Breaking something with AUR packages is something I sometimes feel a little concerned about. I’m aware that Manjaro does not fully support the Arch User Repository, but I only have a few programs installed through the AUR. But everyone online always said “be careful” when using the AUR or you could break Manjaro - nobody really explains How to be careful. Other then the obvious thing of that you shouldn’t install hundreds of AUR packages or try replacing all your packages with AUR versions.
All I use the AUR for at the moment is for the few programs that I can’t install without the AUR; like ones that are only officially available on Debian or Fedora based distro’s but are available on Arch based if you get it from the AUR. In my experience though, those have been few and far between. So am I really at much of a risk with using the AUR the way I do? If the answer is just “You should be fine, but expect that something may break eventually” then I don’t feel comfortable with that answer. If there’s a high chance that it will eventually break something then I don’t really feel comfortable with that.
So what is it exactly that people mean when they say to “be careful” with the AUR. What should I do to be careful?
Custom buildscripts like those found in Arch User Repository is created with Arch distribution in mind.
Manjaro stable is usually several weeks behind Arch and therefore the buildscript may depend on one or more packages at a certain version. A prominent example was a recent glibc update.
Therefore the careful phrase is carrying a reminder that you should know what you are doing - know what impact the given custom package may have on your system, does it replace system files, what could potentially go wrong?
Themes is likely the most common cause of weird issues - e.g. when you apply a Plasma theme created for 5.22 and expect it to work on 5.26 or a GTK theme created for Gnome 3.24 - which most likely will not work well on Gnome 42.
So the careful phrase carries a warning that you may - depending on your system - cause problems by building and adding custom packages to your system.
Another example is toolkit upgrades which makes your custom theme behave weirdly, when upstream has changed the underlying theme engine - e.g. Gnome uses javascript as part of their theme engine.
A third example is Python2 which went out of service several years ago. Packages based on python 2 is moving to AUR and their dependencies is gradually disappearing - and suddenly you have a dysfunctional system.
Or GTK2 based packages which is also becoming extinct, and I could go on.
Think
what impact does this or that script carry?
do I really need this functionality?
keep your system clean by regularly removing unused packages
dormant unused package may be the timed disaster waiting for the right moment to make you system unexpectedly to go haywire.
AUR may have the same package as the one in the official repository, make sure you know which one you ACTUALLY want to install, as this might differ in version, features, whatever, can really be anything and can break anything that depends on it
Some dependencies might be dropped to AUR for lack of maintainers or something, sometimes it will eventually stop working due to version difference and installing the AUR package might break a dozen of other packages, read the prompt carefully when your installing it may remove some core packages, it can render your system unbootable
Despite regular screening, anyone can still make an account and create any package, including malicious one, read the PKGBUILD if you don’t trust the maintainer, especially if it downloads and runs things from a weird, not well known sources
Thanks so much for the tips. There’s actually a particular package I want to install. It’s called CuteNTR. It’s from the official Github page but I’m just concerned about the fact that it hasn’t been updated since March 2017. It’s a program made to let you stream a Nintendo 3DS with Homebrew installed on it, onto your Linux PC, in order to record footage without having to hard mod it with a capture card. I don’t see anybody talking about the program online anymore and it’s the only way of streaming the 3DS onto Linux without using the more popular program Snickerstream that is only compatible with Windows.
… it doesn’t seem to be actively or well maintained. So the chances of something breaking is bigger. I suspect the best would be to contact the developer or maintainer regarding this.
The console itself is already out of its lifespan 2 years ago, with last hardware release 10 years ago, I would have guessed even the author might have sold his device.
There doesn’t seem to be anything to concern about, it’s just an application instead of a core library, device driver or something about the same level of importance to the OS. It depends on a still supported Qt5 library and written using C++11, which is still fully supported. It doesn’t do anything fancy, just communicate with the 3DS over UDP. Just try building it, won’t hurt your system at all. At worst, it’s not gonna build and you will need somebody to fix it for you if not you learning to code and fix it yourself.
Thanks. I guess I’ll install it and see what happens then. I’ll let you know if it goes well or badly.
Also, his is why I want to learn to code because I would love to fix issues and actually contribute to projects that I want to support.
Though I doubt that they would have sold the 3DS, my guess would be life just got in the way, because yes the console went out of it’s lifespan 2 years ago, but the modding and homebrew community is still extremely active and has heaps of really passionate people. They recently just got Miiverse functionality unofficially back up and running. Also the last 3DS to release wasn’t 10 years ago, it was a purple New 2DS XL in Sep 2018.
While this topic has been marked as solved, I want to add something.
Think long and hard before you install system components from the AUR (along the lines of should I chew razor blades). Dont do it unless absolutely positively necessary for your system to function, and then think again for a long time. The odds on you fubaring your install are high when using the AUR for system components for reasons listed above (lack of maintenance, staggered updates, etc), and you may end up looking at a text error on a black screen instead of your desktop.
Applications are relatively safe. If they stop working at least your system is still running. Above all else, backups are mandatory if you are using the AUR. Timeshift is a good option.
