Kevin Kofler via devel kirjoitti 25.3.2024 klo 20.34:
Miroslav Suchý wrote:
I just upgraded my workstation to F40 and it surprised how many packages
were reported by `remove-retired-packages`. There was lots of orphaned
packages - there is nothing to do about them. But there was lot of
packages that were removed intentionally. See the list at the end of my
email.
I want to highlight that we have policy for removing policy
https://docs.fedoraproject.org/en-US/package-maintainers/Package_Retirement_Process/#complete_removal
which at the end mention adding the package to
https://src.fedoraproject.org/rpms/fedora-obsolete-packages
I do not think the "Completely Removing a Package" section is meant for
the cases you mention. The only example given in that section is
licensing issues, i.e. a situation where Fedora was actually not even
allowed to distribute the package, either because of the license
conditions, or because of Fedora's own bylaws.
On the other hand, you do not have to refer to that section if you want
to remind packages about fedora-obsolete-packages. Right before there is
"Obsoleting Packages", which asks to consider obsoleting for every
retirement.
The point of fedora-obsolete-packages is to remove packages that actually
BREAK things when they remain installed. Otherwise, the best thing to do is
to NOT obsolete those packages. Users might still rely on them. E.g., they
might have locally built software that depends on the dropped compatibility
libraries. Forcefully obsoleting those will break the locally installed
software.
I have wondered at this approach even since I discovered that Fedora
actually handles retired packages on distro upgrade like this. In
today's always-connected IT environment full of malicious actors and
threats, I consider it a basic principle to only have software that is
kept up-to-date by *somebody*. For stuff I built and/or installed by
myself, I take that responsibility myself, and suffer the consequences
when I fail to deliver. But if distribution stops providing upgrades to
a package, I would expect it be removed automatically.
So, I would actually much prefer if package retirement automatically
added the package to fedora-obsolete-packages. Perhaps there are special
cases where that would not be a good idea - if there are some, `fedpkg
retire` could have a flag to prevent that from happening.
--
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue