package, package2, package3 naming-with-version exploit
Vít Ondruch
vondruch at redhat.com
Fri Apr 5 09:50:28 UTC 2013
Dne 4.4.2013 20:36, Colin Walters napsal(a):
> On Thu, 2013-04-04 at 21:29 +0300, Panu Matilainen wrote:
>
>> From technical perspective, there's zero need to change how
>> multiversion packages work. Its a widely used (at least both in rpm and
>> dpkg worlds) and well-understood mechanism to slap extra qualifiers at
>> the end of the name to achieve that. If you want pretty, human
>> consumable names and versions for things, that is an entirely different
>> issue that could be addressed without breaking the whole world. Comps is
>> one mechanism towards this, other possibilities could be adding separate
>> "pretty name" (and maybe version too) tags to packages and present that
>> to users when it exists. Or something.
> This makes complete sense. One thing I'd add is that given that
> "package names" are unpredictable identifiers chosen arbitrarily by a
> human at package creation time, we should be making more use of
> provides. So rather than talking about installing "git" the package,
> you install /usr/bin/git. Similarly for build dependencies, software
> should require pkgconfig(gio-2.0), not the arbitrary "glib2-devel" name.
>
>
>
While I agree and like the idea of installing /usr/bin/git, I am afraid
that virutal provides suffer the same issue as the package name, they
are "unpredictable" the same way.
Vít
More information about the devel
mailing list