Software from AUR are not all open source?

I read about a note-taking software called Clipto. In Pamac, I found a package called clipto-bin, but its build files are set to build from an AppImage file on GitHub, not from source. And Clipto doesn’t appear an open source project.

Any comment?

No - not really - it is not a problem.

AUR is not Manjaro but Arch User Repository and unsupported.

Manjaro is not a FOSS distribution neither is Arch - so yes - you may find non oss packages e.g. Nvidia and vmware.

1 Like

With source not open, the likelihood of installing some malware is quite high, no? Well, I don’t suspect much about Nvidia and vmware etc, but other lesser known software from AUR?

That depends … you installed Manjaro, right?

Manjaro is made possible by a small number of individuals which based their work on another number of individuals from the Arch Linux community, which then again base their work upon thousands of other individuals, which base their work on kernel developed by one man Linus Torvalds - so when you decided to trust Manjaro - you decided to trust those thousands of individuals behind including Linus.

So you are the only one to decide whether you trust or not.

1 Like

Keyword: USER Repository. As in any random person can upload there. Well, this is maybe exaggerated but you get the idea. There might be junk in the aur - broken or old or incompatible stuff and theoretically malware.

That is exactly why it is disabled by default and there is a big fat disclaimer everywhere in the OS, wiki and the forum that manjaro developers are not responsible for and cannot support it.

1 Like

Not really, as you can actually read the installation script. Whether you accept it or not, that’s on your decision. Please read the install script before installing anything from AUR.

AUR contains many proprietary packages that are not open source
some proprietary packages may also require a licence fee

Clipto Appimage file is the only available Github source for AUR package
Releases · clipto-pro/Desktop · GitHub website also has a link to

Right at the top of the AUR home page;

DISCLAIMER: AUR packages are user produced content. Any use of the provided files is at your own risk.

It also tells you to read the AUR User Guidelines for more information;

9.1 What kind of packages are permitted on the AUR?

The packages on the AUR are merely “build scripts”, i.e. recipes to build binaries for pacman. For most cases, everything is permitted, subject to usefulness and scope guidelines, as long as you are in compliance with the licensing terms of the content.