kakerlakatzeis there like a script I can use to see if I have an infected AUR package that wasn't written with AI?
I found a txt file with all the infected packages and I seem to be safe but also what if this isn't actually the list
Niko@niko I have no idea how to do that, I just did sudo pacman -Qm and then compared to the list of known infected packages
@anarceus when you're installing AUR packages you should be reviewing the PKGBUILDs at the very least for anything suspicious and that's 30 extra seconds with a half decent AUR helper that does that for you (i recommend
paru)@niko never done that before. Assume it's the diffs to show or something thingie on yay, when starting out on arch pretty much everyone told me there was no reason to not just click through haha.
Besides I'm more tech savvy than the average person but less tech savvy than literally any other tech savvy person. I don't think I could actually identify a suspicious pkgbuild anyway so it wouldn't have saved me here
I could NOW in our case because I know what the problem files look like but outside of that I'm just a critter mainly using cachyOS because it's easy and doesn't cause me problems in any other way lmao
@anarceus yeah it's those diffs that yay shows you
as for reviewing uhh given you're using yay it miiight store the PKGBUILDs in ~/.cache/yay or something similar? it seems like ls ~/.cache/yay/*/PKGBUILD should pull up all the PKGBUILDs
@niko I'll check once I'm home, thanks!!! Will also look through them when installing from now on lol, for whatever it's worth, though I'm still not sure I'll be able to recognise anything