[Pkg-rust-maintainers] rust-flate2_1.0.2-1_amd64.changes REJECTED
Ximin Luo
infinity0 at debian.org
Mon Aug 20 08:40:00 BST 2018
Bastian Blank:
> On Mon, Aug 20, 2018 at 06:48:00AM +0000, Ximin Luo wrote:
>> Hi Bastian, the binary packages are metapackages that encode the fact that when the main binary package is used with certain features "enabled" it is necessary to pull in additional dependencies. This helps users avoid having to pull in those dependencies if they are not using those features of that binary package.
>
> This is a nice idea. But as long as the build-dependencies don't count
> for GB of wasted downloads, the additional binary packages have much
> worse effects on the Debian archive, as everyone have to download the
> metadata. So just don't.
>
There are currently 183 Rust packages in the archive in total and on average they contain ~1 extra metapackage for this purpose.
There are currently 300-400 Fedora Rust source packages and we expect to roughly hit this number. So in the near future there will be roughly 800 Rust binary packages. After that we will grow at the same rate as the Rust ecosystem grows in general, so much slower than this.
It doesn't seem empirically well-justified to assert that Debian can't cope with this many more packages or that it's a great cost of everyone to download this metadata in compressed form. If Rust packages cause a measurable issue, other languages' packages will cause an even greater issue.
Doing it this way also helps us to avoid Build-Depends cycles. If you force us to Build-Depend on the full feature-set of every crate, it is much more likely that we will get Build-Depends cycles due to how the cargo dependency system works, and make it harder to have any rust packages in Debian. So far with our current approach we have encountered 0 Build-Depends loops even though this is a theoretical possibility; and we have manual methods to be able to counteract these situations. However with your suggested approach there would be many more Build-Depends loops that we will have to spend much more effort to getting rid of. For example a concrete one is documented here:
https://github.com/sfackler/cargo-tree/issues/34#issuecomment-394266843
Situations like this go away if we are able to have metapackages avoiding installing certain sets of dependencies.
X
--
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
https://github.com/infinity0/pubkeys.git
More information about the Pkg-rust-maintainers
mailing list