So decided to update with PARU, usually use ‘YAY’ , but it’s on my system decided to use it.
Anyway after the normal upgrade process, it flagged my Brave Browser as out of date, and informed me of a newer package. So here is the stream:
:: marked out of date: python-pyparted
Aur (1) Old Version New Version Make Only
aur/brave-bin 1:1.42.86-1 1:1.42.88-1 No
USER_FLAGS_FILE=“$XDG_CONFIG_HOME/brave-flags.conf”
if [[ -f $USER_FLAGS_FILE ]]; then
USER_FLAGS=“$(cat $USER_FLAGS_FILE | sed ‘s/#.*//’)”
fi
export CHROME_VERSION_EXTRA=“stable”
exec /usr/lib/brave-bin/brave “$@” $USER_FLAGS
:
So it obviously wants me to do something at the colon prompt, but what? I have no idea… So I’m leaving it sit until I can find out what I’m supposed to do…
It is actually super useful once you have some history. Right now it is just showing you the files but once you have some history it will start showing you the color coded differences.
It lets you see very quickly and in a better form than a diff would. Makes it easy to tell if something questionable is happening.
Problem with that, is I only have been running Endeavor about a month. I don’t have a good handle on Diffs, I sort of get that in upgrades, config files can change and you get pacsave files when this happens, and I think diffs are related to this somehow, but I wouldn’t have a clue what to do if I had to edit a config file.
It isn’t about editing them. It is about checking to see what has changed. It is hard for you to tell that right now but after a couple of months the files will start being color-coded and you will learn what is normal and what isn’t.
The AUR is a collection of scripts that are created by the community. It has a huge advantage over other community or 3rd party repos. You can inspect what changed. The provides you the ability to know if anyone has done something malicious or accidental before installing the update.
While this may sound complicated, 90% of the time, the only thing that is changing is the checksums and the versions. The color-coded diffs will quickly show you that. At a glance, you can see that the change is only that. If you see something else, you can decide if you want to investigate further or not.
It is basically additional control and transparency that other package sources don’t offer.
I see what you are saying, I guess over time using Paru I will see this color coded output, and it will, I guess, become self-evident what the changes are and whether there are corrupted or compromised files.
That said, I may look to see if there is a Youtube video out there showing this process. A picture is worth a thousand words.
The first change is a change to the pkgrel which is normal and can be ignored. Basically there is a new version of the package.
The second change is a the pkgsums changing. That is normal.
The 3rd change is less common. There is some scripting change. This is the kind of thing you might want to look at.
In this case, it looks OK. Instead of running the x86 version it is running the ARM version when it should. If you saw something like this, and didn’t understand it, you could always ask.
I see that DIFF is a Linux command unto itself. So does Paru, which I know is a wrapper for pacman, contain DIFF as a command within the PARU script? Is it the PARU script that creates the color coding, and not DIFF itself?
I just found this Youtuber going into a lot of detail, with examples, of the working differences between YAY and PARU. A lot of it, is beyond my current experience level, but some of it is a little familiar to me. Looks like a pretty well done and thorough treatment.