firefox-2.0.0.8 Upgrade Problems in F7

[Jeff Spaleta]

On 10/24/07, Richi Plana <myfedora at richip.dhs.org> wrote:
> I guess I should have added that the reason the update broke yelp and
> devhelp is that they both require a specific version of the virtual
> provides gecko-libs which firefox-2.0.0.8 updates.

These are well understood problems with how firefox is packaged. These
problems are
some of the reasons why we wanted to get xulrunner packaged so that
the libraries that are being asked for can be packaged seperately from
the firefox application in a reasonable way.  This is further
complicated by the fact that pretty much every firefox update is a
security update and as a result is not going to see staging in
updates-testing.

You are absolutely NOT going to see security updates postponed for
deps to catch up.

Until we are able to get xulrunner in place, any package which
> The questions still
> apply, though.

I believe that we do in fact have dependancy chain breakage scripts
running and those scripts do email maintainers which depchains break.
But again because this is a security update I'm not sure those scripts
will fire in a reasonable time to prevent seeing end-user breakage.

We've been fighting the firefox dependancy chain problem for a long
while now, and its not going to get any better until we get xulrunner
in distro. As a user of packages which dep on firefox or gecko-libs,
you best course of action is to be as proactive as possible at filing
and re-opening bugreports to make sure the maintainers who need to
rebuild packages..do so as quickly as possible after a firefox
security update.

And on a side-note applications sure as hell have a good reason to dep
on firefox over gecko-libs.  Anything that's using the libraries needs
to be depping on gecko-libs so when the xulrunner conversion happens
they are prepared for it.

-jef