readme

author: Jonas Gunz <himself@jonasgunz.de> 2023-07-24 18:44:02 +0200
committer: Jonas Gunz <himself@jonasgunz.de> 2023-07-24 18:44:02 +0200
commit: 23532aefa6fa6b617e4137a3a018c173dc83f883 (patch)
tree: 3d0965d842a0b43a07820691e695fbbeb8d5f691
parent: aeccb8ad0e2760ed31a360ee52eab351ec5299ac (diff)
download: aurbuilder-23532aefa6fa6b617e4137a3a018c173dc83f883.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/Readme.md b/Readme.md
index 58e081f..2e96ed0 100644
--- a/Readme.md
+++ b/Readme.md
@@ -1,6 +1,10 @@
 # AUR PKG Builder
 
-Automated AUR package buildsystem built on Podman capable of resolving AUR dependecies.
+Automated *Arch-Linux User Repository* package buildsystem built on Podman.
+
+**CAUTION:** Automatically building AUR packages is inherently **dangerous**.
+You are de-facto granting the submitter *arbitrary code execution* on the build machine as well as the users system.
+For more information, consult the [Arch Wiki](https://wiki.archlinux.org/title/Arch_User_Repository).
 
 ## Usage
 
@@ -90,6 +94,8 @@ I would strongly recommend against using aurbuilder in any mission critical capa
 
 * Package and repo signing with GPG
 * Better repo management, autodelete and cleanups
+* Allow specifying a git repo instead of a pkgname for external/custom packages
+* warn / protect from submitter changes and orphan packages
 
 ## Locations
author	Jonas Gunz <himself@jonasgunz.de>	2023-07-24 18:44:02 +0200
committer	Jonas Gunz <himself@jonasgunz.de>	2023-07-24 18:44:02 +0200
commit	23532aefa6fa6b617e4137a3a018c173dc83f883 (patch)
tree	3d0965d842a0b43a07820691e695fbbeb8d5f691
parent	aeccb8ad0e2760ed31a360ee52eab351ec5299ac (diff)
download	aurbuilder-23532aefa6fa6b617e4137a3a018c173dc83f883.tar.gz