[Fedora-packaging] PHP packaging policy notes

[Toshio Kuratomi]

On Wed, 2006-07-05 at 23:58 -0700, Christopher Stone wrote:
> On 7/5/06, Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> wrote:
> > Again: rpm does not allow to require a certain program (PHP) version;
> > you can require a certain package version only.
> >
> > And btw; packaging guidelines are handling this case already:
> >
> >   | First, if the lowest possible requirement is so old that nobody has a
> >   | version older than that installed on any target distribution release,
> >   | there's no need to include the version in the dependency at all.
> >   | ...
> >   | As a rule of thumb, if the version is not required, don't add it just
> >   | for fun.
> >     [http://fedoraproject.org/wiki/Packaging/Guidelines]
> >
> >
> > > Please do not ask me to lower the quality standards that pear packages
> > > expect by not providing this information in my spec files.
> >
> > You are not lowering quality standards when unneeded and non-working
> > things like "Requires: php >= 4.2" will be omitted.
> 
> Unneeded? by whom? Fedora's rpm? other package maintainers for other
> distributions?  Some poor sap who built his OS from scratch who is
> trying to determine what he needs installed for your package?  Somone
> who only wants to upgrade your package and not their whole system?
> 
> Oh I forgot, version dependencies dont work on Fedora (LOL).
> 
No.  Version dependencies don't work as you're expecting in current rpm.

> We are not adding this information because it's fun, and we are not
> adding requirements for packages that are so old nobody will have them
> installed.
> 
You are adding requirements for package versions which are not relevant
for Fedora, which is what the guidelines are saying should be avoided.

> Can we please close this silly discussion or does anyone here actually
> agree with Enrico?

Enrico has the following points:
1) rpm's handling of Epochs means that versioned dependencies reference
package versions, not upstream versions.  Because of this, including the
version in the rpm when it is unnecessary for all the distributions we
are supporting is misleading and potentially hurts packagers on other
distributions.

2) Using a versioned dependency pulled verbatim from a README file
ignores the patches applied by the Fedora maintainer to the base
package.  If the README says "Requires php >= 5.0.1 because of a bug in
earlier versions" but the Fedora maintainer has backported fixes to
these bugs for the 5.0-4 package, then using a naive versioned
dependency of Requires: php >= 5.0.1 is wrong.

3) The packaging guidelines already state when it is appropriate to
include versioned dependencies and this is not one of them.  This means
we're deciding whether to make an exception for php/pear packages rather
than making new policy.

The point you seem to be making is that PEAR packages include a lot of
information about the versions of upstream releases that are required.
You'd like to include this in the spec file to help other packagers use
this outside of Fedora.

Currently, I'd be disinclined to make an exception for php/pear
packages.  That could change depending on how compelling the answers to
the following two questions are:

Since PEAR packages provide this dependency information, why should we
include it in the spec file?

Enrico's points 1 & 2 mean that adding version information unnecessarily
can mislead foreign packagers rather than help them.  Why do you think
those points don't apply to PEAR packages?

-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-packaging/attachments/20060706/7cd89a27/attachment.sig>