dev-cpp/sourcetrail: Adjust openssl dependency #10777
Conversation
Copyright policy changePlease note that on 2018-09-15 Trustees have approved new Gentoo copyright policy. All contributions made to Gentoo need to follow this policy. If you include the Signed-off-by line in your commit message, you indicate that you have read the policy and agree to its terms. For more detailed explanation, please see the new Gentoo copyright policy explained article. Pull Request assignmentSubmitter: @dhallas dev-cpp/sourcetrail: @dhallas, @gentoo/proxy-maint Linked bugsBugs linked: 674788 In order to force reassignment and/or bug reference scan, please append Docs: Code of Conduct ● Copyright policy (expl.) ● Devmanual ● GitHub PRs ● Proxy-maint guide |
gentoo-bot
added
self-maintained
| @@ -17,7 +17,7 @@ IUSE="examples selinux" | |||
| DEPEND="dev-util/patchelf" | |||
|
|
|||
| RDEPEND=" | |||
| dev-libs/openssl | |||
| =dev-libs/openssl-1.0*:* | |||
There was a problem hiding this comment.
:*slot operator is contradicting your version restriction- Instead of restricting to
1.0, you should depend on the correct binary openssl slot - A change of
RDEPENDrequires revbump.
There was a problem hiding this comment.
Thanks for the feedback :)
I have adjusted the dependency to dev-libs/openssl:0 - I hope that is correct? I am not entirely sure how OpenSSL handles binary backwards compatibility, but I assume that any version within slot 0 is binary compatible? As I noted in the commit message, I can see from the binaries that the Sourcetrail package has been built against OpenSSL 1.0.1f.
Also, I haven't done a revbump before, so please let me know if I haven't done it correctly :)
There was a problem hiding this comment.
slot 0 is for source packages, while 1.0* versions would currently work for your package, slot 0 is already providing 1.1.0 and 1.1.1 as well. so if your binary package needs 1.0, depend on slot 1.0.0. Use eshowkw to get a good overview over available slots.
There was a problem hiding this comment.
So would that mean that the ebuild should depend on:
=dev-libs/openssl:1.0.0
or would it be
=dev-libs/openssl-1.0.0*
or how would you express that dependency?
There was a problem hiding this comment.
For depending on the slot, you use: dev-libs/openssl:1.0.0
There was a problem hiding this comment.
But now I get a huge list of blocked packages, it appears to be caused by dev-libs/openssl:1.0.0 and dev-libs/openssl:0 cannot be installed at the same time :/ This is far from optimal :) So what can I do to fix this?
If I do a grep -r 'dev-libs/openssl:[1-9]+' /usr/portage I don't see any mathes, so I am wondering what other binary packages are doing?
Looking at app-emulation/crossover-bin-17.5.1.ebuild the OpenSSL dependency is listed as dev-libs/openssl:0[abi_x86_32(-)] and for media-sound/spotify it is simply dev-libs/openssl:0
Any help is greatly appreciated
This is an extract of the blockers I see:
/usr/local/portage/dev-cpp/sourcetrail emerge -1 sourcetrail
These are the packages that would be merged, in order:
Calculating dependencies ... done!
[ebuild NS ~] dev-libs/openssl-1.0.2q-r200:1.0.0::gentoo [1.0.2q:0::gentoo] USE="asm sslv3 tls-heartbeat zlib -bindist -gmp -kerberos -rfc3779 -sctp -sslv2 -static-libs -test -vanilla" ABI_X86="(64) -32 (-x32)" CPU_FLAGS_X86="(sse2)" 0 KiB
[ebuild R ~] dev-cpp/sourcetrail-2018.3.55-r1::DavidsOverlay USE="-examples (-selinux)" 0 KiB
[blocks B ] =dev-libs/openssl-1.0.2*:0 ("=dev-libs/openssl-1.0.2*:0" is blocking dev-libs/openssl-1.0.2q-r200)
Total: 2 packages (1 in new slot, 1 reinstall), Size of downloads: 0 KiB
Conflict: 1 block (1 unsatisfied)
* Error: The above package list contains packages which cannot be
* installed at the same time on the same system.
(dev-libs/openssl-1.0.2q-r200:1.0.0/1.0.0::gentoo, ebuild scheduled for merge) pulled in by
dev-libs/openssl:1.0.0 required by (dev-cpp/sourcetrail-2018.3.55-r1:0/0::DavidsOverlay, ebuild scheduled for merge)
>=dev-libs/openssl-0.9.8:* required by (net-vpn/openvpn-2.4.6:0/0::gentoo, installed)
(dev-libs/openssl-1.0.2q:0/0::gentoo, installed) pulled in by
dev-libs/openssl:0/0= required by (dev-db/mariadb-10.1.37:0/18::gentoo, installed)
dev-libs/openssl:0= required by (www-client/falkon-3.0.1:0/0::gentoo, installed)
dev-libs/openssl:0/0= required by (dev-libs/libgit2-0.26.8:0/26::gentoo, installed)
>=dev-libs/openssl-0.9.8:0= required by (dev-python/m2crypto-0.24.0:0/0::gentoo, installed)
There was a problem hiding this comment.
But now I get a huge list of blocked packages, it appears to be caused by dev-libs/openssl:1.0.0 and dev-libs/openssl:0 cannot be installed at the same time :/ This is far from optimal :) So what can I do to fix this?
When you look closer it is not the slots that are conflicting, but of course dev-libs/openssl-1.0.2q-r200:1.0.0 needs to block =dev-libs/openssl-1.0.2*:0 which would install the same files. Other versions within slot 0 are fine.
The blocker happens because you only make a partial upgrade, and you are apparently coming from a stable system. But sourcetrail only has ~arch keywords, so it is perfectly fine to be blocking arch versions.
There was a problem hiding this comment.
Thanks for the quick reply. But I am not sure I know how to fix this?
It is true I generally run a stable system, but I had to add =dev-libs/openssl-1.0.2q-r200 to package.keywords because there are no stable openssl for the 1.0.0 slot. I have tried adding =dev-libs/openssl-1.1.0j to package.keywords as well, and that removes most of the blockers, only leaving these:
[blocks B ] >=dev-libs/openssl-1.1 (">=dev-libs/openssl-1.1" is blocking dev-db/mariadb-10.1.37)
[blocks B ] >=dev-libs/openssl-1.1.0 (">=dev-libs/openssl-1.1.0" is blocking dev-db/mariadb-10.1.37)
And that blocker is probably caused by that version of mariadb not being compatible with openssl-1.1.
So why is it that openssl-1.0.2q-r200 doesn't fulfill the dev-libs/openssl:0 slot? I can see that it has the SLOT variable set to 1.0.0 and that is probably why, but how is this handled for other packages? It seems like it makes it very hard for users to install a consistent system :/
So, should I just update the pull request to change the RDEPEND line to dev-libs/openssl:1.0.0 just like you initially said, and then I will need to sort out how to make the package installable on my system?
Thanks for explaining these things :)
|
Sorry guys but most of this discussion about the correct package slot is nonsense. Like I wrote in https://bugs.gentoo.org/674788, the best approach is |
Thanks for the reply, and sorry if I have misunderstood something, I am a new maintainer and I am really trying to understand how these things work :) So should I just update the pull request to have Thanks for your feedback |
There are often >1 ways to do something, and Poly-C's advice is the most compatible even with mixed |
Yes, I totally agree :) |
|
Please change the openssl dep back to |
I have updated the commit with the requested changes. Let me know if there is anything else I need to do. |
Adjust openssl dependency to depend on =dev-libs/openssl-1.0*:*. The Sourcetrail package is built agains openssl-1.0.1 so depending on =dev-libs/openssl-1.0*:0 should match the correct version. Closes: https://bugs.gentoo.org/674788 Package-Manager: Portage-2.3.51, Repoman-2.3.11 Signed-off-by: David Hallas <david@davidhallas.dk>
Sorry about that ;) I have fixed it now and I have set it in my |
Pull request CI reportReport generated at: 2019-02-04 07:59 UTC No issues found |
Adjust openssl dependency to handle slot depencies. The Sourcetrail
package is built agains openssl-1.0.1 so pinning it to
=dev-lib/openssl-1.0*:* should match the correct version.
Closes: https://bugs.gentoo.org/674788
Signed-off-by: David Hallas david@davidhallas.dk
Package-Manager: Portage-2.3.51, Repoman-2.3.11