[aur-general] [arch-general] Please settle 'base' in 'depends' for all

Stéphane Gaudreault stephane at archlinux.org
Wed Jan 19 08:30:14 EST 2011


Le 19 janvier 2011 08:07:00, Allan McRae a écrit :
> On 19/01/11 22:49, Magnus Therning wrote:
> > On Wed, Jan 19, 2011 at 12:50, Allan McRae<allan at archlinux.org>  wrote:
> >> On 19/01/11 22:20, Thomas Bächler wrote:
> >>> Am 19.01.2011 08:08, schrieb Allan McRae:
> >>>> If we want to be really pedantic about dependencies, we should list
> >>>> _ALL_ dependencies and not remove the ones that are dependencies of
> >>>> dependencies.
> >>> 
> >>> Why don't we just do the correct thing:
> >>> 
> >>> If package A depends on package B, and B depends on C, then A might
> >>> depend on C explicitly because it accesses C directly. Or it might only
> >>> depend on indirectly C because B accesses C. We should reflect that in
> >>> dependencies (in the first case, A depends on C, in the second case it
> >>> doesn't).
> >>> 
> >>> The result is this: Whenever the dependencies of B change (e.g., C is
> >>> removed), A will still work correctly.
> >> 
> >> I agree that would be the correct thing to do.  In fact, I looked at
> >> doing this to the extent of including ever package that a program
> >> linked to in its dependencies.  This increases the number of
> >> dependencies needed for the average package in the repos greatly (from
> >> memory it averaged a several fold increase).
> > 
> > I don't quite understand what you mean, did you add the transitive
> > closure of all dependencies to the package, or did you only add all
> > direct dependencies?
> 
> Essentially "readelf -d" on the files and add all needed packages to the
> dependencies.  I.e. list all packages that are directly linked.
> 
> Its has been many years since I did graph theory... but isn't a
> "transitive closure" essentially what we have been doing with only
> listing the top level of dependencies and having them cover the rest?
> 
> Allan

I think Allan is right here.

If we look at the problem from another angle, thing are very simple :

1) There is a groupe of packages that are required. Theses packages are 
necessary for the proper functioning of the system (eg. a kernel, a boot 
loader, initscript, glibc, etc). The system will not run well or be usable 
without will be here. It is not necessary for other package to depends on 
them, because they **should** be there (although it does not hurt if a package 
depends on them).

2)  Starting from this base,  package A depends on Package B if B absolutely 
must be installed in order to run A. In some cases, A depends not only on B, 
but on a version of B. In this case, the version dependency is usually a lower 
limit, in the sense that A depends on any version of B more recent than some 
specified version.

This gives a simple receipie : When you want to list the dependency fo a 
package, simply look at what is directly used (for binary it is essentially 
"readelf -d" on the files) and you get the dependency list for your package. 
You can then assume that everything will be correct as maintainers of the 
listed packages did the same up to the required group.

If there is something missing in the dependencies of your dependencies send a 
bug report.

Stéphane


More information about the aur-general mailing list