On Fri, Aug 05, 2005 at 12:11:39AM +0200, Sylvain LE GALL wrote:
> Does it also warn you about the fact that some library are out of of
> date (ie you cannot find MD5 of one dependency). For example, the is a
> package A.deb provding the module A and B.deb providing the module B
> which depend on A. Now, A.deb is rebuild and the signature of A is
> changed... When installing A.deb, does a warning concerning the fact
> that the module B (which is installed) doesn't be able to compile
> because the signature of A has changed. ?
No, it doesn't. But this wont be easy to implement with the current
architecture. At the moment the centralised database has been kept at
minimum and contains only information about which packages provide which
signatures. Dependency information are stored only in the dependency
fields of packages.
In order to implement what you are proposing, if I understood it
correctly, the centralised database need to be extended in order to keep
track of all dependencies (e.g. that B.deb depends on A.deb with some
signature). Is it worth the effort? Don't know, but I see your point.
--
Stefano Zacchiroli -*- Computer Science PhD student @ Uny Bologna, Italy
zack@{cs.unibo.it,debian.org,bononia.it} -%- http://www.bononia.it/zack/
If there's any real truth it's that the entire multidimensional infinity
of the Universe is almost certainly being run by a bunch of maniacs. -!-
Attachment:
signature.asc
Description: Digital signature