grimoire is a lightweight package builder for Arch. It searches, builds, and updates packages
because it drives git & makepkg, it can build PKGBUILD from any git source you point it at.
sudo pacman -S --needed git base-devel
git clone https://github.com/mackilanu/grimaur
cd grimaur
./grimoire <command> # try --help
# or install globally makepkg -siTip
You can use grimoire fetch <package> to inspect PKGBUILD and source code before
manually installing using makepkg or similar.
Even see it directly: python grimoire inspect base --target PKGBUILD
Also accepts: SRCINFO and info
grimoire <term>(orgrimoire search <term>) lists matching packages.- Plain text or a regex
"pattern-*".
- Plain text or a regex
grimoire listto see installed "foreign" packages recognized bypacman -Qm
inspect, fetch, build, installand remove accept one or more packages (grimoire install a b c).
grimoire inspect <package>shows description + all deps (make/check/optional)grimoire fetch <package>clones it to your--dest-rootgrimoire build <package>build withmakepkggrimoire install <package>clones the repo, resolves dependencies, builds- Pass
--noconfirmto skip prompts - Pass
--use-sshuse SSH instead of HTTPS - Pass
--submod(install/fetch) to init the repo's git submodules after checkout.
- Pass
grimoire remove <package>to uninstall from pacmangrimoire cleandrops the search result cache (and completion cache)grimoire clean <package>removes just clone- Pass
--clonesto remove every cloned package build tree
With no --repo, sources are tried in repos.ini order (top first); the first that has
the package wins, the rest are fallbacks.
Point at anything else that ships a PKGBUILD with --repo-url/--repo
--repo-url <url>builds from a git URL (scheme optional:provider.ext/u/rworks).--rev <branch|tag|commit>/--subdir <dir>pick a revision, or a package nested in a monoreporepo --add <url> <name>saves an alias; use it with--repo <name>.- Add more URLs under the same name for fallback mirrors.
--ls/--rmto manage. {pkg}(the package name) or{pkgbase}(its pkgbase ex: amd-ucode -> linux-firmware)
grimoire repo --add 'provider.ext/user/repo/tree/master/pkgs' MYVUR
grimoire install <pkg>A bare search <term> queries every section in repos.ini and merges the results.
See repos.ini for examples.
You can generate it with grimoire -v, auto-creates ~/.config/grimoire/repos.ini with [ARCH] as the default.
grimoire updaterebuilds every installed “foreign” package that has a newer release.- Pass
--globalto update system first, then AUR packages.
- Pass
grimoire update <pkg1> <pkg2>limits the update run to specific packages.grimoire update --develUpdate all*-gitpackages aswell (needed forgrimoire-gitfor example).
update re-pulls every tracked package already; no --refresh needed.
Additional Options & Scripting
- Useful to build in
tmp/pass--dest-root- (default:$XDG_CACHE_HOME/grimoire) --refresh(global) re-pulls existing clones and expires the search cache; applies tofetch/install/inspect/search.
--no-colordisables colored terminal outputgrimoire search <term> --limit 10limits results to the first N matchesgrimoire search <term> --no-interactivelists results without prompting to installgrimoire search <term> --plainpacman-Ssstyle two-line output for scripting (best match first)grimoire inspect <pkg> --plainpacman-SistyleKey : Valueoutput for scriptinggrimoire list --repo <name>lists every package in a repoREPO Pkg Version
More info & cryptographic trust
- Respects
IgnorePkg = x y zfrom/etc/pacman.conf - Completions are also available and have cached search complete.
- Arch Package Guidelines
- Man pages:
Tools:
pacman-contribhttps://archlinux.org/packages/extra/x86_64/pacman-contrib/devtoolshttps://archlinux.org/packages/extra/any/devtools/
Packaging examples proto
-
Pass
--verify(install/fetch) to require a valid GPG signature before building. If you point at an annotated tag (--rev <tag>) it runsgit verify-tag, elsegit verify-commiton the checked-out HEAD commit. -
Aborts if the target is unsigned, has a bad signature, or the signer's key isn't in your keyring:
gpg --recv-keys <fingerprint>. -
By default this checks signature validity, not key trust (a good signature from any key you hold passes). To also gate on owner-trust, pass
--min-trust <level>(implies--verify) at one of 3 levels:marginal,fully, orultimate. Establish trust first (gpg --edit-key <fpr>→trust, or import ownertrust); a freshly received key is untrusted and will be rejected.
Made with ♡