[Bug] Bump logic needs a rework

[dr460nf1r3]

Packages

Anything dependent on .so libs.

Description

Reference: #2870 (comment)

[dr460nf1r3]

While working on this I figured doing it depending the way described in the comment would be a half-baked solution only, so I simply deactivated any automated bump logic for now (explicit/global ones are still in place) here: chaotic-cx/chaotic-next@d9fb570

The problem I'm seeing specifically is that Namcap reports aren't reliable at all, e.g. looking at proton-ge-custom there are tons of .so libs but none would actually be used by any package other than proton-ge-custom itself:
-> https://aur.chaotic.cx/stats?search=proton-ge-custom

Meanwhile, kwin-effects-forceblur has libkwin.so.6 set, but needs a rebuild every time kwin changes (speaking out of experience).
-> https://aur.chaotic.cx/stats?search=kwin-effects-forceblur

So I decided to stop here today, and start again once we have solid ideas on how to treat this in a better way.
Suggestions are welcome of course.

[xiota]

When resuming development of bump logic, maybe create a log, like output in a new telegram channel, of recommended bumps and reason, instead of actually bumping in the repo?

As for ideas, what about ...

• namcap analysis to keep track of likely depends, but don't bump yet.
  • "link-level-dependence" should reference the most likely depends that would require rebuild.
• bump only against a list of known problem packages, like protobuf, qt/kde.
  • Would be good if the list could be stored in the packages repo.
• rate-limit bump checks to once or twice a day to prevent multiple bumps of the same package for a group of depends that should have been resolved together.

Good thing from the recent bumps... identified some broken packages.