Add AUR qn-bin recipe#17
Merged
Merged
Conversation
Mirrors release-update-homebrew-tap and release-update-scoop-bucket:
a maintainer-run command that syncs a PKGBUILD + .SRCINFO for the
`qn-bin` AUR package to a local clone of the AUR git remote
(ssh://aur@aur.archlinux.org/qn-bin.git).
Until CI has SSH access to push to the AUR, this is the manual path.
When that's wired we'll add a publish-aur workflow modeled on
publish-deb and this recipe becomes a manual-recovery fallback.
The PKGBUILD covers both x86_64 and aarch64 Linux (the gnu archives
cargo-dist ships), downloads them from the GitHub Release, and verifies
each against its sha256 sidecar. `provides=('qn')` and
`conflicts=('qn')` so users of any future official `qn` package don't
end up with both.
The .SRCINFO is generated inline rather than via `makepkg --printsrcinfo`
because makepkg isn't available on macOS dev boxes. The fields mirror
makepkg's canonical output order (validated against a real-world reference,
astral-sh/uv-bin).
Usage:
just release-update-aur-bin 0.1.4 ~/qn/aur-qn-bin
Precondition: the AUR package `qn-bin` has been registered on the AUR,
and aur_path is a clean local clone of ssh://aur@aur.archlinux.org/qn-bin.git.
End-to-end-tested against v0.1.4's actual release: pulled both sha256
sidecars, rendered a valid PKGBUILD and .SRCINFO (with leading TABs on
the indented lines, as the AUR format requires).
A public repo's commit messages, code comments, and PR bodies shouldn't mention internal secret names — even ones we haven't created yet. Names invented for planned CI secrets are still infrastructure detail and read as roadmap leaks. Edits: * Justfile: replace a `release-update-homebrew-tap` comment that named the planned tap-push secret with generic "a PAT with contents:write on the tap repo". * dist-workspace.toml: same scrub on the `tap = ...` block's explanation of why "homebrew" stays out of publish-jobs. * CLAUDE.md: add a bullet to the open-source repo rules block calling out this exact pattern, with the carve-out for standard names that come from a tool's own public docs (e.g. CARGO_REGISTRY_TOKEN is the name `cargo publish` itself reads, so it's documented surface, not internal). No behavior change — comment edits only.
johnpmitsch
changed the title
Captures what we've actually been doing: the three Justfile recipes (release-prepare, release.yml in CI, post-CI manual steps), the per-channel manual update commands (Homebrew, Scoop, AUR), and the one-time setup notes a future maintainer would otherwise have to rediscover — especially the AUR registration sequence with the main/master rename gotcha we just hit. Also documents the recovery path for a partially-failed release (re-run just the failed publish job) and the local sanity checks to run before tagging. Doesn't replicate user-facing install instructions — those live in README.md. This file is for maintainers.
johnpmitsch
force-pushed
the
add/aur-bin-recipe
branch
from
9d164b2 to
37c9dc2
Compare
AlejandroFabianCampos
approved these changes
Jun 11, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Three coordinated changes:
1.
release-update-aur-binJustfile recipe. A maintainer-run command that renders aPKGBUILD+.SRCINFOfor theqn-binAUR package and stages them in a local clone of the AUR git remote. Mirror of the Homebrew and Scoop recipes — manual today, becomes a manual-recovery fallback once CI has SSH access to push to the AUR.Covers both x86_64 and aarch64 Linux.
provides=('qn')+conflicts=('qn')so any future officialqnpackage coexists cleanly. End-to-end-tested against v0.1.4's actual release, and the package is now registered on AUR (v0.1.4 live).3. Add
RELEASING.md. Documents the per-release flow as we've actually lived it: the three named Justfile orchestrators, the publish channels inrelease.yml, the post-CI manual updates for Homebrew/Scoop/AUR, and the one-time setup notes a future maintainer would otherwise have to rediscover (including the AURmain/masterrename gotcha we just hit). Keeps maintainer ops out of the user-facing README.Test plan
just --listshows the newrelease-update-aur-binrecipe..SRCINFOwith real sha256s, correct multi-arch source blocks, and the leading TABs that AUR's.SRCINFOformat requires.grep -E "[A-Z]+_(TOKEN|KEY|SECRET|PAT)"against committed files returns only standard names that come from a tool's own public docs (CARGO_REGISTRY_TOKEN,GITHUB_TOKEN).qn-binis registered on AUR (web page returns 200;git ls-remoteshows v0.1.4 ref).yay -S qn-binworks on an Arch host.