Sohimaster / traur

What is traur?

traur delivers trust scoring for AUR packages, scanning PKGBUILDs, install scripts, source URLs, metadata, and git history against patterns from real malware like CHAOS RAT and Acroread. Written in Rust, it integrates with paru via an ALPM hook to auto-scan before any install or upgrade, blocking malicious ones and prompting on sketchy packages. Run `traur scan` for manual checks or `traur allow` to whitelist trusted ones—no more traurig surprises from unvetted aur packages.

Why is it gaining traction?

Unlike basic AUR helpers, traur's paru-integrated hook catches threats pre-transaction with 12 signal categories covering reverse shells, obfuscation, mining, and GTFOBins abuse. Its pattern database draws from actual incidents, plus bulk scanning and benchmarking make it practical for auditing installed aur packages. Developers appreciate the tiered output (TRUSTED to MALICIOUS) and config for ignoring false positives.

Who should use this?

Arch users heavy on AUR via paru or yay, especially those pulling frequent updates or niche packages. Ideal for sysadmins securing shared machines or devs paranoid about supply-chain attacks in traurige filme-like scenarios of orphan takeovers and typosquatting. Skip if you stick to official repos.

Verdict

Grab it via `paru -S traur` if AUR is your daily driver—its Rust speed and hook make trust scoring seamless despite 44 stars and 1.0% credibility score signaling early maturity. Docs are solid in README, but watch for pattern updates as AUR threats evolve.

(198 words)