Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PLD Linux: linux-live version abuse #41

Closed
blshkv opened this issue Jun 29, 2018 · 14 comments
Closed

PLD Linux: linux-live version abuse #41

blshkv opened this issue Jun 29, 2018 · 14 comments

Comments

@blshkv
Copy link

blshkv commented Jun 29, 2018

https://repology.org/metapackage/linux-live/versions
https://git.pld-linux.org/?p=packages/linux-live.git;a=blob;f=linux-live.spec;h=3c9001fc6c0192772a496b922d2346655c59ded3;hb=ddc86486bb2803ff399438e772e7518fcac72cf0

The latest release is 2.1
https://github.com/Tomas-M/linux-live/releases
@AMDmi3
Copy link
Member

AMDmi3 commented Jun 29, 2018

Hmm, I wonder why's it 6.3.0 while .spec says Version: 1.8

@AMDmi3
Copy link
Member

AMDmi3 commented Jun 29, 2018
edited
Loading

@glensc 👋 sorry for disturbing, but maybe you could shed some light on this

@glensc
Copy link

glensc commented Jul 10, 2018
edited
Loading

what is this?!

anyway please see full history of the git repository, it used slax linux-live previously:

and the epoch bump when version was decreased, so all is correct in distro sense.

and it's the project author who reset versioning, you're probably seeing built rpm package from the previous generation from ftp.pld-linux.org

@AMDmi3
Copy link
Member

AMDmi3 commented Jul 11, 2018

what is this?!

repology is the service which compares package versions in a lot of repositories, tracks package updates and reports outdated packages (for which newer version is known).

and the epoch bump when version was decreased, so all is correct in distro sense
you're probably seeing built rpm package from the previous generation from ftp.pld-linux.org

That's it, thanks for the insight! Seems like the outdated RPM is the problem. Unfortunately I haven't found any alternative source for PLD packages versions. Maybe you have any ideas?

@glensc
Copy link

glensc commented Jul 12, 2018
edited
Loading

built .rpm files on ftp != git repository for .spec

what is your definition of repository?

  • rpm repository (built rpm's on ftp)
  • git repository (git repo with source for .spec and .patch)

@AMDmi3
Copy link
Member

AMDmi3 commented Jul 12, 2018
edited
Loading

Any source of package names+versions and, if possible, other information (homepage and download urls, maintainer, summary, categories etc.). Sources are obviously preferred as they are genuine, but it's hard to handle thousands of separate per-package repositories (which IIRC is the case for PLD Linux) and it's currently not possible to parse .specs. Some repos provide some kind of index which is easier to parse (a web site or API, or repository index used by package utilities, or, the best of all, a machine parsable dump), but I couldn't find any for PLD linux, only a list of RPMs. I ask because maybe there is something not widely announced, or someone of PLD devs would be interested in creating one. There seem to be demand, as someone asked to add PLD support to repology (repology/repology-updater#604).

@glensc
Copy link

glensc commented Jul 16, 2018

package sources are not genuine. built packages on ftp are genuine. as in this specific case, source spec has been updated, but the new version is not built as it's not complete.

pld ftp has indexes for repodata (repomd) and poldek format (packages.*)

if you want to parse .spec files from ftp, you may want to look at the SRPMS directory.

oh. there's machine parsable .metadata folder, but it's not accessible over http nor ftp somewhy

@blshkv
Copy link
Author

blshkv commented Jul 16, 2018

so the long story short: the version 6.3.0 (http://ftp.pld-linux.org/dists/th/PLD/SRPMS/RPMS/linux-live-6.3.0-1.src.rpm) is 9 years old and no longer available for download from the official website.
Some distros have not upgraded it since then.

Later, upstream has changed version scheme and the latest version 2.1

@AMDmi3
Copy link
Member

AMDmi3 commented Jul 16, 2018

package sources are not genuine. built packages on ftp are genuine.

I can't agree with that, as by definition specs are genuine as RPMs are produced from them. It's true however that users do see RPMs, not .specs, but Repology is currently more maintainer-focused, and the source state is more useful both for maintainers and as a source of fresh versions. Maybe at some point in future we'll support both source and binary packages with a mapping between them.

pld ftp has indexes for repodata (repomd)

That would be useful for SRPMS, but not for binary packages, as these contain splits (foo, foo-devel, foo-docs etc.) which are generally impossible to merge back into projects which can be compared to other distros.

oh. there's machine parsable .metadata folder, but it's not accessible over http nor ftp somewhy

That would be interesting to look at...

@AMDmi3
Copy link
Member

AMDmi3 commented Jul 16, 2018

so the long story short: the version 6.3.0 (http://ftp.pld-linux.org/dists/th/PLD/SRPMS/RPMS/linux-live-6.3.0-1.src.rpm) is 9 years old

Well I'll just add a rule so it's considered outdated when compared to newer scheme versions.

AMDmi3 added a commit that referenced this issue Jul 16, 2018
@AMDmi3
Add outdated rule for linux-live (#41)
88b6173
@blshkv blshkv closed this as completed Jul 16, 2018
@glensc
Copy link

glensc commented Jul 19, 2018

i just recalled, there is single repo where all packages .spec files are committed:

SPECS - copy of all packages .spec files from HEAD, clone url: git://git.pld-linux.org/SPECS

@glensc
Copy link

glensc commented Jul 25, 2018

aside, removed outdated linux-live from th repository. it may take few days for mirrors to update

pldth@ep09-pld SRPMS/.metadata$ pfa-mvpkg PLD .archive/PLD linux-live-6.3.0-1.src.rpm.info

@glensc
Copy link

glensc commented Jul 25, 2018

also made .metadata accessible:

the directory lacked world accessible permissions:

pldth@ep09-pld SRPMS/.metadata$ chmod -R a+rX .

@APIPLM
Copy link

APIPLM commented Sep 19, 2020
edited
Loading

Maybe at some point in future we'll support both source and binary packages with a mapping between them.

It is not necessary to the mapping between source and binary packages. I mean that it might be too complex for some case . Let us say @glensc mentioned that case in the above.

in this specific case, source spec has been updated, but the new version is not built as it's not complete.

that source spec is more like having a release plan for a package. Mapping between source and binary packages, it is more like maintenance repo for different release, obviously that is not you are supposed to do, git is there. So most like as maintainers need to know that release(binary packages) plan for spec and the spec, and then the builder environment of each release(binary packages) and planned version of the source in git repo . Because the release always there after running thorough the process. all test cases success, then get approved, or issue solved process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@glensc @blshkv @AMDmi3 @APIPLM