Control: severity -1 serious
Justification: Policy §3.5, §8.6.2
I happened to notice this in cfengine3's bugs list while checking
whether #992662 had already been reported.
On Thu, 26 Jan 2017 at 11:07:39 +0100, Christoph Martin wrote:
> cfengine3 depends on libpromises3 without version information.
> It should depend on the exact version which also cfengine3 has.
This is a Policy violation and can break partial upgrades, so I'm marking
it as release-critical.
> Please use
>
> libpromises3 (= ${binary:Version})
>
> in the control file
If libpromises3 continues to be shipped in its own binary package,
then this is an appropriate (and simple) solution. For completeness,
debian/rules should probably also pass an appropriate -V option such as
-VUpstream-Version to dh_makeshlibs.
Since libpromises3 appears to be a private library and no development
files are provided to allow other packages to link to it, another option
would be to install libpromises.so.3 into a private library directory
(perhaps by configuring with --libdir=/usr/lib/cfengine3), link
cfengine3 with an appropriate RUNPATH to be able to find it (libtool
should usually do this automatically), and ship it as part of the cfengine3
binary package instead of a separate binary package.
smcv
