-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Wed, 2018-02-21 at 10:24 +0200, Panu Matilainen wrote:
On 02/21/2018 10:12 AM, Panu Matilainen wrote:
> On 02/20/2018 10:15 PM, Igor Gnatenko wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA256
> >
> > On Tue, 2018-02-20 at 19:11 +0000, Peter Robinson wrote:
> > > On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko
> > > <ignatenkobrain(a)fedoraproject.org> wrote:
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA256
> > > >
> > > > Hey,
> > > >
> > > > today I've split⁰ librpmsign from rpm-build-libs into its own
> > > > subpackage
> > > > rpm-
> > > > sign-libs.
> > >
> > > Does this mean that the python bindings no longer depend on
> > > rpm-build-libs and hence won't be pulled for a standard minimal
> > > install and similar artifacts anymore?
> >
> > Nope, it means that python bindings will depend *also* on
> > rpm-sign-libs 😉
> >
> > Since bindings are monolitic, it's not possible to split them easily.
>
> Actually you could split out build- and sign-bindings (together or
> separately) from the main python bindings package. "import rpm"
> intentionally lets the build- and sign-module imports to fail to allow
> this so as long as the "submodules" depend on the main bindings it
> should be ok.
Oh and BTW, the reason this hasn't been done is basically the same the
sign-libs hadn't been split up: in the past when I last looked at the
situation, there just was no benefit to doing so. Back then fedpkg was
present in buildroots, and yum + yum-utils used to be included in core
set (quite possibly "minimal" install as you know it today didn't even
exist), and yum itself dragged in a whole pile of gpg-related packages.
This probably still doesn't make much sense, dnf pulls in python3-rpm and
python3-gpg. In the end, both are pulling in gnupg2.
- --
- -Igor Gnatenko
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqNMhYACgkQaVcUvRu8
X0zsDQ/8CQoCohJHeh7kIe0/++LBpYF8unBYc+176LirKAs3uJUjEp80aUlljiYp
HDJEkkIszQn1os3zJWv5PdsU3EBS5y0Uj1+hQBVkthEFfe5NEC/qXvw8OG+goshE
42qZJBI16lqOy5ORLq0fLDKDarEnAUYyDp8Tykjww+YBPVQr/2zQh3Ec7k+WmXmO
a/j5lIrGYXCISeNzeZ0C+T0SFyIX/whYiPI73sKlGhdkMEirEspFk5GQlEmblSUu
PPElBV+EXmaF2hwGJMNuq+WOaR6wbxz7U5WwvtXS5OXBM3+GA4Y70G2lXMT+xefv
FPwrQk71EN/XTevTVep8wf9zdzGOjdtCbO4JTImcFGiOc2lWzh4HNja9de2c9u+s
RMHn1xoPBw3krVZtUMyLFXiSus/BlKLtxuU/tP0Os1Zb9cbLx2+xt7uGBwHG/4tI
dYkLrJSw++G+TiFzk8lX6CCOcZMZ6uedAMPA4vgpIcRxYyJvrmrnOf7ninOPyaNu
AttWHW8H00//vEHiDa9RotC45/p+G6pSx4M+rGgcBGQpImIaygTSDXyNs/B0u30d
JyhuAE9oZlMYucJW8XkhhiorqJR0p4l68EZgaJwxrv2zC5wjW/FW4RnwrNtKdxsF
QSjV9RfqxnMmushzcz8XoQS1QQhzjFjV9K3cbyMC2wQ9vvRyoZ8=
=o6lZ
-----END PGP SIGNATURE-----