Proposal to reduce anti-bundling requirements

Zbigniew Jędrzejewski-Szmek zbyszek at in.waw.pl
Sun Oct 4 02:24:41 UTC 2015


On Sun, Oct 04, 2015 at 03:29:38AM +0200, Kevin Kofler wrote:
> > I would like to propose that the no-bundled-libraries policy be
> > amended  as follows: "Any package that has an existing mechanism to
> > link against a shared system library and functions correctly when
> > doing so must link against that library and not bundle it internally.
> > Any package whose upstream releases cannot link against a shared
> > system library (or are incompatible with the version in Fedora) may
> > bundle that library (without requiring a special exemption) but MUST
> > add Provides: bundled(<libname>) = <version> in the spec file for each
> > known bundled library.(This will allow us to track down the bundling
> > when we need to). Package maintainers should continue attempt to
> > engage upstream to support linking against shared system libraries
> > wherever possible, due to the advantages it provides the package
> > maintainer."
> 
> This will lead to package maintainers not even TRYING to unbundle libraries. 

I think that view is the source of different reactions to the proposal.
In my experience packagers are *happy* to unbundle. In a great majority
of reviews that I have seen where bundling was pointed out, the packager
immediately proceeded to unbundle the library. That was true when the
library was already packaged for Fedora, but also even in cases where
the library would have to be packaged itself. The few exceptions that I
have seen are cases where the unbundling was really onerous or pointless
(e.g. because it was certain that nobody else will use the shared library).

Let's face it: unbundling of libraries also has a cost. In case of "clean"
libraries, which are clearly seperated in the sources and have not been
modified, the cost is miniscule. There are other cases where the library
has to be "ripped out". This takes a lot of work, and there is high
likelyhood of introducing bugs. I would prefer to let the maintainer
of the package to make that choice: does the benefit of using the system
library outweigh the immediate cost of work necessary to do the removal,
the risk of introducing bugs, and the ongoing cost and risk of redoing the
removal in next versions? We generally trust maintainers to do the right
thing for their packages.

Zbyszek


More information about the devel mailing list