chore(moonset): bump pkgver to 0.9.1

Moonarch configures the Sweet-cursors theme in six places — greeter
(moongreet.toml, niri-greeter.kdl) and desktop (niri config.kdl, GTK 3/4
settings.ini) — but never declared the package that ships the theme.
On a fresh install the cursor theme was absent system-wide, so Niri and
GTK fell back to the default cursor; it only worked where sweet-cursors
happened to be present (e.g. installed into a user home).

sweet-cursors-git provides 'sweet-cursors'; listing it ensures the theme
is installed system-wide for both the greeter user and the desktop user.

.gitea/workflows/build-and-publish.yaml

@@ -29,40 +29,134 @@ jobs:
 
           echo "Changed packages: $CHANGED"
 
+          # Sync pacman DB so makepkg -s can resolve current deps.
+          # NEVER change this to -Syu. The runner shares I/O with the host
+          # (act_runner runs in network-host mode on the Gitea server). A full
+          # system upgrade here took the host down on 2026-04-20 and required
+          # a hard reboot + Contabo abuse-block recovery. -Sy syncs the DB
+          # only; -s picks targeted makedepends via pacman.
+          sudo pacman -Sy --noconfirm
+
           for pkg in $CHANGED; do
             echo "==> Building $pkg"
             cd "$pkg"
 
+            # Install makedepends manually (cargo, go, …) and skip the full
+            # depends check via -d. Rationale: moonarch-git's runtime depends
+            # include AUR-only packages (stasis, auto-cpufreq, ttf-ubuntusans-nerd)
+            # which pacman can't resolve. Those deps aren't needed at build time.
+            # Source the PKGBUILD in a subshell to read the array robustly —
+            # awk/grep parsing breaks on single-line vs multi-line formats.
+            MAKEDEPS=$(bash -c 'source ./PKGBUILD 2>/dev/null; printf "%s " "${makedepends[@]}"')
+            if [ -n "${MAKEDEPS// }" ]; then
+              # shellcheck disable=SC2086
+              sudo pacman -S --needed --noconfirm $MAKEDEPS
+            fi
+
+            # Single-threaded build to keep memory peak below the 8 GiB
+            # host budget. Run 108 (2026-04-28) hit a verified global OOM
+            # (constraint=CONSTRAINT_NONE in journalctl, rustc killed at
+            # 1.7 GiB RSS while host was already at 6.2 GiB used / 1.6 GiB
+            # available). Two parallel rustc workers blow that reserve.
+            # Container-side mem_limit doesn't help because the kill is
+            # global, not cgroup. -j1 halves the peak; act_runner blkio
+            # cap (30 MB/s) protects I/O. Do NOT raise without a wider
+            # memory plan (more host RAM, per-container caps, or larger
+            # swap headroom).
+            export CARGO_BUILD_JOBS=1
+            export MAKEFLAGS="-j1"
             makepkg -sfd --noconfirm
 
-            # Find the built package file
-            PKG_FILE=$(ls -t *.pkg.tar.zst 2>/dev/null | head -1)
-            if [ -z "$PKG_FILE" ]; then
+            # makepkg can emit multiple artifacts per build (main + -debug
+            # split package). Upload each. Arch filename convention:
+            # <pkgname>-<pkgver>-<pkgrel>-<arch>.pkg.tar.zst; pkgver never
+            # contains '-', so we can strip from the right.
+            shopt -s nullglob
+            PKG_FILES=(*.pkg.tar.zst)
+            shopt -u nullglob
+            if [ "${#PKG_FILES[@]}" -eq 0 ]; then
               echo "ERROR: No package file found for $pkg"
               cd ..
               continue
             fi
 
-            # Extract version for delete endpoint
-            PKG_NAME=$(grep '^pkgname=' PKGBUILD | cut -d= -f2)
-            PKG_VER=$(grep '^pkgver=' PKGBUILD | cut -d= -f2)
-            PKG_REL=$(grep '^pkgrel=' PKGBUILD | cut -d= -f2)
-            PKG_ARCH=$(grep '^arch=' PKGBUILD | sed "s/.*('\(.*\)').*/\1/")
-            FULL_VER="${PKG_VER}-${PKG_REL}"
+            # Collect unique package names + the version we just built for
+            # each. We delete only ZOMBIE versions (anything in the registry
+            # for this name that is NOT the version we just built) to clear
+            # the Gitea Arch DB which doesn't evict on pkgver change.
+            #
+            # Run 107 (2026-04-28) showed the previous "delete all versions"
+            # logic killed cross-package state when multiple PKGBUILDs were
+            # built in one run — sweet-cursors's clear loop deleted the
+            # just-uploaded moongreet-git versions. The skip-current-version
+            # logic + .type=="arch" filter prevent that recurrence.
+            declare -A SEEN_NAMES
+            declare -A KEEP_VERS
+            for PKG_FILE in "${PKG_FILES[@]}"; do
+              base="${PKG_FILE%.pkg.tar.zst}"
+              # Strip arch (last -seg), pkgrel (next), pkgver (next) → name.
+              # Keep "$pkgver-$pkgrel" as the full version.
+              arch_stripped="${base%-*}"
+              rel_stripped="${arch_stripped%-*}"
+              ver_stripped="${rel_stripped%-*}"
+              pkg_name="$ver_stripped"
+              full_ver="${arch_stripped#${ver_stripped}-}"
+              SEEN_NAMES["$pkg_name"]=1
+              KEEP_VERS["$pkg_name"]="$full_ver"
+            done
 
-            echo "==> Uploading $PKG_FILE ($PKG_NAME $FULL_VER $PKG_ARCH)"
+            sudo pacman -S --needed --noconfirm jq
 
-            # Delete old version if it exists (ignore 404)
-            curl -s -o /dev/null -X DELETE \
-              -H "Authorization: token ${{ secrets.PKG_REGISTRY_TOKEN }}" \
-              "https://gitea.moonarch.de/api/packages/nevaforget/arch/moonarch/${PKG_NAME}/${FULL_VER}/${PKG_ARCH}" || true
+            for PKG_NAME in "${!SEEN_NAMES[@]}"; do
+              KEEP="${KEEP_VERS[$PKG_NAME]}"
+              echo "==> Clearing zombie versions of $PKG_NAME (keep: $KEEP)"
+              VERSIONS=$(curl -s \
+                -H "Authorization: token ${{ secrets.PKG_REGISTRY_TOKEN }}" \
+                "https://gitea.moonarch.de/api/v1/packages/nevaforget?type=arch&q=${PKG_NAME}&page=1&limit=100" \
+                | jq -r --arg n "$PKG_NAME" --arg t "arch" \
+                    '.[] | select(.name==$n and .type==$t) | .version')
+              for V in $VERSIONS; do
+                if [ "$V" = "$KEEP" ]; then
+                  echo "    skip  $PKG_NAME@$V (just built)"
+                  continue
+                fi
+                echo "    delete $PKG_NAME@$V"
+                DEL_CODE=$(curl -s -o /dev/null -w '%{http_code}' -X DELETE \
+                  -H "Authorization: token ${{ secrets.PKG_REGISTRY_TOKEN }}" \
+                  "https://gitea.moonarch.de/api/v1/packages/nevaforget/arch/${PKG_NAME}/${V}")
+                echo "    HTTP $DEL_CODE"
+              done
+            done
 
-            # Upload new version
-            curl -sf \
-              -H "Authorization: token ${{ secrets.PKG_REGISTRY_TOKEN }}" \
-              --upload-file "$PKG_FILE" \
-              "https://gitea.moonarch.de/api/packages/nevaforget/arch/moonarch"
+            for PKG_FILE in "${PKG_FILES[@]}"; do
+              base="${PKG_FILE%.pkg.tar.zst}"
+              PKG_ARCH="${base##*-}"
+              base="${base%-*}"
+              PKG_REL="${base##*-}"
+              base="${base%-*}"
+              PKG_VER="${base##*-}"
+              PKG_NAME="${base%-*}"
+              FULL_VER="${PKG_VER}-${PKG_REL}"
 
-            echo "==> Published $PKG_NAME $FULL_VER"
+              echo "==> Uploading $PKG_FILE ($PKG_NAME $FULL_VER $PKG_ARCH)"
+
+              # Upload new version. Capture HTTP status — curl -sf alone
+              # hides the response, and a silent failure lets the run green
+              # while the registry stays stale.
+              HTTP_CODE=$(curl -s -w '%{http_code}' -o /tmp/upload.log \
+                -H "Authorization: token ${{ secrets.PKG_REGISTRY_TOKEN }}" \
+                --upload-file "$PKG_FILE" \
+                "https://gitea.moonarch.de/api/packages/nevaforget/arch/moonarch")
+              echo "--- server response (HTTP $HTTP_CODE) ---"
+              cat /tmp/upload.log
+              echo
+              echo "-----------------------"
+              if [[ ! "$HTTP_CODE" =~ ^2 ]]; then
+                echo "ERROR: Upload failed with HTTP $HTTP_CODE for $PKG_FILE"
+                exit 1
+              fi
+
+              echo "==> Published $PKG_NAME $FULL_VER (HTTP $HTTP_CODE)"
+            done
             cd ..
           done

.gitignore

@@ -5,3 +5,7 @@ pkg/
 # Bare git repos cloned by makepkg
 moonarch-git/moonarch/
 sweet-cursors-git/Sweet-cursors/
+moongreet-git/greetd-moongreet/
+moonlock-git/moonlock/
+moonset-git/moonset/
+sshfsc-git/sshfs_connect/

DECISIONS.md

@@ -0,0 +1,63 @@
+# Decisions
+
+## 2026-06-10 – Rust/Go packages: -git → no-suffix tag-build (match what ships)
+
+- **Who**: Dominik, ClaudeCode
+- **Why**: `moonlock-git`/`moongreet-git`/`moonset-git`/`sshfsc-git` carried the `-git` suffix (Arch convention: VCS package, user builds HEAD locally) but the registry ships pre-built binaries — the user never builds. The suffix lied about what is distributed. corsairctl already did it right: no suffix, build from a versioned git tag (`#tag=v$pkgver`) — the official-Arch-repo model (versioned source, built centrally, distributed as binary).
+- **Tradeoffs**: A `-bin` style (project CI builds the binary, PKGBUILD installs only a release asset) was considered but rejected: it needs new build infra in each project repo, whereas tag-build is the smallest change to the existing two-stage CI and corsairctl already proves the pattern. The build stays in CI (no OOM-relevant change). Downside: per-package `update-pkgver` now reads the latest tag instead of `git describe`.
+- **How**: In moonarch-pkgbuilds, `git mv <name>-git <name>`; PKGBUILD drops `pkgver()`, sets fixed `pkgver` = latest tag, `source=...#tag=v$pkgver`, `pkgname` without suffix, `pkgrel=1`, plus `replaces=('<name>-git')` + `conflicts=('<name>-git')` for clean client migration on `pacman -Syu`. moongreet keeps `epoch=1` (2026-04-28 rollback) and its install hook. corsairctl added as-is (already tag-style). `moonarch-git` `depends` updated to the new names (pkgrel 12 → 13). Per-project `update-pkgver.yaml` switched to tag-trigger + `git describe --tags --abbrev=0`. Old `-git` registry versions deleted manually (the name change defeats the auto zombie-cleanup). Scope: `sshfsc` deferred (only tag v0.1.0, HEAD 11 commits ahead — needs a fresh tag first); `sweet-cursors` stays `-git` (no version tags upstream).
+
+## 2026-05-04 – moonarch-git: skip wlsunset in global enable loop
+
+- **Who**: Dominik, ClaudeCode
+- **Why**: PKGBUILD's blanket loop over `defaults/etc/systemd/user/*.service` created `/etc/systemd/user/graphical-session.target.wants/wlsunset.service` — a global-scope symlink. The waybar nightlight toggle calls `systemctl --user disable wlsunset`, which only touches user-scope symlinks; the global one persists, so the filter came back on every reboot. Fix coordinates with moonarch repo (post-install.sh and CLAUDE.md updates) — see `moonarch/DECISIONS.md` 2026-05-04 entry.
+- **Tradeoffs**: A whitelist of services-to-enable (instead of blacklist) would be cleaner long-term, but the project ships exactly one toggle-able user service today; a `skip_enable` array reads more clearly against the existing loop. `pre_upgrade()` cleanup is conservative: removes only the wlsunset wants-symlink, leaves the unit file itself.
+- **How**: PKGBUILD `package()` — symlink loop now consults `skip_enable=("wlsunset.service")` and skips matching basenames. `moonarch.install` `pre_upgrade()` — deletes pre-existing `/etc/systemd/user/graphical-session.target.wants/wlsunset.service` so installed systems migrate cleanly. `pkgrel` bumped 11 → 12 so existing installs see the fix on next `pacman -Syu`; otherwise the registry would carry a same-versioned package and clients would skip the upgrade.
+
+## 2026-04-28 – Bump epoch on moongreet-git after upstream version rollback
+- **Who**: Dominik, ClaudeCode
+- **Why**: `pacman -Syu` warned that local `moongreet-git 0.10.0.r0.gce9f219-3` is "newer" than the moonarch registry's `0.8.6.r0.gb9b6f50-1`. Cause: `greetd-moongreet` upstream was tagged `v0.9.0` and `v0.10.0` early on, then the tag history continued with `v0.8.4` → `v0.8.5` → `v0.8.6` patches on top — a deliberate downgrade of the version line. `pkgver()` uses `git describe --long --tags`, which now returns `0.8.6.r0.gb9b6f50` at HEAD, but any system that built moongreet before the tag rollback still has the higher-sorting `0.10.0` installed. Without an epoch bump, those systems will never accept the registry's 0.8.x as an upgrade.
+- **Tradeoffs**: Re-tagging upstream to leapfrog past v0.10.0 (e.g. v0.11.0) would also resolve the mismatch and avoid the epoch — but it would create a fake version that doesn't reflect the actual feature scope, and we'd be permanently chasing the v0.10.0 ghost on every future bump. Epoch is the canonical pacman mechanism for exactly this situation; one-time cost, no upstream lie.
+- **How**: `epoch=1` added to `moongreet-git/PKGBUILD`, `pkgrel` bumped 3 → 4 to retrigger CI.
+
+## 2026-04-28 – Bump epoch on sweet-cursors-git to overrule AUR-built local installs
+- **Who**: Dominik, ClaudeCode
+- **Why**: `pacman -Syu` warned that local `sweet-cursors-git r445.1d92ac7-1` is "newer" than the moonarch registry's `r1.4b49c35-2`. Cause: our Gitea fork (`nevaforget/Sweet-cursors`) is a one-shot snapshot of `EliverLara/Sweet`'s `kde/cursors/Sweet-cursors/` from 2025-09-28 with a single `init` commit, so `pkgver()` always evaluates to `r1`. The local r445 came from the AUR package by `Gigas002` (source: `github.com/Gigas002/Sweet#cursors`, 445 commits, actively maintained, last cursor change 2026-03-02). Without an epoch bump, vercmp would flag the registry as a downgrade on every system that ever installed via paru/AUR.
+- **Tradeoffs**: Switching the PKGBUILD source to `Gigas002/Sweet#cursors` would track upstream and avoid the version mismatch entirely, but requires `inkscape` + `xorg-xcursorgen` makedeps and a non-trivial SVG-compile build step in CI. Cursor changes upstream are minimal in practice (one fix in 6 months), so the maintenance value is low. Keeping the snapshot keeps the build trivial and the source tiny — at the cost of being permanently frozen at the September 2025 state. Documented in the fork's README.
+- **How**: `epoch=1` added to `sweet-cursors-git/PKGBUILD`, `pkgrel` bumped 2 → 3 to retrigger CI. Added `README.md` to the `nevaforget/Sweet-cursors` Gitea repo explaining the snapshot rationale and pointing to `Gigas002/Sweet` for users who want a maintained variant.
+
+## 2026-04-23 – Rust PKGBUILDs honour CARGO_TARGET_DIR
+- **Who**: Dominik, ClaudeCode
+- **Why**: The act_runner container sets `CARGO_TARGET_DIR=/cache/target` (for cross-build cache persistence), but `moongreet-git`/`moonlock-git`/`moonset-git` `package()` hardcoded `target/release/<bin>`. Run 87 compiled for 8 min and then failed at `install: cannot stat 'target/release/moongreet'` because the binary actually lived in `/cache/target/release/`. Silent until today because earlier builds pre-date the env var.
+- **Tradeoffs**: None meaningful — the fallback `${CARGO_TARGET_DIR:-target}` preserves local `makepkg` builds (no env var → still reads from `./target/`).
+- **How**: Patched `install -Dm755` in all three Rust-app PKGBUILDs to use `"${CARGO_TARGET_DIR:-target}/release/<bin>"`.
+
+## 2026-04-23 – Single-threaded, low-priority build in CI to keep the Gitea host alive
+- **Who**: Dominik, ClaudeCode
+- **Why**: The act_runner container shares CPU/RAM/I/O with the Gitea host (network-host mode, no resource limits). Parallel Rust builds OOM-kill or thrash the host: run 86 (2026-04-23, moongreet-git 0.8.3.r1) stopped mid-compile at `Compiling gio v0.22.2` with no error, and gitea HTTPS was unreachable for ~11 min. Same pattern on 2026-04-20. Runner-side resource limits would be better, but require host-side config changes; a pipeline-side fix is portable and low-risk.
+- **Tradeoffs**: Builds are slower — single-threaded cargo compile of a moon* project takes ~2–3× as long. `nice -n 19` + `ionice -c 3` further delay the build when the host is busy, but that's the point. Slow build beats downed host.
+- **How**: `build-and-publish.yaml` exports `CARGO_BUILD_JOBS=1` and `MAKEFLAGS=-j1` before `makepkg`, and wraps `makepkg` with `nice -n 19 ionice -c 3`. Affects every package build in the matrix.
+
+## 2026-04-21 – moonarch-git becomes a full meta-package (hard deps on all Arch-repo essentials + own registry siblings)
+- **Who**: Dominik, ClaudeCode
+- **Why**: `moonarch-git` listed `moongreet-git`/`moonlock-git`/`moonset-git` only as `optdepends` and omitted most Arch-repo essentials (wlsunset, networkmanager, bluez, xwayland-satellite, file-manager stack, zsh plugins, CLI tools, …) entirely — they lived only in `packages/official.txt`. `paru -S moonarch-git` on a fresh system therefore produced a desktop with no greeter, no lockscreen, no power menu, no nightlight, no network manager, no portals — a non-functional Moonarch. Split source of truth between PKGBUILD deps and txt files caused continuous drift (e.g. walker-bin was missing from both).
+- **Tradeoffs**: `moonarch-git` is now chunky — installing it pulls ~60 packages (vs ~20 before). Acceptable because this is exactly what every Moonarch system needs; a leaner package just shifted the install work to imperative scripts that silently failed. AUR packages cannot be hard `depends=` (pacman can't resolve AUR), so they stay in `packages/aur.txt` and post-install.sh pulls them explicitly. `optdepends=` was slashed to real extras (docker, rustup for dev, waterfox) — no more mirroring of aur.txt there.
+- **How**: Added to `depends=`: moongreet-git, moonlock-git, moonset-git, xwayland-satellite, libnotify, foot-terminfo, wlsunset, nwg-look, awww, libpulse, gst-plugin-pipewire, networkmanager + nm-applet + nm-openvpn + openvpn, bluez, gvfs + gvfs-{dnssd,mtp,smb}, udisks2, ntfs-3g, xdg-desktop-portal-{gnome,gtk}, qt6-5compat, zsh-{autosuggestions,syntax-highlighting}, bat, btop, eza, fastfetch, fd, fzf, lazygit, ripgrep, neovim, git, fwupd, ufw. Removed from `optdepends=`: all Moonarch ecosystem packages (now hard deps), all AUR packages (post-install.sh pulls from aur.txt), and already-depended Arch-repo packages. `pkgrel` bumped 9 → 10.
+
+## 2026-04-20 – Registry is the only install path; drop paru --pkgbuilds
+- **Who**: Dominik, ClaudeCode
+- **Why**: Two parallel mechanisms for finding moonarch packages (the Arch registry via `[moonarch]` in `pacman.conf`, and paru's PKGBUILD-repo via `[moonarch-pkgbuilds]` in `paru.conf`) created ambiguous state: `paru -S` resolves from whichever has a matching version first, and diagnostics have to account for both. With the registry DB now stable (see zombie fix below), the PKGBUILD-repo path is redundant.
+- **Tradeoffs**: No more local-build fallback when the registry is broken — but when the registry is broken, the real fix is to repair it, not to mask the problem with a second mechanism. Existing systems need their `/etc/paru.conf` cleaned once (hook handles that on next moonarch-git upgrade).
+- **How**: `moonarch.install` post_install now deletes `Mode = arp` and the `[moonarch-pkgbuilds]` section from `/etc/paru.conf` instead of writing them. `moonarch/scripts/post-install.sh` and `transform.sh` no longer configure paru.conf or call `paru -Syu --pkgbuilds`; they run `pacman -Sy` + `paru -S moonarch-git` (registry only).
+
+## 2026-04-20 – CI wipes all package versions before upload to kill DB zombies
+- **Who**: Dominik, ClaudeCode
+- **Why**: `paru -Syu` stopped offering `moonarch-git` updates after the r99 → r105 pkgver bump. Root cause: Gitea's Arch registry updates `moonarch.db` incrementally on upload, but does not evict old entries when a pkgver changes. `r99` lingered in the DB as a zombie — file already 404, but desc/sig still present — so clients saw `r99` as "latest" and never got `r105`. Not a one-off: every future pkgver bump would repeat the issue.
+- **Tradeoffs**: Delete-before-upload adds an HTTP round-trip per package and requires `read:package` on the registry token (`write:package` was already there for upload). Alternative was an admin-side DB scrub per zombie — unscalable and hostile to the user.
+- **How**: `build-and-publish.yaml` now lists every existing version of each built package via `GET /api/v1/packages/{owner}?type=arch&q={name}` and `DELETE`s them before the upload loop. jq installed on the runner as a dependency of the listing parser. The per-upload `DELETE` of the exact new version was removed (redundant).
+
+## 2026-04-20 – Register moongreet/moonset/sweet-cursors in the Arch registry
+- **Who**: Dominik, ClaudeCode
+- **Why**: These three packages were missing entirely from the registry — their last pkgver-bumps landed before the `build-and-publish` CI fixes (makedepends install, source-based PKGBUILD parse, multi-artifact upload). Without a new PKGBUILD change, the workflow never re-triggered, so they stayed absent.
+- **Tradeoffs**: Bumping `pkgrel` manually is a one-shot push. Alternative (wait for the next real upstream change) would have left packages uninstallable indefinitely.
+- **How**: Bumped `pkgrel` in each PKGBUILD, single commit, triggered the `build-and-publish` workflow.

README.md

@@ -1,6 +1,7 @@
 # Moonarch PKGBUILDs
 
-Arch Linux package builds for the Moonarch ecosystem. Use with [paru](https://github.com/Morganamilo/paru) as a custom AUR source.
+PKGBUILDs for the Moonarch ecosystem. Published as prebuilt Arch packages
+via the Gitea Package Registry at `gitea.moonarch.de`.
 
 ## Packages
 
@@ -14,20 +15,16 @@ Arch Linux package builds for the Moonarch ecosystem. Use with [paru](https://gi
 
 ## Setup
 
-Add to `~/.config/paru/paru.conf`:
+The Moonarch installer configures `/etc/pacman.conf` with:
 
 ```ini
 [moonarch]
-Url = https://gitea.moonarch.de/nevaforget/moonarch-pkgbuilds
+SigLevel = Required DatabaseOptional
+Server = https://gitea.moonarch.de/api/packages/nevaforget/arch/$repo/$arch
 ```
 
-Then sync the repository index:
-
-```bash
-paru -Sy --pkgbuilds
-```
-
-This downloads the PKGBUILDs from Gitea. Without this step, paru will not find the moonarch packages.
+No extra paru setup required — `pacman` and `paru` both resolve moonarch
+packages from the registry.
 
 ## Install
 
@@ -37,19 +34,41 @@ paru -S moonarch-git   # pulls in all ecosystem packages as dependencies
 
 ## Update
 
-Standard system upgrade picks up new versions automatically:
-
 ```bash
 paru -Syu
 ```
 
+Version bumps land in the registry automatically:
+
+1. Push on `main` of `moonarch`, `moongreet`, `moonlock`, or `moonset`
+   triggers the per-project `update-pkgver.yaml` — pkgver-bot commits a
+   fresh `pkgver` to the matching PKGBUILD here.
+2. That commit triggers `build-and-publish.yaml` (this repo): the runner
+   builds every changed PKGBUILD and uploads the artifacts to the Arch
+   registry. Before each upload all existing versions of the package are
+   deleted so the repo DB stays clean — see `build-and-publish.yaml` for
+   the rationale (zombie DB entries after pkgver changes).
+
+`sweet-cursors-git` has no upstream CI; bump its `pkgrel` manually when
+a rebuild is needed.
+
 ## Troubleshooting
 
-**"not downloaded (use -Sy --pkgbuilds to download)"**: Run `paru -Sy --pkgbuilds` to fetch the repo index.
-
-**"cannot update the lock file ... --locked was passed"**: The PKGBUILD cache is stale. Clear it and retry:
+**`paru -Syu` shows no update even though a new version was published**:
+check the repo DB has the new version.
 
 ```bash
-rm -rf ~/.cache/paru/clone/repo/moonarch
-paru -Sy --pkgbuilds && paru -S <package>
+curl -s https://gitea.moonarch.de/api/packages/nevaforget/arch/moonarch/x86_64/moonarch.db \
+  | tar -tz | grep <pkgname>
+```
+
+If only an old version appears there, the `build-and-publish` workflow
+did not run cleanly — inspect the latest run under
+`gitea.moonarch.de/nevaforget/moonarch-pkgbuilds/actions`.
+
+**File conflict on install** (`foo/bar exists in filesystem`): the file
+was placed manually before the package claimed ownership. Once:
+
+```bash
+paru -Syu --overwrite=/path/to/conflicting/file
 ```

corsairctl/.SRCINFO

@@ -0,0 +1,17 @@
+pkgbase = corsairctl
+	pkgdesc = CLI tool for Corsair Bragi-protocol devices (HS80 RGB Wireless, etc.)
+	pkgver = 0.1.2
+	pkgrel = 1
+	url = https://gitea.moonarch.de/nevaforget/corsairctl
+	arch = x86_64
+	license = MIT
+	makedepends = cargo
+	makedepends = pkg-config
+	makedepends = alsa-lib
+	makedepends = hidapi
+	depends = hidapi
+	depends = alsa-lib
+	source = git+https://gitea.moonarch.de/nevaforget/corsairctl.git#tag=v0.1.2
+	sha256sums = SKIP
+
+pkgname = corsairctl

corsairctl/PKGBUILD

@@ -0,0 +1,33 @@
+# Maintainer: nevaforget <dom@moonarch.de>
+pkgname=corsairctl
+pkgver=0.1.2
+pkgrel=1
+pkgdesc='CLI tool for Corsair Bragi-protocol devices (HS80 RGB Wireless, etc.)'
+arch=('x86_64')
+url='https://gitea.moonarch.de/nevaforget/corsairctl'
+license=('MIT')
+depends=('hidapi' 'alsa-lib')
+makedepends=('cargo' 'pkg-config' 'alsa-lib' 'hidapi')
+source=("git+${url}.git#tag=v$pkgver")
+sha256sums=('SKIP')
+
+prepare() {
+    cd "$pkgname"
+    export RUSTUP_TOOLCHAIN=stable
+    cargo fetch --locked --target "$(rustc -vV | sed -n 's/host: //p')"
+}
+
+build() {
+    cd "$pkgname"
+    export RUSTUP_TOOLCHAIN=stable
+    export CARGO_TARGET_DIR=target
+    cargo build --frozen --release
+}
+
+package() {
+    cd "$pkgname"
+    install -Dm755 "target/release/$pkgname" "$pkgdir/usr/bin/$pkgname"
+    install -Dm755 "scripts/corsairctl-waybar.sh" "$pkgdir/usr/bin/corsairctl-waybar"
+    install -Dm644 "udev/99-corsair.rules" "$pkgdir/usr/lib/udev/rules.d/99-corsair.rules"
+    install -Dm644 "LICENSE" "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+}

moonarch-git/.SRCINFO

@@ -0,0 +1,81 @@
+pkgbase = moonarch-git
+	pkgdesc = Moonarch desktop environment defaults — Niri, Waybar, Catppuccin Mocha
+	pkgver = r125.dbc2997
+	pkgrel = 13
+	url = https://gitea.moonarch.de/nevaforget/moonarch
+	install = moonarch.install
+	arch = any
+	license = MIT
+	makedepends = git
+	depends = moongreet
+	depends = moonlock
+	depends = moonset
+	depends = niri
+	depends = xwayland-satellite
+	depends = greetd
+	depends = waybar
+	depends = swaync
+	depends = libnotify
+	depends = foot
+	depends = foot-terminfo
+	depends = cliphist
+	depends = wl-clipboard
+	depends = kanshi
+	depends = wlsunset
+	depends = nwg-look
+	depends = brightnessctl
+	depends = awww
+	depends = pipewire
+	depends = pipewire-alsa
+	depends = pipewire-jack
+	depends = pipewire-pulse
+	depends = wireplumber
+	depends = libpulse
+	depends = alsa-utils
+	depends = pavucontrol
+	depends = gst-plugin-pipewire
+	depends = networkmanager
+	depends = network-manager-applet
+	depends = networkmanager-openvpn
+	depends = openvpn
+	depends = bluez
+	depends = bluez-utils
+	depends = gvfs
+	depends = gvfs-dnssd
+	depends = gvfs-mtp
+	depends = gvfs-smb
+	depends = udisks2
+	depends = ntfs-3g
+	depends = xdg-desktop-portal-gnome
+	depends = xdg-desktop-portal-gtk
+	depends = qt6-5compat
+	depends = ttf-ubuntusans-nerd
+	depends = zsh
+	depends = zsh-autosuggestions
+	depends = zsh-syntax-highlighting
+	depends = bat
+	depends = btop
+	depends = eza
+	depends = fastfetch
+	depends = fd
+	depends = fzf
+	depends = jq
+	depends = lazygit
+	depends = ripgrep
+	depends = neovim
+	depends = git
+	depends = fwupd
+	depends = ufw
+	depends = polkit-gnome
+	depends = upower
+	optdepends = docker: container runtime
+	optdepends = docker-compose: multi-container orchestration
+	optdepends = rustup: Rust toolchain manager (development)
+	optdepends = waterfox-bin: web browser
+	provides = moonarch
+	conflicts = moonarch
+	backup = etc/zsh/zshrc.moonarch
+	source = git+https://gitea.moonarch.de/nevaforget/moonarch.git
+	sha256sums = SKIP
+
+pkgname = moonarch-git

moonarch-git/PKGBUILD

@@ -4,8 +4,8 @@
 # Maintainer: Dominik Kressler
 
 pkgname=moonarch-git
-pkgver=r81.579a948
-pkgrel=1
+pkgver=r129.d101b23
+pkgrel=15
 pkgdesc="Moonarch desktop environment defaults — Niri, Waybar, Catppuccin Mocha"
 arch=('any')
 url="https://gitea.moonarch.de/nevaforget/moonarch"
@@ -13,16 +13,25 @@ license=('MIT')
 install=moonarch.install
 
 depends=(
+    # Moonarch ecosystem (own registry)
+    'moongreet'
+    'moonlock'
+    'moonset'
+    'sweet-cursors'
+
     # Compositor & session
     'niri'
+    'xwayland-satellite'
     'greetd'
 
     # Bar & notifications
     'waybar'
     'swaync'
+    'libnotify'
 
     # Terminal
     'foot'
+    'foot-terminfo'
 
     # Clipboard
     'cliphist'
@@ -30,70 +39,80 @@ depends=(
 
     # Display
     'kanshi'
+    'wlsunset'
+    'nwg-look'
+    'brightnessctl'
+
+    # Wallpaper
+    'awww'
 
     # Audio
     'pipewire'
-    'wireplumber'
+    'pipewire-alsa'
+    'pipewire-jack'
     'pipewire-pulse'
+    'wireplumber'
+    'libpulse'
     'alsa-utils'
     'pavucontrol'
+    'gst-plugin-pipewire'
 
-    # Theming
-    'ttf-ubuntusans-nerd'
+    # Network
+    'networkmanager'
+    'network-manager-applet'
+    'networkmanager-openvpn'
+    'openvpn'
 
-    # System utilities referenced by helper scripts
-    'brightnessctl'
-    'libnotify'
-    'upower'
-    'polkit-gnome'
+    # Bluetooth
+    'bluez'
     'bluez-utils'
 
+    # File manager & portals
+    'gvfs'
+    'gvfs-dnssd'
+    'gvfs-mtp'
+    'gvfs-smb'
+    'udisks2'
+    'ntfs-3g'
+    'xdg-desktop-portal-gnome'
+    'xdg-desktop-portal-gtk'
+    'qt6-5compat'
+
+    # Theming & fonts
+    'ttf-ubuntusans-nerd'
+
     # Shell
     'zsh'
+    'zsh-autosuggestions'
+    'zsh-syntax-highlighting'
 
-    # PipeWire extras for XDG config
-    'pipewire-alsa'
-    'pipewire-jack'
-    'gst-plugin-pipewire'
+    # CLI tools (referenced by zshrc + helper scripts)
+    'bat'
+    'btop'
+    'eza'
+    'fastfetch'
+    'fd'
+    'fzf'
+    'jq'
+    'lazygit'
+    'ripgrep'
+
+    # Editor & VCS
+    'neovim'
+    'git'
+
+    # System
+    'fwupd'
+    'ufw'
+    'polkit-gnome'
+    'upower'
 )
 
 optdepends=(
-    # Moonarch ecosystem (install via paru from AUR/local builds)
-    'moongreet-git: greetd greeter'
-    'moonlock-git: Wayland lockscreen'
-    'moonset-git: session power menu'
-
-    # AUR packages (install via paru)
-    'walker-bin: application launcher'
-    'elephant-bin: walker search daemon'
-    'awww: wallpaper daemon (swww alternative)'
-    'waypaper: wallpaper GUI'
-    'stasis: idle manager'
-    'colloid-catppuccin-gtk-theme-git: Catppuccin GTK theme'
-    'sweet-cursors-git: cursor theme'
-
-    # General tools
     'docker: container runtime'
     'docker-compose: multi-container orchestration'
-    'neovim: editor (EDITOR in zshrc)'
-    'rustup: Rust toolchain'
-    'git: version control'
-    'lazygit: terminal UI for git'
-    'btop: system monitor'
-    'fastfetch: system info display'
-    'auto-cpufreq: CPU frequency scaling'
-    'ufw: firewall'
-    'timeshift: system snapshots'
-    'fwupd: firmware updates'
+    'rustup: Rust toolchain manager (development)'
     'waterfox-bin: web browser'
-    'blueberry: bluetooth manager GUI'
-    'nwg-look: GTK settings editor'
-    'wdisplays-persistent-gettext: display configuration GUI'
-    'wl-color-picker: color picker'
-    'waybar-niri-windows-bin: niri window titles for waybar'
-    'waybar-niri-workspaces-enhanced-git: niri workspaces for waybar'
-    'xwayland-satellite: X11 app support'
-    'colloid-catppuccin-theme-git: full Catppuccin GTK+icon theme'
 )
 
 makedepends=('git')
@@ -140,8 +159,13 @@ package() {
     # --- Helper scripts -> /usr/bin/ ---
     install -Dm755 defaults/bin/moonarch-* -t "$pkgdir/usr/bin/"
 
-    # moonarch-update
+    # moonarch-update + shorthand alias
     install -Dm755 scripts/moonarch-update "$pkgdir/usr/bin/moonarch-update"
+    ln -s moonarch-update "$pkgdir/usr/bin/moonup"
+
+    # moonarch-doctor + shorthand alias
+    install -Dm755 scripts/moonarch-doctor "$pkgdir/usr/bin/moonarch-doctor"
+    ln -s moonarch-doctor "$pkgdir/usr/bin/moondoc"
 
     # awww compatibility symlinks (waypaper calls swww)
     ln -sf /usr/bin/awww "$pkgdir/usr/bin/swww"
@@ -172,6 +196,21 @@ package() {
     install -Dm644 defaults/xdg/swaync/style.css \
         "$pkgdir/usr/share/moonarch/swaync/style.css"
 
+    # --- mpv config (owned by moonarch-git; ModernZ color overrides via script-opts-append) ---
+    install -Dm644 defaults/etc/mpv/mpv.conf "$pkgdir/etc/mpv/mpv.conf"
+
+    # --- Fontconfig generic-family defaults (owned; number 65 loads after 60-latin to win) ---
+    install -Dm644 defaults/etc/fonts/conf.d/65-moonarch-fonts.conf \
+        "$pkgdir/etc/fonts/conf.d/65-moonarch-fonts.conf"
+
+    # --- xdg-desktop-portal Inhibit override (owned; higher priority than niri's
+    #     /usr/share default). xdg-desktop-portal-gtk reports the Inhibit interface
+    #     as success even though nothing implements it under Niri, so Firefox/Waterfox
+    #     skips the native Wayland idle-inhibit. With no backend the browser falls back
+    #     to zwp_idle_inhibit, which Niri honors -> windowed video keeps the screen awake. ---
+    install -Dm644 defaults/etc/xdg-desktop-portal/niri-portals.conf \
+        "$pkgdir/etc/xdg-desktop-portal/niri-portals.conf"
+
     # --- Reference configs for greetd/moongreet (deployed by .install, not owned) ---
     install -Dm644 defaults/etc/greetd/config.toml \
         "$pkgdir/usr/share/moonarch/greetd/config.toml"
@@ -183,13 +222,25 @@ package() {
     # --- Systemd user services -> /etc/systemd/user/ ---
     install -Dm644 defaults/etc/systemd/user/*.service -t "$pkgdir/etc/systemd/user/"
 
-    # Enable services by creating the WantedBy symlinks directly
+    # Enable services by creating the WantedBy symlinks directly.
+    # Toggle-able services (user-controlled via UI) are skipped here so
+    # `systemctl --user disable` can actually take effect — a global-scope
+    # symlink in /etc/ would override any user-scope disable.
     install -dm755 "$pkgdir/etc/systemd/user/graphical-session.target.wants"
+    skip_enable=("wlsunset.service")
     for svc in defaults/etc/systemd/user/*.service; do
-        ln -sf "../$(basename "$svc")" \
-            "$pkgdir/etc/systemd/user/graphical-session.target.wants/$(basename "$svc")"
+        name="$(basename "$svc")"
+        for s in "${skip_enable[@]}"; do
+            [[ "$name" == "$s" ]] && continue 2
+        done
+        ln -sf "../$name" \
+            "$pkgdir/etc/systemd/user/graphical-session.target.wants/$name"
     done
 
+    # --- Systemd system service (battery conservation restore) -> /usr/lib/systemd/system/ ---
+    install -Dm644 defaults/etc/systemd/system/moonarch-batsaver.service \
+        "$pkgdir/usr/lib/systemd/system/moonarch-batsaver.service"
+
 }
 
 backup=(

moonarch-git/moonarch.install

@@ -42,16 +42,13 @@ post_install() {
         fi
     done < /etc/passwd
 
-    # Ensure paru PKGBUILD repo is configured (breaks bootstrap loop otherwise)
+    # Clean up legacy paru PKGBUILD-repo config. Moonarch now ships binaries
+    # exclusively through the Arch registry (pacman repo in /etc/pacman.conf);
+    # the [moonarch-pkgbuilds] section and Mode = arp are obsolete.
     PARU_CONF="/etc/paru.conf"
     if [ -f "$PARU_CONF" ]; then
-        if ! grep -q 'Mode.*p' "$PARU_CONF" 2>/dev/null; then
-            sed -i '/^\[options\]/a Mode = arp' "$PARU_CONF"
-        fi
-        if ! grep -q '\[moonarch-pkgbuilds\]' "$PARU_CONF" 2>/dev/null; then
-            printf '\n[moonarch-pkgbuilds]\nUrl = https://gitea.moonarch.de/nevaforget/moonarch-pkgbuilds.git\n' \
-                >> "$PARU_CONF"
-        fi
+        sed -i '/^Mode[[:space:]]*=[[:space:]]*arp\s*$/d' "$PARU_CONF"
+        sed -i '/^\[moonarch-pkgbuilds\]$/,/^$/d' "$PARU_CONF"
     fi
 
     # Cleanup legacy user-level configs (moved to system-level)
@@ -71,11 +68,40 @@ post_install() {
     rm -f /usr/local/bin/swww /usr/local/bin/swww-daemon 2>/dev/null || true
     rm -f /usr/local/bin/moonarch-update 2>/dev/null || true
 
+    # Battery conservation mode: create state directory and enable restore service
+    install -dm775 -g wheel /var/lib/moonarch
+    if [ -f /sys/class/power_supply/BAT0/charge_control_end_threshold ]; then
+        systemctl enable moonarch-batsaver.service 2>/dev/null || true
+    fi
+
     echo "==> Moonarch defaults installed."
     echo "==> For first-time setup run: /opt/moonarch/scripts/post-install.sh"
     echo "==> This enables services and configures firewall."
 }
 
+pre_upgrade() {
+    # Remove untracked walker theme files from pre-package manual deploys.
+    # Without this, pacman refuses to overwrite files it doesn't own.
+    if [ -d /etc/xdg/walker/themes/moonarch ] && ! pacman -Qo /etc/xdg/walker/themes/moonarch/style.css &>/dev/null; then
+        rm -rf /etc/xdg/walker/themes/moonarch
+    fi
+
+    # Migrate cliphist.service → cliphist-text + cliphist-image
+    if [ -f /etc/systemd/user/cliphist.service ]; then
+        while IFS=: read -r _ _ uid _ _ home _; do
+            if [ "$uid" -ge 1000 ] && [ "$uid" -lt 60000 ] && [ -d "$home" ]; then
+                rm -f "$home/.config/systemd/user/graphical-session.target.wants/cliphist.service" 2>/dev/null || true
+            fi
+        done < /etc/passwd
+        rm -f /etc/systemd/user/graphical-session.target.wants/cliphist.service 2>/dev/null || true
+    fi
+
+    # Drop legacy global-scope wlsunset enablement. Nightlight is a toggle —
+    # the global symlink overrode user-scope disable, so the filter survived
+    # reboots even after the user turned it off.
+    rm -f /etc/systemd/user/graphical-session.target.wants/wlsunset.service 2>/dev/null || true
+}
+
 post_upgrade() {
     post_install
 }

moongreet/.SRCINFO

@@ -1,19 +1,23 @@
-pkgbase = moongreet-git
+pkgbase = moongreet
 	pkgdesc = A greetd greeter for Wayland with GTK4 and Layer Shell
-	pkgver = 0.7.4.r1.gf7e258d
+	pkgver = 0.10.1
 	pkgrel = 1
+	epoch = 1
 	url = https://gitea.moonarch.de/nevaforget/greetd-moongreet
 	install = moongreet.install
 	arch = x86_64
 	license = MIT
 	makedepends = git
 	makedepends = cargo
+	makedepends = gtk4
+	makedepends = gtk4-layer-shell
+	makedepends = pkgconf
 	depends = gtk4
 	depends = gtk4-layer-shell
 	depends = greetd
-	provides = moongreet
-	conflicts = moongreet
-	source = git+https://gitea.moonarch.de/nevaforget/greetd-moongreet.git
+	conflicts = moongreet-git
+	replaces = moongreet-git
+	source = git+https://gitea.moonarch.de/nevaforget/greetd-moongreet.git#tag=v0.10.1
 	sha256sums = SKIP
 
-pkgname = moongreet-git
+pkgname = moongreet

moongreet/PKGBUILD

@@ -1,10 +1,11 @@
 # ABOUTME: PKGBUILD for Moongreet — greetd greeter for Wayland.
-# ABOUTME: Builds from git source with automatic version detection.
+# ABOUTME: Builds from a versioned git tag.
 
 # Maintainer: Dominik Kressler
 
-pkgname=moongreet-git
-pkgver=0.7.4.r1.gf7e258d
+pkgname=moongreet
+epoch=1
+pkgver=0.10.1
 pkgrel=1
 pkgdesc="A greetd greeter for Wayland with GTK4 and Layer Shell"
 arch=('x86_64')
@@ -18,18 +19,16 @@ depends=(
 makedepends=(
     'git'
     'cargo'
+    'gtk4'
+    'gtk4-layer-shell'
+    'pkgconf'
 )
-provides=('moongreet')
-conflicts=('moongreet')
+replaces=('moongreet-git')
+conflicts=('moongreet-git')
 install=moongreet.install
-source=("git+${url}.git")
+source=("git+${url}.git#tag=v$pkgver")
 sha256sums=('SKIP')
 
-pkgver() {
-    cd "$srcdir/greetd-moongreet"
-    git describe --long --tags | sed 's/^v//;s/-/.r/;s/-/./'
-}
-
 build() {
     cd "$srcdir/greetd-moongreet"
     cargo build --release
@@ -37,11 +36,15 @@ build() {
 
 package() {
     cd "$srcdir/greetd-moongreet"
-    install -Dm755 target/release/moongreet "$pkgdir/usr/bin/moongreet"
+    install -Dm755 "${CARGO_TARGET_DIR:-target}/release/moongreet" "$pkgdir/usr/bin/moongreet"
 
     # Greeter config
     install -Dm644 config/moongreet.toml "$pkgdir/etc/moongreet/moongreet.toml"
 
+    # Polkit rule — allow the greeter user to reboot/power off
+    install -Dm644 config/polkit/50-moongreet-power.rules \
+        "$pkgdir/usr/share/polkit-1/rules.d/50-moongreet-power.rules"
+
     # Cache directories
     install -dm700 "$pkgdir/var/cache/moongreet"
     install -dm700 "$pkgdir/var/cache/moongreet/last-session"

moonlock/.SRCINFO

@@ -1,21 +1,26 @@
-pkgbase = moonlock-git
+pkgbase = moonlock
 	pkgdesc = A secure Wayland lockscreen with GTK4, PAM and fingerprint support
-	pkgver = 0.6.7.r4.gb89435b
-	pkgrel = 1
+	pkgver = 0.6.19
+	pkgrel = 2
 	url = https://gitea.moonarch.de/nevaforget/moonlock
 	arch = x86_64
 	license = MIT
 	makedepends = git
 	makedepends = cargo
+	makedepends = gtk4
+	makedepends = gtk4-layer-shell
+	makedepends = gtk-session-lock
+	makedepends = pam
+	makedepends = pkgconf
 	depends = gtk4
 	depends = gtk4-layer-shell
 	depends = gtk-session-lock
 	depends = pam
 	depends = systemd-libs
 	optdepends = fprintd: fingerprint authentication support
-	provides = moonlock
-	conflicts = moonlock
-	source = git+https://gitea.moonarch.de/nevaforget/moonlock.git
+	conflicts = moonlock-git
+	replaces = moonlock-git
+	source = git+https://gitea.moonarch.de/nevaforget/moonlock.git#tag=v0.6.17
 	sha256sums = SKIP
 
-pkgname = moonlock-git
+pkgname = moonlock

moonlock/PKGBUILD

@@ -1,11 +1,11 @@
 # ABOUTME: PKGBUILD for Moonlock — secure Wayland lockscreen.
-# ABOUTME: Builds from git source with automatic version detection.
+# ABOUTME: Builds from a versioned git tag.
 
 # Maintainer: Dominik Kressler
 
-pkgname=moonlock-git
-pkgver=0.6.7.r4.gb89435b
-pkgrel=1
+pkgname=moonlock
+pkgver=0.6.19
+pkgrel=2
 pkgdesc="A secure Wayland lockscreen with GTK4, PAM and fingerprint support"
 arch=('x86_64')
 url="https://gitea.moonarch.de/nevaforget/moonlock"
@@ -20,20 +20,20 @@ depends=(
 makedepends=(
     'git'
     'cargo'
+    'gtk4'
+    'gtk4-layer-shell'
+    'gtk-session-lock'
+    'pam'
+    'pkgconf'
 )
 optdepends=(
     'fprintd: fingerprint authentication support'
 )
-provides=('moonlock')
-conflicts=('moonlock')
-source=("git+${url}.git")
+replaces=('moonlock-git')
+conflicts=('moonlock-git')
+source=("git+${url}.git#tag=v$pkgver")
 sha256sums=('SKIP')
 
-pkgver() {
-    cd "$srcdir/moonlock"
-    git describe --long --tags | sed 's/^v//;s/-/.r/;s/-/./'
-}
-
 build() {
     cd "$srcdir/moonlock"
     cargo build --release
@@ -41,7 +41,7 @@ build() {
 
 package() {
     cd "$srcdir/moonlock"
-    install -Dm755 target/release/moonlock "$pkgdir/usr/bin/moonlock"
+    install -Dm755 "${CARGO_TARGET_DIR:-target}/release/moonlock" "$pkgdir/usr/bin/moonlock"
 
     # PAM configuration
     install -Dm644 config/moonlock-pam "$pkgdir/etc/pam.d/moonlock"

moonset/.SRCINFO

@@ -1,17 +1,20 @@
-pkgbase = moonset-git
+pkgbase = moonset
 	pkgdesc = A Wayland session power menu with GTK4 and Layer Shell
-	pkgver = 0.8.2.r0.gd030f13
+	pkgver = 0.9.1
 	pkgrel = 1
 	url = https://gitea.moonarch.de/nevaforget/moonset
 	arch = x86_64
 	license = MIT
 	makedepends = git
 	makedepends = cargo
+	makedepends = gtk4
+	makedepends = gtk4-layer-shell
+	makedepends = pkgconf
 	depends = gtk4
 	depends = gtk4-layer-shell
-	provides = moonset
-	conflicts = moonset
-	source = git+https://gitea.moonarch.de/nevaforget/moonset.git
+	conflicts = moonset-git
+	replaces = moonset-git
+	source = git+https://gitea.moonarch.de/nevaforget/moonset.git#tag=v0.8.5
 	sha256sums = SKIP
 
-pkgname = moonset-git
+pkgname = moonset

moonset/PKGBUILD

@@ -1,10 +1,10 @@
 # ABOUTME: PKGBUILD for Moonset — Wayland session power menu.
-# ABOUTME: Builds from git source with automatic version detection.
+# ABOUTME: Builds from a versioned git tag.
 
 # Maintainer: Dominik Kressler
 
-pkgname=moonset-git
-pkgver=0.8.2.r0.gd030f13
+pkgname=moonset
+pkgver=0.9.1
 pkgrel=1
 pkgdesc="A Wayland session power menu with GTK4 and Layer Shell"
 arch=('x86_64')
@@ -17,17 +17,15 @@ depends=(
 makedepends=(
     'git'
     'cargo'
+    'gtk4'
+    'gtk4-layer-shell'
+    'pkgconf'
 )
-provides=('moonset')
-conflicts=('moonset')
-source=("git+${url}.git")
+replaces=('moonset-git')
+conflicts=('moonset-git')
+source=("git+${url}.git#tag=v$pkgver")
 sha256sums=('SKIP')
 
-pkgver() {
-    cd "$srcdir/moonset"
-    git describe --long --tags | sed 's/^v//;s/-/.r/;s/-/./'
-}
-
 build() {
     cd "$srcdir/moonset"
     cargo build --release
@@ -35,7 +33,7 @@ build() {
 
 package() {
     cd "$srcdir/moonset"
-    install -Dm755 target/release/moonset "$pkgdir/usr/bin/moonset"
+    install -Dm755 "${CARGO_TARGET_DIR:-target}/release/moonset" "$pkgdir/usr/bin/moonset"
 
     # Example config
     install -Dm644 config/moonset.toml "$pkgdir/etc/moonset/moonset.toml.example"

sshfsc/.SRCINFO

@@ -0,0 +1,16 @@
+pkgbase = sshfsc
+	pkgdesc = Quickly mount remote systems via SSHFS based on your ssh_config
+	pkgver = 0.2.0
+	pkgrel = 1
+	url = https://gitea.moonarch.de/nevaforget/sshfs_connect
+	arch = x86_64
+	license = MIT
+	makedepends = git
+	makedepends = go
+	depends = sshfs
+	conflicts = sshfsc-git
+	replaces = sshfsc-git
+	source = git+https://gitea.moonarch.de/nevaforget/sshfs_connect.git#tag=v0.2.0
+	sha256sums = SKIP
+
+pkgname = sshfsc

sshfsc/PKGBUILD

@@ -0,0 +1,40 @@
+# ABOUTME: PKGBUILD for sshfsc — quick SSHFS mounter driven by ssh_config.
+# ABOUTME: Builds from a versioned git tag.
+
+# Maintainer: Dominik Kressler
+
+pkgname=sshfsc
+pkgver=0.2.0
+pkgrel=1
+pkgdesc="Quickly mount remote systems via SSHFS based on your ssh_config"
+arch=('x86_64')
+url="https://gitea.moonarch.de/nevaforget/sshfs_connect"
+license=('MIT')
+depends=(
+    'sshfs'
+)
+makedepends=(
+    'git'
+    'go'
+)
+replaces=('sshfsc-git')
+conflicts=('sshfsc-git')
+source=("git+${url}.git#tag=v$pkgver")
+sha256sums=('SKIP')
+
+build() {
+    cd "$srcdir/sshfs_connect"
+    export CGO_CPPFLAGS="${CPPFLAGS}"
+    export CGO_CFLAGS="${CFLAGS}"
+    export CGO_CXXFLAGS="${CXXFLAGS}"
+    export CGO_LDFLAGS="${LDFLAGS}"
+    export GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw"
+    go build -o sshfsc .
+}
+
+package() {
+    cd "$srcdir/sshfs_connect"
+    install -Dm755 sshfsc "$pkgdir/usr/bin/sshfsc"
+    install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+    install -Dm644 README.md "$pkgdir/usr/share/doc/$pkgname/README.md"
+}

sweet-cursors-git/PKGBUILD

@@ -4,8 +4,9 @@
 # Maintainer: Dominik Kressler
 
 pkgname=sweet-cursors-git
+epoch=1
 pkgver=r1.4b49c35
-pkgrel=1
+pkgrel=4
 pkgdesc="Sweet cursor theme"
 arch=('any')
 url="https://gitea.moonarch.de/nevaforget/Sweet-cursors"