On Mon, 15 Aug 2011 16:20:47 -0400, SV (seth) wrote: > On Sat, 2011-08-13 at 09:19 +0200, Michael Schwendt wrote: > > On Fri, 12 Aug 2011 12:08:50 -0400, SS (Simo) wrote: > > > > > If rpmbuild does not add an implicit requires with libraryX >= <version > > > we built against> then it is certainly broken. > > > > One could also argue that an activity like "yum install ..." ought to > > search for and apply the latest available updates of needed packages. Such > > behaviour has been rejected some years ago, if memory serves correctly. > > > It was rejected with good reason, I think. I do not think we should be > adding functionality into yum which: > > 1. violates the principle of least surprise for the admin > 2. covers up for not-specific-enough requirements in the packaging. Well, I can understand that point of view partially. The rationale isn't entirely convincing, though. The more explicitly versioned dependencies we would add to packages (either manually or automatically during rpmbuild), the more updates a "yum install" would pull in. It won't be a full update, but could break other installed packages. Running out-of-date installations is not only a problem when a newly installed package works only with latest updates. Ordinary bugs in dependencies can also be a reason why the newly installed package will need a full "yum update" before it would work [at all or correctly]. Ever seen users with an app startup crash and "yum update APP-PKG-NAME" not fixing it becuase "yum update LIB-PKG-NAME" was necessary? > It just feels like it would be fixing a "problem" at the wrong layer. Where is the right layer? Do we need to adjust the packaging policies wrt updates? Fedora 15 by default displays update notifications less frequently. The package installer could at least notify the user about available updates immediately after installing a package. Some updates could be important, especially if they are a dependency of the newly installed package. Users with out-of-date installations often are harder to support not just because of old issues they run into. If application misbehaviour is fixed in a system library, there is a library package update, but the application package normally isn't rebuilt just to add to it a "specific-enough requirement" on the updated library. This isn't limited to one programming language. Even a Python app could crash at run-time because of a bug in a Python module with an update that has not been installed yet. I think we are ill-advised if we publish a steady flood of updates (even for old dist releases), but want users to install updates less frequently. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
