[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Upgrade problems from LTS -> LTS+1

Hi all

And this is the result:

Fist I instructed apt to download stretch and buster source packages files.

After that I run the command like this:
ola@tigereye:~$ ./checkversions.pl --old /var/lib/apt/lists/httpredir.debian.org_debian_dists_stretch_main_source_Sources --old-sec /var/lib/apt/lists/httpredir.debian.org_debian-security_dists_stretch_updates_main_source_Sources --new /var/lib/apt/lists/httpredir.debian.org_debian_dists_buster_main_source_Sources --new-sec /var/lib/apt/lists/httpredir.debian.org_debian-security_dists_buster_updates_main_source_Sources

And the output is as follows:

mqtt-client: 1.14-1+deb9u1 newer than 1.14-1
ruby-websocket-extensions: 0.1.2-1+deb9u1 newer than 0.1.2-1
velocity: 1.7-5+deb9u1 newer than 1.7-5
debian-security-support: 1:9+2021.01.23 newer than 2020.06.21~deb10u1

So it looks like we have four packages to fix, that is four packages that have a higher revision in stretch than in buster. I'm a little  surprised about the debian-security-support package here.

Where do you think I should include this tool and what should I name it to?

Currently it just detects errors, it does not know whether the version error is from normal release or security release. This could be added if necessary.

Best regards

// Ola

On Mon, 17 May 2021 at 10:56, Ola Lundqvist <ola@inguza.com> wrote:
Hi

Yes that makes sense. I can write some tool for that too. But now I'm focusing on finding already existing problems. The script is almost ready. I'm testing it right now.

// Ola

On Mon, 17 May 2021 at 10:49, Utkarsh Gupta <utkarsh@debian.org> wrote:
Hello,

On Mon, May 17, 2021 at 2:05 PM Ola Lundqvist <ola@inguza.com> wrote:
> 3) Merge the normal release with the security release (takes the latest)

Yeah, the goal is to cover all sorts of releases (normal, -pu, security) and
get the highest version amongst them.

> 4) Compare the two merged sets and check if the later release has any
> entry that is lower than the older release. Output those as "package version".

I think we shouldn't wait for when the package in the older release
has a greater version but check them *before*. That is, those packages
having the same version in ELTS & LTS or LTS & LTS+1 should be
flagged. This means, if they're added to {ela,dla}-needed, they should
either warrant a DSA upload or a -pu upload along with the DLA or ELA.
Hope that makes sense?



- u



--
 --- Inguza Technology AB --- MSc in Information Technology ----
|  ola@inguza.com                    opal@debian.org            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
 ---------------------------------------------------------------



--
 --- Inguza Technology AB --- MSc in Information Technology ----
|  ola@inguza.com                    opal@debian.org            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
 ---------------------------------------------------------------

Reply to: