pacaudit - a package audit for Arch Linux

I wrote a little, but useful helper. pacaudit checks installed packages against known vulnerabilities listed on You should run it after an update because we don’t check for packages that are fixed. It would be no problem to check against all known vulnerabilities, just change the source URL in the code (see the github link), yet it makes no sense to me for a rolling release distribution.

You can install it with

yaourt -S pacaudit

You have to import my gpg key before:

gpg --recv-keys 7328F6E376924E4EE266381D3D9C808E038A615C

or get it from github and compile it with

go build -o pacaudit -ldflags "-s -w"

Comments on AUR, github or via email are highly appreciated!