Le dimanche 04 mars 2018 à 12:37 +0100, Michał Górny a écrit : > Hi, everyone. > > I have proposed a new check for repoman [1] (with a patch at [2]) > that > would warn developers about suspicious '=' deps. > > By suspicious, I mean dependencies '=foo-1.2.3' which are sometimes > mistakenly used instead of '~foo-1.2.3', and cause some degree of > mayhem > when someone revbumps the package (either by preventing people from > upgrading or causing depgraph breakage). > > The check would trigger whenever '='-class dependency is used without > a revision specified and without the '*' suffix. It would suggest to > either use '~' operator when any revision is acceptable, or > explicitly > specify '-r0' (which is equivalent to no revision specified). > > In other words, repoman would complain at: > > =dev-foo/bar-1.2.3 > > but it will be happy if you used: > > ~dev-foo/bar-1-2.3 > =dev-foo/bar-1.2.3-r0 > > I think this cause the trouble of specifying '-r0' rather rarely, and > it > will decrease the number of mistakes, also effectively making Gentoo > development easier. It is somewhat inspired by the handling of slot > operators (where repoman explicitly asks you to use ':*' instead > of no operator when the latter would be ambiguous). > > What do you think?
Sounds good. The attached script hopefully gives a good indication of how much packages would be affected. A local run raises about 92 ebuilds.
#!/usr/bin/env python
from portage import isvalidatom, portdb
for cpv in portdb.cpv_all():
deps = portdb.aux_get(cpv, ['DEPEND', 'RDEPEND', 'PDEPEND'])
atoms = set(' '.join(deps).split(' '))
suspicious = []
for atom in atoms:
if not isvalidatom(atom):
continue
# Drop USE-dependencies and slots
atom_simple = atom.split(':')[0].split('[')[0]
if atom[0] == '=' and atom_simple[-1] != '*' and not atom_simple.endswith('9999'):
suspicious.append(atom)
if suspicious:
print('%s: %s' % (cpv, suspicious))
signature.asc
Description: This is a digitally signed message part
