Mike Bonnet pisze: > Toshio Kuratomi wrote: >> So we had a discussion on IRC today about the failure cases of noarch >> subpackages. I think we should make some changes to the way we check >> that noarch subpackages are sane. >> >> Currently, when a noarch subpackage is built, rpmdiff is run on the >> noarch packages that were built by each builder. >> >> Of the checks that rpmdiff does, we discard all of them except Provides, >> Requires, and the list of files. My concern is that if you throw out >> md5sum and filesize in these checks there's a lot of margin for creating >> subpackages that are not actually noarch. > > Actually the full list of tags we diff are: > > name > summary > description > group > license > url > prein (script) > postin (script) > preun (script) > postun (script) > > For Requires, Provides, Conflicts, and Obsoletes we check that the lists > (including versions) are identical across all subpackages. > > We verify that that file lists are identical across all subpackages, and > for each file in the file lists we verify that the following attributes > are identical: > > mode > flags > nlink > state > vflags > user > group > >> For instance, if bitedness ends up in include files that are placed in a >> noarch subpackage, those subpackages won't be caught by this check. >> That would allow a package to go out that could prevent building with >> the incorrect header. >> >> The reason that filesize and md5sum are discarded is that >> arch-inspecific files can have timestamps embedded into them at build >> time. This means, for instance, that documentation can differ between >> builds of a subpackage despite it being a prime candidate for a noarch >> subpackage. >> >> An idea for a change would be to extend rpmdiff to be able to list >> changes in md5sum between all files except those marked as %doc. This >> would let documentation packages through even if timestamps were >> embedded but not let a noarch package with differing headers through, >> for instance. > > Another class of files that are noarch-but-different are .pyc/.pyo > files, as Julian Sikorski found out: > > https://www.redhat.com/archives/fedora-devel-list/2009-February/msg01826.html > > > Issues like this, where files differed because of embedded > timestamps/hostnames/etc. but were not different in any meaningful way > came up during testing of this feature. As a result it was decided to > not fail a build due to differences in file size, digest, or mtime > because this would have resulted in a lot of false positives, and > significantly reduced the usability and usefulness of this feature. > > The automated checks are not a replacement for diligent package review > and testing, they are there to help package maintainers catch silly > mistakes and oversights. What we have now is a good balance between > catching those oversights and not burdening maintainers with a huge > number of false positives that (as in the python case above) they are > unable to do anything about and thus unable to make use of this feature. > > Note that this feature is in no way more dangerous or prone to error > than the existing method of creating noarch subpackages (extra-arches). > What is interesting that there is a whole lot of .pyo/.pyc files among the museek+ subpackages, yet only these two were catched. Julian -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
