Bug#637444: experimental gkrellm broken by openssl split
Stefan Bühler
lighttpd at stbuehler.de
Fri Aug 12 14:00:39 UTC 2011
On 08/12/2011 03:15 PM, Andreas Metzler wrote:
> On 2011-08-11 Stefan Bühler<lighttpd at stbuehler.de> wrote:
>> Package: gnutls26
>> Version: 2.12.7-4
>
>> Manual breaks are the wrong way imho - they only protect "known"
>> dependencies.
>
> We do know the packages in Debian that break. I have checked.
That didn't work well, did it? gkrellm in experimental is broken now.
Looking at the changelog you already had fun adding new Breaks...
And i might add that it is a really closed view of the world.
There are more repositories for debian packages than the official ones;
nobody asks you to support them ofc, but breaking the interface of a
library packages is just wrong.
>> Imho the gnutls library itself needs a so bump - you should never
>> change the interface provided by a library packages, and this
>> includes reomving libs.
>
> The main gnutls API did not break. The fact thhat I ahve shipped two
> librariers in a single package does nor change this.
Ok, the main gnutls library doesn't need a so bump, but you need a new
package name. sorry for the wrong wording.
> There is also a question of scale. 4 packages in Debian use the
> openssl wrapper, 200 use gnutls proper.
>
> ametzler at argenau:~$ grep-available -FDepends -sPackage \
> libgnutls26 \ | wc
> 202 404 4355
Well, shit happens. But the reason still stands: a library *package*
provides an interface, which must be binary compatible with updates.
That is the point of dependencies after all.
> On top of that there is no reason for upstream to change the man
> gnults soname. It did not break. There is already another new gnutls
> stable release (3.0.0), it does break the API/ABI and includes a
> soname bump.
>
> Please also note that I have asked on Debian release ages ago whether
> handling the transition the way I did was ok, or whether they had
> better ideas.
I found now the mail with your question, but there was no answer...
For reference:
http://lists.debian.org/debian-release/2011/03/msg00405.html
I see 3 possibilities:
* Rename libgnutls26 (I often saw people append "c2" when sobump wasn't
an option)
* Provide a backported openssl wrapper in libgnutls26
* Move to the new upstream release (with sobump) asap, and hope that
the broken libgnutls26 doesn't hit testing.
ciao
stefan
More information about the Pkg-gnutls-maint
mailing list