On Sun, Aug 12, 2018 at 4:39 AM Robert Marcano <robert@xxxxxxxxxxxxxxxxx> wrote:
On Sat, Aug 11, 2018 at 8:07 PM Rex Dieter <rdieter@xxxxxxxxxxxx> wrote:Robert Marcano wrote:
> For example, someone developing against krb5-devel for a GSSAPI client,
> probably doesn't need openssl-devel installed, that they are linking
> against Kerberos doesn't means they use the same crypto library
> directly, they could use nss for example.
I think you're most likely going to need to deal with this on a case-by-case
basis. In this specific example, find out for sure if "probably doesn't
need openssl-devel" is entirely accurate or not, and take appropriate
measures.Not sure a case-by-case basis will always work, for example I force removed compat-openssl10-devel (rpm - e compat-openssl10-devel --nodeps) that is pulled by nodejs-devel, and I am able to link against NodeJS libraries, because the modules I need to build doesn't use OpenSSL. So compat-openssl10-devel should not be a hard dependency for nodejs-devel. Sadly the package maintainer think this is fine [1].A small packaging guideline change about reducing *-devel hard dependencies when they aren't always required could help.
The problem is that if you build Node.js with OpenSSL 1.0 and then you build a native NPM module with OpenSSL 1.1, you’re going to have a bad day trying to run it. I’m pretty sure you’re going to have a symbol conflict at runtime that will be hard to identify. (And will lead to me getting BZs about it).
That said, maybe this can be solved in a different way (and one that could handle switching OpenSSL versions within a release if needed). We might provide a macro in the nodejs-devel package (not nodejs-packaging) that records which OpenSSL we compiled against and then put in the guidelines that native NPMs that need OpenSSL must use that macro for BuildRequires.
I’m about to head to the airport after Flock, but I’ll think about this a bit in-transit and see what I come up with.
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/5WZQVHPHCOJEHJYI7FK7O7YEEFC2RBP7/