On Fri, Aug 05, 2011 at 01:06:18PM +0200, Kilian Krause wrote: > Hi Peter, > > On Fri, 2011-08-05 at 13:18 +0300, Peter Pentchev wrote: > > On Fri, Aug 05, 2011 at 08:52:37AM +0200, Kilian Krause wrote: > > > Hi Tony, > > > > > > On Thu, 2011-08-04 at 15:58 -0500, Edgar Antonio Palma de la Cruz wrote: > > > > > Done. > > > > > - URL: http://mentors.debian.net/debian/pool/main/w/wizznic > > > > > - dget > > > > > > > > > > http://mentors.debian.net/debian/pool/main/w/wizznic/wizznic_0.9.2-preview2+dfsg-1.dsc > > [snip] > > > > > > 4.) Having +dfsg as delimiter can be quite harmful. Usually ~dfsg is the > > > preferred method as this will always be lower than the upstream version. > > > Thus no matter what the next upstream version will look like, you can > > > bump your package up to that version. > > > > Errr... Maybe I'm missing something here, but why is that? How exactly > > can having "+dfsg" be harmful? > > > > My understanding is that both "+dfsg" and "~dfsg" are acceptable and it > > is only ".dfsg" that may indeed be harmful if upstream decides to > > release a next version with a new component that sorts lower than, well, > > "dfsg" :) However, I really don't see what upstream's next version > > number has to be so that it will cause problems with "+dfsg"; could you > > please provide an example? > > If upstream bumps 0.9.2-preview2 to 0.9.2-preview2+ABBA (considering > they have new ABBA tracks that are now available as musical score - just > for making a point here) what then? This is what will happen:
Well, yes - I did indeed think of this, but... honestly, how often
have you seen upstream versions containing a plus sign at all? :)
OK, seriously now. How many packages are there with an *upstream*
version containing a plus sign, as opposed to a plus sign added only
by the Debian package maintainer? I ran the following command:
awk '$1 == "Version:" {print $2}' unstable-i386-Packages |
sed -e 's/-.*//' |
fgrep '+' |
sed -Ee 's/[+](dfsg|ds|nmu|b|debian|svn|git|cvs)[0-9]*//' |
fgrep + |
sort -u
This brought up all of 268 lines (could have been less if I'd
also included other patterns - debian, repack, deb, darcs, ...).
From a not-too-quick look, it seems that they ALL fall into one of
the following cases:
- a Debian source repacking (by the maintainer)
- a version later than the last released upstream version, obtained
from a VCS, noting the revision or the date tag (by the maintainer)
- a 3.0 (quilt) multiple-upstream-tarballs package (by the maintainer)
- a non-3.0-quilt multitarball package, when the maintainer wants to
pack up some additional things, like a dependency or something
- a "this, but really that" version, when a package's version really
has to be rolled back due to regressions, but an epoch is not
desired (by the... yep, you guessed it, maintainer :)
- a "this, but with a slight twist" version, most often still
a repacking, but sometimes adding another package's source in there
(again, the maintainer)
...and... well... okay, so there might be three or four packages that
I've missed that have a plus sign for a different reason, but
I honestly believe that there are really no more than three or four
such packages in the Debian unstable archive as it stands now.
That is, in the current Debian archive, the plus sign in the package
version seems to be pretty much *always* added by a conscious decision
of either the maintainer or other parts of the Debian infrastructure
(e.g. binary NMU uploads by the buildds).
> Checking for 0.9.2-preview2+dfsg-1 <= 0.9.2-preview2+ABBA+dfsg-1 will
> fail.
>
> Not that it's highly likely that this will happen a lot, but to not have
> to worry about such problems, I'd recommend always using ~dfsg instead
> of any other notation.
Right, I do understand this point of view. My (amateur) analysis above
was mostly meant to try and convince you that "not highly likely to
happen a lot" in this case means something more like... uh, "never in
the current Debian archive" :) Of course, I *know* that it *is*
possible that somebody, somewhere, will some day release an upstream
package and put a plus sign in the version number - actually, ISTR
hearing about such packages, although I'm not quite sure what they were
right now - but even then, the Debian maintainer can make a conscious
choice to replace that plus sign with something else, since it might
cause problems not just with the +dfsg additions, but also with NMUs,
backports, binary NMUs and other cases when the Debian thing to do is to
add a plus-component to the version number.
And I also just thought of something else :) If a package needs a DFSG
or DS cleanup in its very first upload, then +dfsg and ~dfsg are
functionally equivalent and you're free to prefer ~dfsg, just as I think
I'm free to prefer +dfsg :) However, if a package has already been
uploaded and somebody finds a DFSG violation, the maintainer has to
upload a new version with a *higher* version number - and that's when
~dfsg will simply not work. So... to not have to worry about such
problems, I personally always use +dfsg instead of any other notation :P
Thanks for the time spent reading this, and keep up the great work!
G'luck,
Peter
--
Peter Pentchev r...@ringlet.net r...@freebsd.org pe...@packetscale.com
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
I am the thought you are now thinking.
signature.asc
Description: Digital signature
