischer Please rebuild the packages and put them in [staging]/[community-staging]. 13 0 Complete
Electron 8 2020-02-08 Nicola Squartini Check your packages and push to [community-staging]. 7 0 Complete
procps-ng 3.3.16 rebuild 2020-02-05 Bartłomiej Piotrowski Packages go to [staging]. 6 0 Complete
x264 159 rebuild 2020-01-04 Maxime Gauduin The usual x264 rebuild, but without the circular dep hassle now. 13 0 Complete
opencv 4.2 rebuild 2019-12-21 Antonio Rojas Packages go to [staging] 12 0 Complete
protobuf 3.11 rebuild 2019-12-06 Lukas Fleischer Please rebuild affected packages and move them to [staging]/[community-staging]. 44 0 Complete
PHP 7.4 Rebuild 2019-11-29 Pierre Schmitz Module rebuild due to PHP 7.4 update 13 0 Complete
cuda 10.2 rebuild 2019-11-26 Sven-Hendrik Haase Rebuilds go into [testing]. 7 0 Complete
libtorrent-rasterbar 1.2 rebuild 2019-11-15 Felix Yan libtorrent-rasterbar.so.9 => libtorrent-rasterbar.so.10 3 0 Complete
libdvdread 6.0.2 rebuild 2019-11-07 Antonio Rojas Packages go to [staging] 16 0 Complete
imagemagick 7.0.9 rebuild 2019-10-31 Antonio Rojas Packages go to [staging] 12 0 Complete
Electron 7 2019-10-25 Nicola Squartini Check your packages and push to [community-staging]. 6 0 Complete
x265 3.2 2019-10-13 Maxime Gauduin New x265, new rebuild, will handle everything as usual. 8 0 Complete
base group removal 2019-10-06 Robin Broda The base group has been replaced by a base metapackage. Packages currently in the base group should drop the group. This does not require a rebuild, as it doesn't cause any issues. 50 0 Complete
golang 1.13.1 security rebuild 2019-10-04 Eli Schwartz Go 1.13.1 has been released and in order to take advantage of the updated runtime, all packages that makedepend on go or go-pie must be rebuilt. This is due to the statically built nature of the language. This release of Go in particular contains one change from 1.13, fixing CVE-2019-16276. The rebuild list reflects all packages utilizing the `net/http` or `net/textproto` library (and therefore importing the vulnerable code) which must be rebuilt for security purposes. For more details see: https://github.com/golang/go/compare/go1.13...go1.13.1 https://github.com/golang/go/commit/5a6ab1ec3e678640befebeb3318b746a64ad986c https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16276 68 0 Complete
LLVM 9 2019-10-04 Evangelos Foutras libLLVM-8.so -> libLLVM-9.so libclang*.so.8 -> libclang*.so.9 liblld*.so.8 -> liblld*.so.9 I'll add an llvm8 package if needed. 38 0 Complete
protobuf 3.10 rebuild 2019-10-03 Lukas Fleischer Please rebuild affected packages and move them to [staging]/[community-staging]. 36 0 Complete
jedi 0.15 update 2019-09-20 Sven-Hendrik Haase jedi has tons of breaking changes every update. Probably things are broken now in [testing]. Please test your packages and approve them if they are happy against jedi 0.15. 6 0 Complete
boost 1.71 remaining rebuilds 2019-09-20 Levente Polyak Please check https://rebuilds.foutrelis.com/?all for current build logs and put fixed versions into [staging]. I assume mapnik will need a side-installable legacy boost 1.69 2 0 Complete
jsoncpp 1.9.1 soname bump (plus add soname depends on libjsoncpp.so) 2019-09-13 Levente Polyak Please rebuild into [staging] Please also add a depends on libjsoncpp.so to avoid breakage upgrades 9 0 Complete
GNOME 3.34 bumps 2019-09-13 Jan Alexander Steffens GNOME 3.34 is in [staging] and bumped a few libraries: libgnome-desktop-3.so.18 libebook-1.2.so.20 libebook-contacts-1.2.so.3 libecal-2.0.so.1 libedata-book-1.2.so.26 libedata-cal-2.0.so.1 35 0 Complete
libcli 1.10.0 soname bump 2019-09-12 Levente Polyak Please rebuild the following packages against [staging] Please also add libcli.so as a soname dependency :) 1 0 Complete
glslang 7.12.3352-1 ABI rebuild 2019-09-11 Levente Polyak Looks like there was an ABI breakage in glslang 7.12.3352-1 with no soname handling on their side. Please rebuild the following packages Related to: https://bugs.archlinux.org/task/63720 3 0 Complete
Packaging qtwebengine dictionaries 2019-09-08 Eli Schwartz As discussed in https://lists.archlinux.org/pipermail/arch-dev-public/2019-August/029648.html and https://lists.archlinux.org/pipermail/arch-dev-public/2019-September/029666.html, we would like to begin packaging qtwebengine dictionaries matching each hunspell dictionary in the repos. Each of the packages in this list provides one or more .dic files. In order to build qtwebengine dictionaries: - add a makedepends on qt5-webengine - run `qwebengine_convert_dict foo.dic foo.bdic` for each .dic in the source tree - package each .bdic file in /usr/share/qt/qtwebengine_dictionaries/ - for each .dic symlink installed (if any), install the corresponding .bdic symlink 34 0 Complete
MathJax 3 2019-09-04 Antonio Rojas In the unlikely case that your application supports mathjax 3 already, just mark it as done. Otherwise, change the dependency to mathjax2 and adjust the mathjax path to /usr/share/mathjax2 in the PKGBUILD Packages go to [staging] 6 0 Complete
fmt 6.0.0 rebuild 2019-08-26 Maxime Gauduin Upstream fmt just pushed a new version, time to rebuild! libfmt.so.5 -> libfmt.so.6 6 0 Complete
Rebuild for KDE Applications 19.08 2019-08-20 Felix Yan There are incompatible changes in cantor, libkgapi and kcontacts. Please fix and rebuild the packages into testing repos. 9 0 Complete
golang 1.12.8 security rebuild 2019-08-15 Morten Linderud Go has fixed 3 CVEs in relation to the recent HTTP/2 DoS attacks. The list reflects all packages utilizing the `net/http` library and needs to be rebuilt with the current go release. Relevant commits: https://github.com/golang/go/commit/7139b45d1410ded14e1e131151fd8dfc435ede6c https://github.com/golang/go/commit/3226f2d492963d361af9dfc6714ef141ba606713 88 0 Complete
Use HTTPS instead of HTTP in URLs 2019-08-05 Filipe Laíns The packages listed contain URLs using HTTP when HTTPS is available. Please update them to use HTTPS. It is possible that some of the flagged URLs are false positives, please check them before making any changes! There's no need to release a new revision of the package, simply commit the changes to trunk. You can find a list of the target URLs here[1]. It contains the maintainer(s) as well as the faulty URLs for each package, so please check it to make sure you got everything. Thank you! [1] https://pkgbuild.com/~ffy00/http-check/all-http-checked-maintainer.txt 456 0 Complete
Electron 6 2019-08-01 Nicola Squartini This should be an easy transition. Check your packages and push to [community-staging]. 6 0 Complete
libnm-glib removal 2019-07-29 Jan Alexander Steffens NetworkManager 1.20 is going to be released soon-ish (RC in [testing]) and will drop the deprecated libnm-glib library. Sogrep does not report any links, but we have some dependencies remaining. Please determine which actions we need to take. 4 0 Complete
Remove python2-pandas dependency 2019-07-29 Andrzej Giniewicz Starting with Pandas 0.25, Python 2 is no longer supported. To keep repository clean, please remove python2-pandas from any dependencies (hard, optional, check, make). 4 0 Complete