package, package2, package3 naming-with-version exploit
Miloslav Trmač
mitr at volny.cz
Fri Mar 29 22:20:16 UTC 2013
On Fri, Mar 29, 2013 at 3:01 PM, Petr Pisar <ppisar at redhat.com> wrote:
> On 2013-03-29, Tomas Mraz <tmraz at redhat.com> wrote:
> Basically yes. It's call for semantically separeted API identifier. Now
> you have NEVRA string:
>
> Where we have API? Nowhere because Fedora assumes only one version of
> a package. API should work like Architecture in sense of parallel
> instalability, but it shouls provide name spacing for EVR string. API
> itself should define orderding to allow selecting latest package across
> all builds as already commmentd:
>
Isn't one of the principal problems that lead to calls for transparent
multiple version support exactly the _impossibility_ of having an API
identifier?
(To explain myself more, I view "API identifier" not as a mere Provides: -
that can of course be done and that works already. I'm thinking about an
"API identifier" as a mechanism that governs update behavior - i.e. (yum
update) tries to replace each package with a newer version that has the
same API identifier.)
In the C world, it's reasonably straightforward: The API identifier is the
soname, upstreams that break ABI without bumping the soname are taught not
to do that, and rpm handles the soname (and the ELF symbol versions)
transparently and straightforwardly. Package names (and hence good suport
for multi-versioning) are _completely irrelevant_ for dependency
resolution. So far, this seems pretty close to the ideal situation. (The
non-ideal part is that the API identifiers need to be manually managed as a
component of the package name, but let's ignore that for now.)
However, other languages don't have an API identifier. Collecting a few
Gem requirements from my system:
> s.add_dependency(%q<activesupport>, [">= 0"])
> s.add_dependency(%q<activesupport>, ["~> 3.0"])
> s.add_dependency(%q<activesupport>, ["~> 3.0.0"])
> s.add_dependency(%q<activesupport>, ["= 3.2.8"])
What API identifier would you actually use for rubygem-activesupport? What
API identifer would you want to _autogenerate_ for rubygem-activesupport?
You'll need "API 3.2.8" at which point upgrades start looking as a little
meaningless concept.
Similarly, maven version ranges also don't lend themselves to the concept
of "API identifier":
> <version>[3.8,4.0)</version>
I can construct arbitrary overlapping ranges, so a single API identifier
won't work.
Mirek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130329/0ad74124/attachment-0001.html>
More information about the devel
mailing list