[pacman-dev] Warn about using -Sy
Oftentimes, I come across people using `pacman -Sy <name>' to install new packages. This installs the latest version of a package, while leaving any required libraries at their old version. The introduction of an incompatibility between a package and its dependencies is highly possible. A recent example of this issue is [1]. Could you please review the attached tiny patch for code structure, language used, and overall approach? -- [1] http://mailman.archlinux.org/pipermail/arch-general/2010-November/017198.htm...
Doing so can lead to broken applications after soname bumps, or major version upgrades like the transition to Python 3. --- src/pacman/sync.c | 8 ++++++++ 1 files changed, 8 insertions(+), 0 deletions(-) diff --git a/src/pacman/sync.c b/src/pacman/sync.c index f9d12e4..e7b7628 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -805,6 +805,14 @@ int pacman_sync(alpm_list_t *targets) } if(config->op_s_sync) { + /* Warn the user when synchronizing the package databases without also + * performing a full upgrade. */ + if (!config->op_s_upgrade && !noyes(_(":: Synchronizing the package " + "databases without also performing a full upgrade \n" + ":: can lead to software incompatibilities. " + "Continue anyway?"))) { + return(0); + } /* grab a fresh package list */ printf(_(":: Synchronizing package databases...\n")); alpm_logaction("synchronizing package lists\n"); -- 1.7.3.2
On Wed, Nov 17, 2010 at 2:46 PM, Evangelos Foutras <foutrelis@gmail.com> wrote:
Doing so can lead to broken applications after soname bumps, or major version upgrades like the transition to Python 3.
I have mixed feelings for sure on this. The intent is great, for soure. But I do -Sy <pkg> a lot, knowing what is safe, what isn't. This prompting would annoy the heck out of me. This also doesn't help anyone that does an -Syu, cancels, and then later -S <anything>.
--- Side note- you sent another email; if you are just sending one patch you can include those notes here below the '---' and it won't make it into the final patch. So right here .:)
src/pacman/sync.c | 8 ++++++++ 1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/src/pacman/sync.c b/src/pacman/sync.c index f9d12e4..e7b7628 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -805,6 +805,14 @@ int pacman_sync(alpm_list_t *targets) }
if(config->op_s_sync) { + /* Warn the user when synchronizing the package databases without also + * performing a full upgrade. */ + if (!config->op_s_upgrade && !noyes(_(":: Synchronizing the package " Too much going on in one if statement- I'd at least wrap it smarter (before/after the &&, whatever is precedent), or make it nested conditionals.
+ "databases without also performing a full upgrade \n" + ":: can lead to software incompatibilities. " + "Continue anyway?"))) { + return(0); + } /* grab a fresh package list */ printf(_(":: Synchronizing package databases...\n")); alpm_logaction("synchronizing package lists\n"); -- 1.7.3.2
On 18/11/10 06:59, Dan McGee wrote:
On Wed, Nov 17, 2010 at 2:46 PM, Evangelos Foutras<foutrelis@gmail.com> wrote:
Doing so can lead to broken applications after soname bumps, or major version upgrades like the transition to Python 3.
I have mixed feelings for sure on this. The intent is great, for soure. But I do -Sy<pkg> a lot, knowing what is safe, what isn't. This prompting would annoy the heck out of me. This also doesn't help anyone that does an -Syu, cancels, and then later -S<anything>.
I have very strong feelings against this. This operation is perfectly fine, even recommended, on a non-rolling release distro. And we do have one of those using pacman (Arch Server - where I would -Sy and then review which packages to upgrade...). Allan
On Wed, Nov 17, 2010 at 6:28 PM, Allan McRae <allan@archlinux.org> wrote:
On 18/11/10 06:59, Dan McGee wrote:
On Wed, Nov 17, 2010 at 2:46 PM, Evangelos Foutras<foutrelis@gmail.com> wrote:
Doing so can lead to broken applications after soname bumps, or major version upgrades like the transition to Python 3.
I have mixed feelings for sure on this. The intent is great, for soure. But I do -Sy<pkg> a lot, knowing what is safe, what isn't. This prompting would annoy the heck out of me. This also doesn't help anyone that does an -Syu, cancels, and then later -S<anything>.
I have very strong feelings against this. This operation is perfectly fine, even recommended, on a non-rolling release distro. And we do have one of those using pacman (Arch Server - where I would -Sy and then review which packages to upgrade...).
Allan
Plus there are other pacman commands that can mess up a system like -Sf and -Sd and they don't promt for confirmation.
I feel that the general consensus is not to implement this kind of safeguard. I'm fine with that and agree with most -- if not all -- of the points made so far. Thanks everyone for the feedback. Patch withdrawn. :)
Am Mittwoch 17 November 2010, 21:46:23 schrieb Evangelos Foutras:
Doing so can lead to broken applications after soname bumps, or major version upgrades like the transition to Python 3. --- src/pacman/sync.c | 8 ++++++++ 1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/src/pacman/sync.c b/src/pacman/sync.c index f9d12e4..e7b7628 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -805,6 +805,14 @@ int pacman_sync(alpm_list_t *targets) }
if(config->op_s_sync) { + /* Warn the user when synchronizing the package databases without also + * performing a full upgrade. */ + if (!config->op_s_upgrade && !noyes(_(":: Synchronizing the package " + "databases without also performing a full upgrade \n" + ":: can lead to software incompatibilities. " + "Continue anyway?"))) { + return(0); + } /* grab a fresh package list */ printf(_(":: Synchronizing package databases...\n")); alpm_logaction("synchronizing package lists\n");
Hello, this patch introduces a question on every repository sync if a am right. So that patch also asks if you type 'pacman -Syu' ? If it is i would not vote for this patch, because it's another question you must acknoweledge every system update. If it only asks on 'pacman -Sy <package>' then its ok for me. Another suggestion, only print this warning and don't ask. An arch user would read the output of pacman and its package pre/post-scripts and is warned. What do you think?
On Wed, Nov 17, 2010 at 11:00 PM, Thomas Bahn <Thomas-Bahn@gmx.net> wrote:
this patch introduces a question on every repository sync if a am right. So that patch also asks if you type 'pacman -Syu' ? If it is i would not vote for this patch, because it's another question you must acknoweledge every system update.
Nope, it only asks you if the -u switch is absent. In that case, the question is asked only once per sync operation.
If it only asks on 'pacman -Sy <package>' then its ok for me. Another suggestion, only print this warning and don't ask. An arch user would read the output of pacman and its package pre/post-scripts and is warned.
One problem I see with only printing a warning is that the user doesn't have the option not to synchronize at this point and just rerun pacman without the -y switch to install their package.
Am Mittwoch 17 November 2010, 22:20:08 schrieb Evangelos Foutras:
On Wed, Nov 17, 2010 at 11:00 PM, Thomas Bahn <Thomas-Bahn@gmx.net> wrote:
this patch introduces a question on every repository sync if a am right. So that patch also asks if you type 'pacman -Syu' ? If it is i would not vote for this patch, because it's another question you must acknoweledge every system update.
Nope, it only asks you if the -u switch is absent. In that case, the question is asked only once per sync operation.
ah, i didn't read the source carefully enough. ;) The meaning of config-
op_s_upgrade is other than i assumed.
If it only asks on 'pacman -Sy <package>' then its ok for me. Another suggestion, only print this warning and don't ask. An arch user would read the output of pacman and its package pre/post-scripts and is warned.
One problem I see with only printing a warning is that the user doesn't have the option not to synchronize at this point and just rerun pacman without the -y switch to install their package.
You are right, but as Dan McGee mentioned before it implies also that some 'special cases' even can lead to partial updates without the warning. The quote from his email:
This also doesn't help anyone that does an -Syu, cancels, and then later -S <anything>.
But i am not sure if we should catch such actions?
On Wed, Nov 17, 2010 at 11:37 PM, Thomas Bahn <Thomas-Bahn@gmx.net> wrote:
Am Mittwoch 17 November 2010, 22:20:08 schrieb Evangelos Foutras:
One problem I see with only printing a warning is that the user doesn't have the option not to synchronize at this point and just rerun pacman without the -y switch to install their package.
You are right, but as Dan McGee mentioned before it implies also that some 'special cases' even can lead to partial updates without the warning.
The quote from his email:
This also doesn't help anyone that does an -Syu, cancels, and then later -S <anything>.
But i am not sure if we should catch such actions?
It is true that special cases exist. Unfortunately, I can't think of a way to handle them. I'm starting to think that printing a warning (like you suggested in a previous message) is a better alternative; we won't bother people with a question that doesn't catch all use cases, while still informing most offenders of the possible issues. If others agree that this is a preferred solution, I'll create a patch tomorrow. :)
On Wed, Nov 17, 2010 at 10:53 PM, Evangelos Foutras <foutrelis@gmail.com> wrote:
It is true that special cases exist. Unfortunately, I can't think of a way to handle them.
You might need to store a state on the disk. Could be a 'need_upgrade' flag you enable after a refresh operation and disable after a sysupgrade transaction. When flag is enabled, the only sync operation allowed is sysupgrade. Or a timestamp of last sync and last sysupgrade. Alternatively, without a state, you can just check if there are upgrades before installing. Almost like forcing every -S pkg into a -Su pkg. Probably lots of way to handle it, but I don't think any needs to be implemented.
On Wed, Nov 17, 2010 at 11:53:56PM +0200, Evangelos Foutras wrote:
On Wed, Nov 17, 2010 at 11:37 PM, Thomas Bahn <Thomas-Bahn@gmx.net> wrote:
Am Mittwoch 17 November 2010, 22:20:08 schrieb Evangelos Foutras:
One problem I see with only printing a warning is that the user doesn't have the option not to synchronize at this point and just rerun pacman without the -y switch to install their package.
You are right, but as Dan McGee mentioned before it implies also that some 'special cases' even can lead to partial updates without the warning.
The quote from his email:
This also doesn't help anyone that does an -Syu, cancels, and then later -S <anything>.
But i am not sure if we should catch such actions?
It is true that special cases exist. Unfortunately, I can't think of a way to handle them.
I'm starting to think that printing a warning (like you suggested in a previous message) is a better alternative; we won't bother people with a question that doesn't catch all use cases, while still informing most offenders of the possible issues.
If others agree that this is a preferred solution, I'll create a patch tomorrow. :)
Can't we just let Darwin prevail? You don't keep touching the stove after the first time you find out it's hot... or maybe you do... dave
On Wed, Nov 17, 2010 at 10:00 PM, Thomas Bahn <Thomas-Bahn@gmx.net> wrote:
this patch introduces a question on every repository sync if a am right. So that patch also asks if you type 'pacman -Syu' ? If it is i would not vote for this patch, because it's another question you must acknoweledge every system update.
If it only asks on 'pacman -Sy <package>' then its ok for me. Another suggestion, only print this warning and don't ask. An arch user would read the output of pacman and its package pre/post-scripts and is warned.
AFAI can see, it only asks for -Sy and -Sy <targets>
participants (7)
-
Allan McRae
-
Dan McGee
-
Dave Reisner
-
Eric Bélanger
-
Evangelos Foutras
-
Thomas Bahn
-
Xavier Chantry