Hi everyone!
Because of broken dependencies in an update declared as stable, I've run
into package "condor". It's a 20K spec file with a remarkably short review
ticket, and I wondered why it contains the following explicit dependencies?
Requires: pcre
Requires: postgresql-libs
Requires: openssl
Requires: krb5-libs
Requires: gsoap
Requires: mailx
Actually, all of them except for "mailx" are added automatically by
rpmbuild already (as dependencies on SONAMEs):
http://koji.fedoraproject.org/koji/rpminfo?rpmID=948426
I've double-checked with the current ReviewGuidelines, and I could not
find a corresponding entry that would make reviewers block such explicit
dependencies. If memory serves correctly, we've had a section
somewhere in the Wiki. Searching further, I've found only
https://fedoraproject.org/wiki/Packaging/Guidelines#Requires
which only says
RPM has very good capabilities of automatically finding dependencies
for libraries and eg. Perl modules. In short, don't reinvent the
wheel, but just let rpm do its job. There is usually no need to
explicitly list eg. Requires: libX11 when the dependency has already
been picked up by rpm in the form of depending on libraries in the
libX11 package.
and which is linked from the review item
MUST: The package must meet the Packaging Guidelines .
The phrase "there is usually no need to" is vague without any emphasis
like SHOULD/MUST and no specific entry in the review guidelines.
Does anyone remember where the paragraph has gone, which commented on
the badness of explicit dependencies on package names?