Bug#851506: cpanminus embeds other modules in fatpacked library
Damyan Ivanov
dmn at debian.org
Sat Nov 18 20:16:30 UTC 2017
Control: found -1 1.7040-1
Control: severity -1 serious
-=| Dominique Dumont, 15.01.2017 19:59:44 +0100 |=-
> cpanminus embeds convenience copies of other modules.
>
> Outside of Debian, fatpacking other modules with cpanminus makes sense
> to help users install this tool (which is a package manager). THis
> avoid a catch22 issue.
>
> BUt in Debian context, all required modules are available as Debian
> packages and are installed with apt. So the fatpacked modules are
> needlessly duplicated.
>
> Providing cpanminus without fatpack can be done by either:
> - removing fatpacked part from the cpan tarball
> - create debian package from upstream git repo (where fatpack
> is not yet done, even if this repo contains convenience
> copies of the modules).
What the current package does is to remove 33 unneeded fatpacked
modules from the installed script (in bin/). (see debian/rules at [1])
[1] https://anonscm.debian.org/cgit/pkg-perl/packages/cpanminus.git/tree/debian/rules
However, these aren't all the fatpacked modules. App::cpanminus::*
modules are also fatpacked.
Note that before version 1.7040, the fatpacked modules look like
a mere copies of the original source. Since 1.7040 they have their
white-space compressed, making them much less of a useful "source" and
more like a minified javascript.
What do others think? I am raising the severity to 'serious', but if
you disagree, please revert.
-- dam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20171118/f7c22220/attachment-0001.sig>
More information about the pkg-perl-maintainers
mailing list