Bug#797163: lintian: please warn if Arch:all package is not Multi-Archi: foreign

To: Niels Thykier <niels@thykier.net>, 797163@bugs.debian.org
Cc: Fabian Greffrath <fabian@debian.org>
Subject: Bug#797163: lintian: please warn if Arch:all package is not Multi-Archi: foreign
From: Helmut Grohne <helmut@subdivi.de>
Date: Sun, 12 Jun 2016 08:33:53 +0200
Message-id: <[🔎] 20160612063352.GA8447@alf.mars>
Mail-followup-to: Helmut Grohne <helmut@subdivi.de>, Niels Thykier <niels@thykier.net>, 797163@bugs.debian.org, Fabian Greffrath <fabian@debian.org>
Reply-to: Helmut Grohne <helmut@subdivi.de>, 797163@bugs.debian.org
In-reply-to: <571B88FE.6060603@thykier.net>
References: <20150828074008.6375.45774.reportbug@kff50.fritz.box> <20150828092516.GA648@jwilk.net> <1440762389.11617.12.camel@debian.org> <20150831100914.GA3915@jwilk.net> <1441016219.21844.13.camel@debian.org> <1441016219.21844.13.camel@debian.org> <571B88FE.6060603@thykier.net>

Control: tags -1 - moreinfo

On Sat, Apr 23, 2016 at 02:38:54PM +0000, Niels Thykier wrote:
> The issue then being that Lintian can say very little about the
> dependencies of a given packages (except if it has none).

I agree. For this reason I implemented the check outside lintian on top
of dedup.debian.net (branch multiarchhints). Making the data easily
available to developers is the next step and lintian is in a far better
position here.

> So the only cases we can reliably argue about are:
> 
>  * No dependencies at all
>  * No dependencies outside packages built from the same source

Even that approach has false positives of two kinds.

 * libblas-common (is not arch:all, but still illustrates the point) is
   used to enforce a same-architecture restriction on downstream
   packages. Changing its Multi-Arch value breaks its purpose. I believe
   that the tag cannot sanely cover such cases and thus needs to be
   overrideable. I will use a manual blacklist for such cases.

 * locales (does have some dependencies, but still illustrates the
   point) has maintainer scripts that process the architecture
   independent package content in an architecture dependent way during
   installation. Thus marking it M-A:foreign would be wrong. See #669188
   for the gory details. The obvious answer to this problem is to limit
   the tag to packages without any maintainer scripts.

   Now we see another benefit of Niels work on removing maintainer
   scripts. :)

> I could be wrong, but it smells like a fairly small target set we can
> reliably deal with.

You'll be surprised to learn that this fairly small target will hit 3500
binary packages. We do have a lot of packages that (sometimes
mistakenly, e.g. tailor or ruby-rd) have no dependencies. In particular,
this will generally hit many *-data and *-common packages which are of
particular interest to e.g. cross building.

If you do the extended dependency analysis (while still precluding
packages with maintainer scripts), you end up with 4400 hits. So the
approximation is indeed fairly good.

I do caveat though that the tag is only correct if the absence of
dependencies is indeed correct (and often enough it isn't). The tag
description (if read by anyone) needs to ask maintainers to double
check whether there really are no dependencies.

Despite these considerations I believe that the tag would be useful for
improving multiarch in Debian.

This mail should answer the open issues that lead to the moreinfo
tagging. If anything is still missing, readd the tag and Cc me.

Helmut

Reply to:

Prev by Date: Bug#827060: false positive for missing-license-paragraph-in-dep5-copyright
Next by Date: Processed: Re: Bug#797163: lintian: please warn if Arch:all package is not Multi-Archi: foreign
Previous by thread: Bug#827060: false positive for missing-license-paragraph-in-dep5-copyright
Next by thread: Processed: Re: Bug#797163: lintian: please warn if Arch:all package is not Multi-Archi: foreign
Index(es):
- Date
- Thread