Bug#626476: lintian: reduce dpkg-dev to Suggests
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 2011-05-12 23:00, Colin Watson wrote:
> On Thu, May 12, 2011 at 08:51:36AM -0700, Russ Allbery wrote:
>> Hurm. I have to admit that this doesn't make me particularly happy, since
>> checking source packages seems like a fundamental action of Lintian. The
>> use of dpkg-dev in Lintian seems to meet the Policy definition of at
>> *least* Recommends fairly clearly, and Suggests feels much too weak when
>> we lose that basic of functionality.
>>
>> On the other hand, I have no alternative solution to your particular
>> problem; the Recommends list of dpkg-dev is indeed rather heavy, since it
>> includes build-essential.
>
Hi
> Hmm. I kicked this around with some of my team. Here are a few
> alternatives, all a bit grotty in one way or another:
>
> * Split lintian into two binary packages, one of which only supports
> checking binary packages, and the other of which (still called
> 'lintian') supports everything and depends on the first.
>
> * Reimplement the small number of checks we consider for this use case
> in aptdaemon or somewhere else.
>
> * Split out dpkg-source from dpkg-dev.
>
An alternative to this is to use libdpkg-perl to do the unpacking; that
would save some depends of dpkg-dev, assuming the libdpkg-perl API is
stable here.
> * Observe that we already document how to unpack source packages
> without dpkg-dev for users of non-Debian systems (in
> /usr/share/doc/debian/source-unpack.txt - it currently only documents
> format 1.0, but I attached a patch to #579263 some time ago that
> updates this to 3.0), and that therefore this is an interface that
> it's not necessarily too dreadful to reimplement as long as it's
> strictly as a fallback for the case where dpkg-source is not present.
>
> Perhaps oddly, I think the last of those actually strikes me as the
> least bad solution, although only because the method is already
> documented (modulo that bug report).
>
~Niels
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJNzFTcAAoJEAVLu599gGRC03AP/2MF6WRnFd3ly81Ov09A8mPS
upDy++pwXnl1kx4Nt7gi22VQnr42M3QrOiBoAF5aMbfrxfbGirTUUZyidx93WivF
iTUcw7xvqxBNxWeSklde89RnpU70VnBq8kxe5luGftoSLbVCljhNlalL6Vp78RxI
c6MKbHPmBUPDMjzcCzOxutJfMUfw8uGj+gSO3qVNK0a0yn0ixeTluV5Qt2TusMNM
DGDRUq3I+vJ6e2AtVuN1hSPlNMvycIR9clfO1znXJ7vSPMbBJ+A1todXfP6wiDPn
YwhlnkU5Torj78mNzNxwcYU6ZIJTIl0gehwH+h1Tbz6jYDpbkycr44MNAf4hhwUy
oow2N1GucG7DpYEs1ZpUd+2TcXtJ7DpUT9Zua04XQnDK2voStd6YJNye2M6btEbp
SkNYEurFZirvTFhFd3LhBlNrqQFBiKIwxcBoJlKpmyce3QBI81DsX+Bq+egnL0xN
YDi8wDoBrg8Aj6HN7iuEj31a/gmbFnW/cBt9IpK8oWyRIkhgND1TsvR1+yc82EKa
/DboxEJ/2yutXvvkaHZhfFEjKk3q5+NMSvm7bOvE3AX7tcT6eKhFUPOQoQmJ+Bis
N8xPIZsD5smNIMg3FO8eDs1AfiSdaSt92ADdcP01K0b9USZjU6DSIsPtfCQIu+EX
8Tf3TzbhYJMXPhUsCNHJ
=SYF0
-----END PGP SIGNATURE-----
Reply to: