sane dependencies -- a positive look at 'fix your packages'

Andy Hanton andyhanton at comcast.net
Sat Oct 4 19:10:35 UTC 2003 

On Sat, 2003-10-04 at 14:39, Michael Schwendt wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Sat, 04 Oct 2003 13:58:32 -0400, Andy Hanton wrote:
> 
> > They aren't the only ones working on this stuff.  The zero-install
> > project (http://zero-install.sf.net/) seems to be trying for a more
> > interesting solution.  They actually link software to libraries using a
> > caching http filesystem.  For example, an application that needs gtk2
> > would link to /uri/0install/www.gtk.org/gtk2/libgtk-x11-2.0.so.
> 
> Treat me like a dumb user, please. In which way is that better than
> the current dependency on libgtk-x11-2.0.so.0? What problems is it
> supposed to fix?

The idea is that the same library could be used on debian or Suse or
whatever.  Basically it effects end users, but it doesn't really solve
any problems for Fedora developers.  

> 
> > So it
> > doesn't need the funny hacks autopackage uses to detect what the user
> > has installed.
> 
> $ rpm --redhatprovides libgtk-x11-2.0.so.0
> gtk2-2.2.1-4

It doesn't really help as much for common libraries. The idea is that
library authors can maintain their own binaries.  Application authors
can be sure that the end user's system will be able to find the library
because the url is embedded in the binary.  

Try rpm --redhatprovides libenchant.so.1.0.0 on a redhat 9 box.
/uri/0install/www.abisource.com/enchant/libenchant.so.1.0.0 
would clearly be better in that case.  

I think the idea that we can package all the dependencies that could
ever exist is unrealistic.  Even if we become like debian with 10,000
packages that won't solve the cross distribution problem.  You can't
tell your grandmother who runs Suse to go to the web page and download
an rpm because suse hasn't packaged all the dependencies.  

>  
> > The user can double click the application and all the
> > dependencies are downloaded automatically and doing so never breaks
> > anything else on the system.  
> 
> We do have that feature already, don't we?

No, we don't.  With zero-install the user never actually uses a package
management system.  

Here is how it works:
1.download an application from the author's web page
2. double click the archive to untar it
3. double-click the application and it runs

Basically the user does not need to think about finding a binary for
their specific distribution or understand dependencies or package
management.  It provides Mac OS X type simplicity on Linux.  

-- 
Andy Hanton <andyhanton at comcast.net>

More information about the fedora-devel-list mailing list