[pacman-dev] implement .so dependencies?

Tue Feb 2 19:39:37 EST 2010

On 03/02/10 09:33, Nagy Gabor wrote:
>>> On 02/02/2010 09:13 PM, Nagy Gabor wrote:
>>>> This is not the competent ML to decide if ArchLinux's repos should use
>>>> these flags, personally I have some concerns about db.tar.gz size. (That
>>>> needs testing, which requires patched makepkg, too.)
>>>
>>> I've repacked core and the results are quite good:
>>>
>>> core.db.tar.gz from 35KB to 40KB
>>> unpacked db from 2.1MB to 2.2MB
>>>
>>
>> Here is a little explanation for this nice result:
>>
>> Florian's patch puts a library into sodepends iff the .so file is owned
>> by one of its _direct_ dependencies (optdepends are omitted). That is
>> why the "sodepends" array is shorter than expected (by me).
>>
>> You may say this method is not as safe as it should be, but imho it
>> is safe enough (if the user doesn't use the -d switch, of course):
>> For example, yesterday I broke all my gtk2 packages due to my custom
>> cairo build (I should have rebuild it with recent libpng). With
>> soprovides/sodepends enabled, pacman would catch the broken
>> cairo-cleartype->libpng dependency in the firefox->gtk2->cairo->libpng
>> dependency chain. So in sum, sodepends/soprovides trick is just ensures
>> that all "normal" dependencies are not broken in .so level neither.
>>
>> Moreover, due to this feature, distros can introduce
>> sodepends/soprovides step-by-step (without rebuilding all packages in
>> the repo), or they can limit this feature to some "critical" packages.
>>
>
> Basically, +1 for implementing this to makepkg and use this in
> ArchLinux's repos. (Although this ML is not competent ;-)
>
> I can see only one edge case that should be addressed (that's why I'm
> writing this e-mail): Dependencies can be satisfied via provision. What
> to do then? (That is not handled at all atm.)

I will have a decent look into that patch later, but I still think it is 
a bit of a false sense of security.

e.g readline-6.0 and readline-6.1 both provide libreadline.so.6. 
However, building bash against readline-6.1 and running against 
readline-6.0 results in a non-booting system...  (Trust me, I got the 
bug reports).  If this approach does not work for even one of the most 
critical pair of packages on a system, then I do not see what we are 
gaining.

Finally, this would prevent proper upgrades to partially complete 
rebuilds.  That is fine for some users who would like such things, but 
the people doing and testing a rebuild would have issues.  I upgraded 
the libpng/libjpeg rebuild packages while there were still several 
packages needing to be rebuilt for my system.  With this patch, I would 
be required to do an incredibly stupid "pacman -Syud".

Allan