Feature proposal: Extended Life Cycle Support

Ding-Yi Chen dchen at redhat.com
Tue Jul 7 14:59:40 UTC 2009 

於 二,2009-07-07 於 14:44 +0100,John5342 提到:
> 2009/7/7 Ding-Yi Chen <dchen at redhat.com>:
> >
> > Any comments?
> 
> In theory your proposal sounds great but i see just one major flaw
> that probably doesn't have a solution. Your idea of packages being
> built based on dependencies should work great apart from the fact that
> most packages don't tend to have hard dependencies on versions.
> Hypothetically in F11 package X-1.2.X relies on package Y-1.2. Later
> in the release cycle Y-1.3 is released followed later by X-1.3. Eve
> though X-1.3 actually requires Y-1.3 the maintainer probably never
> thinks to update the required version (assuming there even was one in
> the first place). Now your system can easily fail. It picks X-1.3 from
> F-11 (because thats the latest one) but Y-1.3 isn't allowed (because
> one of its dependencies is black listed) so it falls back to Y-1.2
> which was the latest in F-10. Everything builds fine because they are
> source compatible but Y-1.2 doesnt have a crucial bug fixed. Now your
> software is broken.

All systems have bugs and may break. So you don't use any of them? :-)
The scenario you raised could happen if not so many people use the
package X. Otherwise, it would likely be spot by people who use
yum update X, as Y-1.3 is not dragged in.
Given X-1.3 is broken without Y-1.3, thus bug will likely be spot.

Well, Y depends on black-listed packages doesn't mean Y cannot be
upgraded at all. As long as the the newer Y does not require higher
version of black-listed packages.

 But if black-listed packages requires Y, or Y is black-listed,
then Y will not be upgraded.
In those cases, it is expected behavior that X should not be upgraded to
X-1.3 because Y cannot be upgraded to Y-1.3.
Yes, you find out the limitation of Denture, but no,
Denture is not broken. :-)


> Believe it or not i actually tried something similar for some of my
> internal servers and i like the idea but its impossible to get the
> dependencies right which makes the whole idea a no go.

Believe it or not I actually tried something similar,
but by hand though.

I agree some maintainers does not accurately specify the dependency.
but it is not beyond fix.
One way to overcome this is maintaining a small datafile that contain
the *true* dependency. 
Denture is not meant to be used to upgrade the whole system,
but an automated tool to build a target package and corresponding
mid-packages under specified constrain.

So you only need to correct the dependencies of the target packages and
mid-packages if you really need the target package.

> 
> -- 
> There are 10 kinds of people in the world: Those who understand binary
> and those who don't...
> 

I like your signature. :-)
-- 
Ding-Yi Chen
Software Engineer
Internationalization Group
Red Hat, Inc.

Looking to carve out IT costs?
www.apac.redhat.com/promo/carveoutcosts/

More information about the devel mailing list