Dependencies on Bodhi Updates

[Jochen Schmitt]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 26.03.2012 21:53, Stephen Gallagher wrote:
>
> So now we have our first updates dependency issue. If we submit
> libtevent as its own update, it is possible that it will achieve its
> karma requirement before libtalloc does. It would then be pushed to the
> "fedora-updates" repository and then introduce a dependency issue in the
> stable repository (because users trying to update libtevent would be
> unable to update libtalloc without enabling the updates-testing
> repository).
>
> The current recommended approach is to bundle the two updates into a
> single one carrying multiple packages. The first problem with this is
> that you must have commit privilege on all packages that you are
> bundling into an update. If you do not, then you need to track down a
> provenpackager to do it for you.
>
>
Thank you for your post about this topic.

In this year we have as a minimum two cases were we have got broken
dependencies in the F-16 stable repository.

1.) alsa-utils and alsa-libs was pushed out of sync

2.) gcc and llvm which requires as specific version of gcc was pushed
out of sync.

The issue is, that the user will get an ugly error message which is not
a good
advertisement for the Fedora project.

I have wrote mails to the maintainers and in the second case I have got
the feeling, that
the maintainer didn't understood my complain.

Of course we can get run in error if the push fails due an technical
issue, but
this is an onther topic.

Best Regards:

Jochen Schmitt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iJwEAQECAAYFAk9w0cYACgkQZLAIBz9lVu+lVAP9F50AXP0B5nDHWvFuxRd4f5wY
UyZz2gkNi7CMX5jD9DkkzQ+swrrvEVOQCpUA4zOplP3bsEpR8MV8i4Y104gz8Ygw
cCg/V8xhEMfalhJ3ORDST6yVLlBViHKsjOcV0tJ0fAFX10zShxXwlnxutp+RP8V2
MKT4JUhj1lD8knqWo50=
=XZBT
-----END PGP SIGNATURE-----