Created my first package: Afterwriting

packaging
afterwriting

#1

Well finally I created my own package to convert my screenplays in a industry standard format is called afterwriting and I first installed it the nodejs via, but it was a pain in the ass to update and that things. So a few days ago a read the ArchWiki and started to make my own package, is working fine on my system.
Now I’m reading the part to upload it to the AUR, but I don’t know if someone will think is useful.
Also is someone wants to check the package to see it works in other computers just let me know (and I send the PKGBUILD, I think with that is all you need to check)
See you!

EDIT: Sorry I just make the package the program is the well known Afterwriting that processes .fountain files to screenplay pdf format.


#2

You could upload it somewhere and link to it, or just paste it as a reply (assuming it’s not massively long), then anyone can have a look.


#3

OK! After 2 hours of reading how to upload packages to the AUR I finally uploaded it… My what a headhache for someone that only knows to write! :smiley:


#4

Here’s the PKGBUILD:

# Maintainer: jolupa <jlpavon@me.com>
pkgname=afterwriting
pkgver=1.11.0
pkgrel=1
pkgdesc="Post-processing for Fountain screenplays"
arch=('any')
url="https://github.com/ifrost/afterwriting-labs"
license=('MIT')
depends=('nodejs')
makedepends=('npm' 'jq')
source=("https://registry.npmjs.org/afterwriting/-/$pkgname-$pkgver.tgz"
        "LICENSE")
md256sums=('5f4d4d20c5029591a06c5f4636b4c5eb165ca1a852b778596519d2a16d12d5e7'
           'abb42abaef9d2198f1d38b5b40c3c8accec9a8e8bdea7b0994270d75a3beb931')
noextract=("$pkgname-$pkgver.tgz")

package() {
	npm install -g --user root --prefix "$pkgdir/usr" "$srcdir/$pkgname-$pkgver.tgz"
	find "$pkgdir/usr" -type d -exec chmod 755 {} +

	# Remove references to $pkgdir
	find "$pkgdir" -type f -name package.json -print0 | xargs -0 sed -i "/_where/d"

	# Remove references to $srcdir
	local tmppackage="$(mktemp)"
	local pkgjson="$pkgdir/usr/lib/node_modules/$pkgname/package.json"
	jq '.|=with_entries(select(.key|test("_.+")|not))' "$pkgjson" > "$tmppackage"
	mv "$tmppackage" "$pkgjson"
	chmod 644 "$pkgjson"

	# Install license since the package doesn't include it
	install -Dm 644 "$srcdir/LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}


#5

Ok, So, How can I sign the package with makepkg I visited some sites, I read the ArchWiki… but I don’t know how to get ride of the Missing integrity check for I made a gpg signature, added to the makepkg.conf but I’m facing the same problem… :frowning:


#6

If you want makepkg to sign the package, edit /etc/makepkg.conf and change

BUILDENV=(!distcc color !ccache check !sign)

to

BUILDENV=(!distcc color !ccache check sign)

Also make sure you have set both the values:

#-- Packager: name/email of the person or organization building packages
PACKAGER=""
#-- Specify a key to use for package signing
GPGKEY=""

Otherwise, it’s easy to sign a package after it has been built using:

gpg2 -b -u YOUR@EMAIL.address the-package.pkg.tar.xz

Or if you have several to sign,

gpg2 -b --batch -u YOUR@EMAIL.address *pkg.tar.xz

#7

Well I don’t know where’s the problem.
I modified the makepkg.conf with and without !sign I put the GPGKey="" that I think the gpg2 generated but the only why that I can build the package, on local without downlowading from AUR, is with makepkg --skipinteg So I don’t know wheres the problem… :frowning:
If I donwload from AUR I can’t build the package.

SOLVED: My god!! I’m so stupid! The problem was with not declaring well the sums, the bads are:

md256sums=('5f4d4d20c5029591a06c5f4636b4c5eb165ca1a852b778596519d2a16d12d5e7'
           'abb42abaef9d2198f1d38b5b40c3c8accec9a8e8bdea7b0994270d75a3beb931')

And the code needs to be:

sha256sums=('5f4d4d20c5029591a06c5f4636b4c5eb165ca1a852b778596519d2a16d12d5e7'
           'abb42abaef9d2198f1d38b5b40c3c8accec9a8e8bdea7b0994270d75a3beb931')

Thanks for all the help! All my fault! God! :smiley:

EDIT AGAIN: I’m thinking to let know in the Afterwriting github page that an Arch package is avalaible, but I don’t know if the people on the github page will like the idea… Any thought on that? Thanks!


#8

You can update hash with command updpkgsums

Likely should be called nodejs-afterwriting

https://wiki.archlinux.org/index.php/Node.js_package_guidelines


#9

Ops! Can I change that?! (I’m not very used with the git and all the package is done in what I learn in a few hours)


#10

You could also just append --sign to the makepkg command, which takes the key specified in /etc/makepkg.conf.


#11

Yeah! I think that the problem with the signature is solved, it was me messing with the sum files and no reading well the error… Is imperative to sign the package?


#12

No but highly recommended if you want to publish the package.


#13

Ok! I will try to sign the package when I comeback home. Also about changing the name I have to create a new repo on the AUR or can I change the name of the repo via git?

EDIT1: Well added the nodejs-* to the name to follow aur rules.