Is aur down again?

Oh but it’s so tempting to open a new Arch forum account and necro that 9 year old thread.

Something to the effect of:

I knew Manjaro user… why AUR no worky… when works AUR again… PLEEEZE MAKE AUR WORK FOR ME…

Relax people I’m only joking (but it would be too damn funny). :rofl:

10 Likes

well the solution for Arch could be simple (but also easily worked around by Manjaro) -

simply block pamac as user agent :wink:

but Manjaro could work around that by changing the user agent of pamac to something generic and the block would not work anymore. But changing the user agent to something generic could also make other stuff more complicated: https://gitlab.manjaro.org/applications/pamac/-/issues/709

Edit: Apparently, pamac was already blocked in the past: [Resolved]Pamac currently blocked from the AUR

Anyway, the long term solution for too much traffic would be to implement a good CDN for the AUR webserver to mitigate the requests and traffic that go through to the origin - after all, most stuff could be cached by CDN edges because it does not change often.

1 Like

Probably not, but they’ve already DDoS’ed the AUR at least three times (that I remember), and I remember that Pamac was blocked at least two times from accessing the AUR by the Arch maintainers (a ban which was soon lifted).

Asking Pamac users to “AUR responsibly” is just silly. They are not going to stop, just because you’ve asked nicely. In fact, they are very likely not even going to understand what you’re asking of them, for if Pamac users were able to follow simple instructions, they would probably be using pacman and yay :rofl:

So I cannot place any blame on the users, just like I cannot blame a wasp for stinging me – it lacks agency to be responsible for its actions. It’s the software author who is responsible (and who, originally, brought this software into existence, irreversibly).

The AUR infrastructure wasn’t intended for AUR helpers, and definitely not for graphical AUR helpers that make thousands of requests to the server. The carelessness of the Manjaro team has put the existence of the AUR for all of us into danger, at least three times in the past.

I’m not saying that it is at all connected to this present issue (btw, everything seems fine on my end now, so it seems to be resolved), I am just making an argument that removes the blame from the users and puts it on the developers, and tries to explain why whenever the AUR is down, for whatever reason, many people’s first thought is: “is Manjaro at it again?”.

9 Likes

Not even that :crazy_face: :rofl:

By the way, does anyone knows for fact what caused the AUR being down this time around?
Seriously, I am interested,

Teach your children well …

You’ve got a bread knife and butter knife - when your children come of age you teach them to cut bread and make a sandwich - you also teach them which tool to use when and how to use it. You also teach them not to use the same tool but choose the tool suited for the task at hand.

If a tool can be abused does it make it a bad tool?

In :clown_face: :earth_africa: answer to that is always YES

1 Like

Now you are qouting out of context and twisting the content - in the topic it is clearly stated that it is a quote from the Arch forum - if you need to make comments - do it right - don’t twist it.

The parent is still responsible for the actions of the child. A responsible parent is mindful of what tools the children are allowed to use.

The problem is that the average Pamac user lacks the mental age to use the AUR responsibly.

There are bigger problems with AUR helpers, they do not check the PKGBUILDs for anything malicious. If someone malicious were to upload a much of cryptominers to the AUR, he could make a huge profit from Pamac users who without any understanding or inspection of the PKGBUILD files click on their install buttons. The incentive exists, it’s just a matter of time someone does it, putting all of us at risk, of course.

And just to be clear, I am not blaming the tool, the tool is mindless and without agency. I am blaming the software developer who designed the tool to be so easy to use, that otherwise harmless users can now cause serious damage.

2 Likes

My perfectly good and helpful answer was edited to use pamac, and I unedited it and subsequently suspended being told pamac is how to do whatever it was at the time. I said I would never allow myself to ever suggest using pamac, and subsequently banned.

They encourage everything to be done with it. Forcefully. Until it’s convenient to make themselves look better.

So, yes maybe it is a bad tool.

:rofl: :joy: :rofl: :joy: :upside_down_face: :sweat_smile:

Again, if you don’t know, now you know. Just look up.

now you are just mean :crying_cat_face: think of all those innocent users - you are hurting their feelings :slight_smile:

There’s a truth to that - knives are easy to use too - look at all that serious damage …

1 Like

I have a very important announcement to make:

honka_animated-128px-4

5 Likes

It’s a bit like serving meals in a kindergarden with a sharp steak knife and a really pointy fork. Here, children, enjoy your meal…

There is a reason why that is typically avoided. A child should first demonstrate the maturity and skill before he or she is allowed to use tools that can easily cause a lot of damage.

It’s also why construction site managers typically do not let untrained workers operate heavy machinery, no matter how easy it is to use it (much easier than, for example, using a pickaxe and a spade).

4 Likes

I adore how you keep insisting that we’re living in a normal world, instead of full blown :clown_face: :earth_africa:

In :clown_face: :earth_africa: everything is possible, pre-school children will operate heavy machinery with sharp knifes :rofl:

1 Like

Well, as long as they don’t use graphical AUR helpers… :man_shrugging:

I say it in jest, of course! :clown_face:

1 Like

Not sure where this topic is going and too afraid to ask but…

…But now I have this strange desire to watch Knives Out. I think I’ll go watch that now :clown_face: :earth_americas:

Knives_Out_Poster

2 Likes

You don’t have to - others already did

4 Likes

All the :clown_face: :earth_africa: arguments aside, Pamac is, objectively, a terrible tool:

  • none of its users know how to use it, yet they are not incentivised to learn it since they can accomplish their goals without knowledge – in fact, its targeted audience is people who lack elementary knowledge about the AUR
  • it abuses the infrastructure that was not designed with tools like these in mind and is not meant to be accessed by users who do not know how to use it
  • it’s buggy and unreliable, and has grown to be a much bigger project than what its author imagined or is capable of providing.

The only solution I can think of is that Manjaro makes its own AUR server, MUR or whatever (you can just copy all of the PKGBUILDs over from the AUR) and let Pamac access only it, while the AUR owners permanently block Pamac from accessing the AUR.

:point_up: Case in point. The answer, of course, is: because the AUR is not a repo at all, it’s just a server hosting a bunch of build scripts, nothing else. Understanding this should be a prerequisite for using the AUR, but unfortunately, tools like Pamac bypass that.

5 Likes

I am afraid that statement goes for many a user of AUR helper software.

It should be mandatory to learn how to

$ git clone <url/pkg>
cd pkg
$ makepkg -is

And when needing update

$ cd pkg
$ git pull
$ makepkg -i
3 Likes

I agree, of course, but without any ways to enforce that, that’s just a naive wish.

At least no AUR helper is in the Arch repos, so you can’t just install it, but have to actually package it yourself with makepkg (at least you’re forced to do it once).

Well, yay and paru are in the EndeavourOS repo, unfortunately. And they are in Manjaro repos, as well as Pamac. Of course, there are no stories of yay or paru DDoSing the AUR (so it’s only the user who will suffer the consequences of using the AUR irresponsibly), it’s only Pamac that has this reputation and is making all of us suffer because of irresponsible users. At least on EndeavourOS it is assumed (even though this assumption is more often wrong than right) that the user understands how the AUR works and just uses an AUR helper out of convenience.

2 Likes

Yes - a :clown_face: 's wish - and I know - I am a :clown_face: - just ask my wife.

1 Like