View Single Post
  #1   (View Single Post)  
Old 10th January 2010
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,989
Default Coming soon: pkg_add using full version comparisons to avoid spurious downgrades

From a post by Marc Espie on the OpenBSD ports mailing list:
Running some final tests, but pretty soon, pkg_add will use full version comparisons to avoid spurious downgrades.

How this works:
a package has got a version number, such as zip-3.0, but that's not the full
story, it has a more complete signature, based on the depends it needs to run:
@depend and @wantlib lines.
So, for instance, zip-3.0 actually is zip-3.0,c.53.0 because it's built
against libc 53.0.

qt-4 has got a much larger signature:
qt4-4.5.3p0,GL.9.1,GLU.7.0,ICE.9.0,SM.8.0,X11.12.0,Xex t.10.0,Xi.10.1,Xinerama.5. \
0,Xrandr.6.1,Xrender.5.0,c.53.0,expat.9.0,fontconf ig.6.0,freetype.17.0,glib-2.0. \
1802.0,glib2-2.22.4,gmodule-2.0.1802.0,gobject-2.0.1802.0,gstaudio-,gstb \
ase-,gstinterfaces-,gstreamer-,gstreamer-plugins-base-0. \
10.25p0,gstvideo-,gthread-2.0.1802.0,iconv.6.0,intl.4.0,jpeg-7,jpeg.63.0 \
,lcms.2.0,libmng-1.0.10,m.5.2,mng.3.1,png-1.2.41,png.9.0,pthread.12.0,stdc++.49. \

This is just a string representation of the actual signature object, which has
a complete structure that allows for comparisons.

Signature comparisons work as follows:
- compare the package name proper. If it's different, there's no need to look
- if it's identical, look at the dependencies for both packages. Compare
each matching element. If one package consistently has bigger versions, then
it's more recent than the other. If there are mixed results, then we don't
know, and we will allow the update (but reluctantly).

Note the following error message:

Error: $a->{name} exists in two non-comparable versions
Someone forgot to bump a PKGNAME
$a->string, " vs. ", $b->string

It means precisely that. We have insisted on people bumping pkgnames when
things change INSIDE the package proper. That's particularly true when the
set of dependencies changes, since otherwise pkg_add won't be able to figure out which of two packages is the newest.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote