If I install a package from the AUR manually, will it be updated with an AUR helper?

Another question:

if I install a package from the AUR manually, which means I do:

git clone
sudo pacman -U

will the package be updated together with the other packages I installed using AUR helper? In my case yay. Will the package be updated when I do yay -Syu ?

Yes, it will.


That is what will make the package manager know about it, thus allowing it to be updated through yay.

1 Like

Thank you guys for your answers!

Another question, a bit off topic:

What does it mean an orphaned package in AUR? Is it not safe to use anymore and I should avoid it or is it completely fine to use it?

Regarding AUR packages, orphaned means it has no maintainer. It will not receive any update, until someone decides to maintain it again.
Using an AUR orphaned package may represent a security issue as, since nobody maintains the package, security fixes are not pushed to users through it.


Thank you for your informative answer!

So do you think it is safe to use this package?


and what is the difference between the above one and this one (except that one is orphaned and the other is not):


psi-plus is flagged out-of-date and psi-plus-git was updated in Jan. 2021 last time, looks to be orphaned. Personally, I would not install them. You risk issues with regard to compatibility and dependencies.

VCS packages always pull from the latest commit. The PKGBUILD does not need to be updated unless changes need to be made for the build.

1 Like

What about the security of the system? Does the system get vulnerable if I install an orphaned package like this?

Is it possible to somehow encourage someone to take care of that package…? It is a shame such a package has been abandoned…

Why don’t you maintain it? :wink:

I wish I had the knowledge and skills on how to do that! It would be my small contribution to the community.

so what is the main difference between those two except for the fact that the first one is outdatet?

The difference is this:

So, instead of building a fixed version that is to be updated by the package maintainer, the -git package use a function to version a package dynamically. → Means that if you build a -git package it’ll always builds with the source code from the very latest commit in the repository.

In this case, the last commit was 13 days ago, so that software still seems to be actively maintained.
I’d probably just use the -git package then.

Note that if you want to have your AUR helper automatically check for VCS package updates, you either want to use (in the example of using yay as AUR helper) yay -Syu --devel or enable that permanently with yay -Y --devel --save. So after that you simply say yay to upgrade everything, repo, AUR and AUR VCS packages…

1 Like

Thank you for your explanation. But I still do not quite get this. Is it not that the package maintainer is responsible for the updates in both cases? Because with the -git case it builds with the source code in the repository and someone is responsible for that repository? (I am having package maintainer in my mind)

Well, for the “normal” versioned packages, yes, the maintainer should update the version in the PKGBUILD whenever upstream is releasing a new version.

For the -git package: No, since a rebuild will automatically grab the very latest code from the source repository during build. → It’s up to the user to rebuild the package whenever he/she thinks that is needed/desired.

1 Like

but in both cases the update will happen with yay -Syu right?

In other words:

  • The package maintainer is not necessarily the developer.
  • For development packages – which use the -git suffix – the package maintainer maintains the PKGBUILD script, which always builds from the very latest commit in the source.
  • In consequence, after the developer adds modifications to its application, the above PKGBUILD will build from this new commit without ever being modified.

It will update only if the PKGBUILD changes version, which should occur if it is modified.
Since the PKGBUILD is usually not modified on development packages, -Syu alone will not detect any update. You then need -Syu --devel to tell yay to look at the source to detect the update.


Do I get it right:

If the changes are made to a -git package but PKGBUILD script has not been modified, by using yay -S I would get the latest version of the package, but if I had previous version of that package, yay -Syu would not update it, because PKGBUILD would still have the same old version and therefore I would need to use -Syu --devel