Ghostboard pixel
Latest news
Development Updates

Arch Linux Introduces Bumpbuddy for Faster, Smarter Package Maintenance

Bumpbuddy helps Arch Linux keep packages fresh and up to date.

Sourav Rudra
arch linux logo on left, the logo for bumpbuddy on the right, iti s a cardboard box with an up arrow and arch linux logo in it
2 min read

Arch Linux is a popular Linux distribution known for its simplicity and flexibility. Recently, there have been security concerns in the Arch User Repository (AUR), where bad actors have managed to slip in Remote Access Trojans (RATs).

Interestingly, the Arch Linux team is rolling out a new tool to automatically monitor package updates, improving how maintainers and users stay informed about packages in the main repositories.

What's Happening: Arch Linux has introduced Bumpbuddy, an automated program that tracks new software releases for packages in the official repositories.

It operates as a daemon that monitors package versions and automatically opens GitLab issues when it detects that a package is out of date. It keeps these issues updated if newer versions are released and closes them once the package has been updated in the repositories.

The tool relies on .nvchecker.toml configuration files to track package versions and runs checks every three hours to ensure timely updates.

What to Expect: For package maintainers, Bumpbuddy automates the process of tracking new upstream releases, eliminating the need for manual checks or creating tracking issues. The process is now automated based on existing package configurations.

Users will benefit from faster awareness of new releases without having to manually flag packages as out of date. Public GitLab issues also provide transparency about why some updates might take longer.

Future plans for bumpbuddy include adding a web dashboard to view package reports, providing an API endpoint for pkgctl version check to enable faster version checks, and the removal of the "flag package out-of-date" button on Archweb.

This new tool aims to make the Arch Linux package update process more efficient and transparent for everyone involved.

Suggested Read 📖

Arch Linux Users at Risk Again as AUR Hit by Another RAT
A new pest appears in the Arch User Repository.
It's FOSS NewsSourav Rudra
🎗️
Here's why you should opt for It's FOSS Plus Membership:

- Even the biggest players in the Linux world don't care about desktop Linux users. We do.
- We don't put informational content behind paywall. Your support keeps it open for everyone. Think of it like 'pay it forward'.
- Don't like ads? With the Plus membership, you get an ad-free reading experience.
- When millions of AI-generated content is being published daily, you read and learn from real human Linux users.
- It costs just $2 a month, less than the cost of your favorite burger.

Become a Plus Member today and join over 300 people in supporting our work.
Published in: Development Updates
Author
Sourav Rudra

Sourav Rudra

A nerd with a passion for open source software, building custom gaming rigs/workstations, motorsports, and more.

View articles

Read next

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to It's FOSS News.

Your link has expired.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.