Update aqbanking #71304
Update aqbanking #71304
Conversation
| owner = "aqbanking"; | ||
| repo = "aqbanking"; | ||
| rev = version; | ||
| sha256 = "1p80cmzy2c0k17vknpsywr9ywimak09y3lvyhvc3dyqfcr0xnbm9"; |
There was a problem hiding this comment.
Why not use something like https://www.aquamaniac.de/rdm/attachments/download/207/aqbanking-5.99.41beta.tar.gz (btw. 5.99.41 is out) here? The tarballs seem to have stable links and even if they become unstable, we have a tarball mirror at https://tarballs.nixos.org/. Using a mirror from someone other than the original maintainer really opens up another possibility where malicious code can be injected (especially cruicial if it comes to online banking).
There is also another issue with beta versions, because as far as I can see only the stable releases are signed and I usually verify these signatures (in this case manuall) when updating, so what's the reason why kmymoney wants the beta?
There was a problem hiding this comment.
I would really like to have this PR go through, too 😉
The link per se is stable but their server is down pretty often (multiple times per hour, each for several minutes—at least when I tried to create this PR myself two week ago).
We need the beta because of PSD2 being in effect; IIRC the non-beta builds do not yet support the new interface (which makes them entirely unusable, as in, you can't connect to any bank).
EDIT: I misread, didn't know that 5.99.41 is out already. Sorry!
There was a problem hiding this comment.
@aszlig
When creating the pr upstream wasn't reachable at all.
Now it's better and i updated the pr to reflect your concerns about 3rd party sources.
I also have the impression that PSD2 is only supported by the beta versions.
I understand your concerns about using beta releases.
But not being able to use aqbanking at all is worse than not being able to verify the signature in my opinion.
When there is a usable non-beta release we should of course go back to using that.
thorstenweber83
force-pushed
the
update-aqbanking
branch
2 times, most recently
from
2d46c10
to
87725f2
Compare
thorstenweber83
force-pushed
the
update-aqbanking
branch
from
87725f2
to
0c462c6
Compare
|
Is there any news on this PR? @thorstenweber83 , are you sure that the version of aqbanking you packaged supports PSD2? In my case, using your PR, my bank answers me to upgrade to a PSD2 compatible version … But that might be due to some misconfiguration on my side? |
thorstenweber83
force-pushed
the
update-aqbanking
branch
from
0c462c6
to
3c9b0bd
Compare
|
@dpaetzel i just used kmymony built with this pr to fetch my account activity on my "Volkbank Odenwald" bank account. Also i just updated the pr to the latest aqbanking + gwenhywfar. |
|
OK, I updated and redid all the setup work once more (this time, more closely following this guide) and now I managed to download transactions. Also, thanks for keeping this PR up to date 🙂 |
Also add patch to be able to build aqbanking 5.7.8. It can be removed for newer aqbanking (5.9.x) versions.
thorstenweber83
force-pushed
the
update-aqbanking
branch
from
3c9b0bd
to
93b2c9e
Compare
|
updated to 6.1.1 and tested with kmymoney. |
|
closing this since #81176 has been merged |
Motivation for this change
Update aqbanking for use with kmymoney/gnucash.
I used the newest (on github) available beta releases/release candidates because kmymoney 5.0.7 demands beta versions (aqbanking 5.99.32+ and gwenhywfar 4.99.16+) so when we already use unstable releases we can as well take the newest available.
Things done
I can connect to my bank's HBCI Server using kmymoney 5.0.7 (#69616) on top of this.
sandboxinnix.confon non-NixOS)nix-shell -p nix-review --run "nix-review wip"./result/bin/)nix path-info -Sbefore and after)Notify maintainers
cc @cillianderoiste