[Build-common-hackers] Bug#311724: cdbs: Automatic update of debian/control, first paragraph, broken
Joerg Jaspert <firstname.lastname@example.org>, email@example.com
Fri, 03 Jun 2005 00:08:01 +0200
First of it: Im *not* after getting cdbs to die or something which I
already heard from some, it is *this* one mis-feature im against.
Im talking about the "Update Build-Depends on the fly" thing and the bad
things that it produces.
Sorry, but Packages with such autogenerated build-dependencies should
not go in our archive, for various reasons, the biggest one is:
=2D Modifying them on the fly can mean that they change without you noticing
it. This is not bad for the actual built you do, but now think about later
builds. Our autobuilders will get the changed Build-Dependencies and then
may built a different thing.
Or think about NMUs (eg. for RC fixes and stuff) or in worst case even
A few examples of autogenerated Build-Dependencies which I found in NEW
are (trimmed for line-size):
1: debhelper (>=3D4.2.0), cdbs (>=3D0.4.23-1.1), build-essential,
debhelper (>=3D4.1.0), quilt, patchutils (>=3D0.2.25),
cdbs (>=3D0.4.27-1), python-dev
Note: I havent doubled the debhelper or cdbs ones, they ARE this way.
2: cdbs (>=3D 0.4.23-1.1), build-essential, debhelper (>=3D 4.1.0),
patchutils (>=3D 0.2.25)
Note: Here it is mainly b-e - maybe related to an older bug in cdbs,
but still an example.
I could paste more, but would make mail unneccessary long. :)
A solution to this thing is simple:
Add another target in the cdbs thing, that is *never* called automaic
in the build-process, only if the maintainer runs it with debian/rules
target and let that one do the update thingie. Of course maintainer
needs to look if it is correct then.
The only exception from modifying something in the first paragraph of
debian/control is the uploaders field, as it would be insane for some big
group-maintained package to do that by hand, but thats it.
"That's just f***ing great, now the bar for being a cool guy in free
software just got raised. It used to be you just had to write a million
lines of useful code. Now you've got to get a subpoena from SCO to be cool."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Joerg Jaspert <firstname.lastname@example.org> -- Debian Developer
-----END PGP SIGNATURE-----