Automate AUR release

[nanos]

Thank you @Sir-Photch for making an AUR package of FediFetcher.

Unfortunately this package is always lagging behind the official FediFetcher release. How can we automate pushing the release for this?

Any advice / help would be much appreciated!

Thanks!

[Sir-Photch]

You can either ping me or submit patches to https://github.com/Sir-Photch/PKGBUILDS/tree/main/fedi-fetcher.

For example, the patch to update from 7.1.7 to 7.1.12 is just:

diff --git a/fedi-fetcher/.SRCINFO b/fedi-fetcher/.SRCINFO
index d503b59..5a11c2a 100644
--- a/fedi-fetcher/.SRCINFO
+++ b/fedi-fetcher/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = fedi-fetcher
 	pkgdesc = FediFetcher is a tool for Mastodon that automatically fetches missing replies and posts from other fediverse instances, and adds them to your own Mastodon instance
-	pkgver = 7.1.7
-	pkgrel = 2
+	pkgver = 7.1.12
+	pkgrel = 1
 	url = https://github.com/nanos/FediFetcher
 	arch = any
 	license = MIT
@@ -21,13 +21,13 @@ pkgbase = fedi-fetcher
 	depends = python-urllib3
 	depends = python-xxhash
 	backup = etc/fedi-fetcher/config.json
-	source = fedi-fetcher-7.1.7.tar.gz::https://github.com/nanos/FediFetcher/archive/v7.1.7.tar.gz
+	source = fedi-fetcher-7.1.12.tar.gz::https://github.com/nanos/FediFetcher/archive/v7.1.12.tar.gz
 	source = fedi-fetcher.service
 	source = fedi-fetcher.timer
 	source = sysusers-fedi-fetcher.conf
 	source = tmpfiles-fedi-fetcher.conf
 	source = example-config.json
-	sha256sums = c1fbedbf8262920b38956fe5ae118f9f37ad48e4e6590d437bac6670e4094a35
+	sha256sums = 1de621195240825a017ccdfa5721f41c3ddd55d1788088aa7e50dbbe0addab19
 	sha256sums = cac866add6470ea7781366fdaf1f1e57cdbc0d7965e2b8e36c42a2dd88a1acd7
 	sha256sums = 4f3d8a37de2a11a794afd6e1d10df9abfe8cb8a42297fa8451e3e86228523265
 	sha256sums = eca9986a6e86b3208c2f786125f8a513037cd5a59dab2670e9439d57a2f7f595
diff --git a/fedi-fetcher/PKGBUILD b/fedi-fetcher/PKGBUILD
index aa2b874..ba47c97 100644
--- a/fedi-fetcher/PKGBUILD
+++ b/fedi-fetcher/PKGBUILD
@@ -1,8 +1,8 @@
-# Maintainer: Sir-Photch < sir-photch at posteo dot me >
+# Maintainer: Sir-Photch < aur at liebender dot dev >
 
 pkgname=fedi-fetcher
-pkgver=7.1.7
-pkgrel=2
+pkgver=7.1.12
+pkgrel=1
 pkgdesc="FediFetcher is a tool for Mastodon that automatically fetches missing replies and posts from other fediverse instances, and adds them to your own Mastodon instance"
 arch=(any)
 url="https://github.com/nanos/FediFetcher"
@@ -32,7 +32,7 @@ source=("$pkgname-$pkgver.tar.gz::$url/archive/v$pkgver.tar.gz"
 	sysusers-fedi-fetcher.conf
 	tmpfiles-fedi-fetcher.conf
 	example-config.json)
-sha256sums=('c1fbedbf8262920b38956fe5ae118f9f37ad48e4e6590d437bac6670e4094a35'
+sha256sums=('1de621195240825a017ccdfa5721f41c3ddd55d1788088aa7e50dbbe0addab19'
             'cac866add6470ea7781366fdaf1f1e57cdbc0d7965e2b8e36c42a2dd88a1acd7'
             '4f3d8a37de2a11a794afd6e1d10df9abfe8cb8a42297fa8451e3e86228523265'
             'eca9986a6e86b3208c2f786125f8a513037cd5a59dab2670e9439d57a2f7f595'

where at the top, .SRCINFO is generated from the bottom PKGBUILD where I, for example upgrading from 7.1.7 to 7.1.12, just change the pkgver variable and generate checksums via updpkgsums.

Depending on whether or not dependencies change, the depends array also needs changing. For example python-xxhash was a recent addition (that wasn't mentioned in the release notes, though. Please, include dependency changes in the release notes, something like: "Packaging: new dependency on ...")

Other than that, if a delay of 18 hours means 'lagging behind terribly', there is an option for you to become co-maintainer of the AUR repository, such that you can push updates yourself. For this, you might need to use arch however, since I don't know whether the tools for packaging arch packages are also available elsewhere.

[nanos]

Other than that, if a delay of 18 hours means 'lagging behind terribly',

Firstly: Let me apologise for this! You are right, of course that I had a lot of releases yesterday. I just saw it lagged a few numbers behind, but that was of course NOT terribly! Really sorry!

This is something that I should be able to automatically create a PR for in a GitHub Action then.

Two questions:

1. What is pkgrel?
2. How are the sha256sums calculated?

[Sir-Photch]

How are the sha256sums calculated?

Each checksum corresponds to each file in the sources array. The first one is the sha256sum of the fedi-fetcher tarball; The one that is always made available with the github release.

What is pkgrel?

This is an additional version number that is only incremented when changes to the PKGBUILD are not caused by an upstream update: https://wiki.archlinux.org/title/PKGBUILD#pkgrel (And reset to 1 if there is an upstream update)

[nanos]

Cool, thanks.

So in summary any PR would have to include the following changes:

1. Update pkgver to the latest version
2. Change the first item in the sources array to point to the latest release.
3. Update the first sha256sum to match the latest tar.
4. reset pkgrel to 1
5. Where needed: Update depends array to be up-to-date with latest requirements.txt

Is that correct?

[Sir-Photch]

Change the first item in the sources array to point to the latest release.

This is not necessary as the URL for the tarball is built form pkgver.

Otherwise, this is correct!