[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFA: sbuild -- Tool for building Debian binary packages from Debian sources

Emile van Bergen <emile-deb@evbergen.xs4all.nl> writes:

> Hi,
> On Thu, May 01, 2003 at 07:01:39PM +0100, Roger Leigh wrote:
> > If there are no better qualified volunteers, I'm willing to take over
> > sbuild.  Does Francesco Paolo Love no longer want to do it?
> > 
> > I have started on a rewrite in C++, though it's still in the early
> > stages.  What I need most is a clear explaation of how to calculate
> > the build dependencies/conflicts--I've not got my head around all that
> > Perl yet!  This includes merging central src deps.  In it's current
> > (Perl) state, I don't feel I could do a good job--it needs rewriting
> > (with more comments!!) in a language that will allow better
> > maintenance.
> Do really think that C++ programs inherently allows better maintenance
> than Perl programs?

In theory, no.  In practice, yes, from what I've seen.  buildd/sbuild
are an unmaintainable mess in their current form, and I feel that a
rewrite from scratch, using the current code as a model, is needed.
sbuild is not well commented: 50 comments (many are not that
informative) in 3100 LOC.  Not one of the subroutines has a comment to
say what it does, or what arguments it takes.

Since you can write very compact code in Perl, using many clever
regexes, this also becomes totally unreadable when you are trying to
discover just what it does, even if you wrote it a few months earlier.
Ideally, every regex should have a description.

> I highly doubt that. There's nothing in Perl that makes it hard to
> maintain; it allows as much encapsulation and other OO-isms to provide
> the same extra maintainability that you can get from the OO features of
> C++.

The OO isn't the issue.  It seems easier to write bad and unreadable
code in Perl, though.

> Maintainability is a feature of the software you write, much more than
> of the language you write your software in.


> I also think that Perl is much more powerful for these text processing
> jobs.

But...it's not text processing, at least apart from parsing the output
of apt-cache/apt-get.

> The actual reason seems more that you understand C++ better than
> Perl. But if you're any good at C++, you'd probably be able to lean to
> write maintainable Perl in weeks if not days.

I can use both (though I'm primarily a C programmer), but I would like
to make sbuild more secure.  Firstly by removing its dependency on
sudo, making it setuid root so it can set up the chroot, then drop all
root privs for the build itself.  Perl isn't so great for setuid
programs, and I can do a better job in C or C++, that will be
maintainable in the long term.


Roger Leigh

                Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
                GPG Public Key: 0x25BFB848 available on public keyservers

Reply to: