[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#758234: debian-policy: allow packages to depend on packages of lower priority

On Sat, Aug 16, 2014 at 09:03:14AM -0700, Russ Allbery wrote:
> Gerrit Pape <pape@dbnbgs.smarden.org> writes:
> > Hi, in my opinion this paragraph in policy is just fine
> 
> I really don't agree.  Policy currently implies that the maintainers of
> packages control their priority settings in the archive.  This is simply
> not true, and has not been true for as long as I've been involved in
> Debian.

Hi, AIUI this is not the topic this bug is about.  The subject says
"allow packages to depend on packages of lower priority" and the body
suggest to remove the paragraph from policy.

I hereby object to this change.

> > and helps us to keep control over the size of required and important.
> 
> This is a different issue.  You want oversight over what goes into
> required and important.  I can certainly see why you want this.

Yes.

> However, Policy still should not contain incorrect statements about how
> that oversight works, and it certainly isn't under the control of the
> package maintainers.  Currently, that oversight is provided by the ftp
> team with the (rather awkward) assistance of tools that look for priority
> inversions.

The paragraph under discussion is in "2 The Debian Archive", which
generally is not under control of the maintainers, not the area, not the
section (also overridden), and not the priority.

Also, from the very past when Manoj handled the policy changes process,
I vaguely remember that he often commented that policy documents what
shall be, and not how it shall be done.  But my current interest is not
in this area.

> The maintainers really aren't involved, and it's pointless to
> file bugs against the packages themselves about priorities, to try to fix
> it in debian/control, since that will have no effect on the priorities in
> the archive.

Here I disagree.  In a transparent workflow bugs against the package
that is actually affected are a good thing, no matter how/where the bug
can/will be fixed.  See below.

> (It's reasonable to file bugs against the packages about
> *dependencies*, if you feel that they're pulling in too many other

I'm afraid this often will be a dead end, e.g.
 https://bugs.debian.org/757891

> If you don't feel that the ftp team is the right team to provide
> oversight, or want to propose a different way of managing the contents of
> those priorities, that's quite possibly a good conversation to have
> (although it's probably one for debian-devel).

This is not my concern.

And I think the maintainers greatly are involved, as they add
dependencies to packages, and so start the ftp master's override
process, so let me suggest another change and a workflow to think about:


1. Make "optional" and "extra" of the same priority.  I.e. packages of
priority optional depending on packages of priority extra no longer
"depend on packages with lower priority values".

Now the debcheck "priority" information becomes useful again, as there's
only tens of violations left.  As it is now, latest evidence shows that
it is used as an excuse for deliberate violation of policy 2.5, even for
packages of priority important and standard, and possibly required[0].

2. Whenever a maintainer adds a dependency to a package of lower
priority, file a bug against ftp.debian.org asking to raise priority of
the dependant package.  To make this transparent, file a RC bug against
the package where the dependency is added, or delay the upload.

3. As soon as the override is in place, the RC bug can be closed, or the
package uploaded.

There's nothing bad about RC bugs, we should not fear them!  An RC bug
on a package version in unstable prevents it from being migrated to
testing, which is a good thing if there's an override decision pending.


Currently the whole process is neither transparent nor controlled:  E.g.
since wheezy until now, the rsyslog maintainer added 10 new dependencies
to packages of priority extra and optional.  Including one dependency on
a package that in turn depends on the perl package.  rsyslog is of
priority important.  All of this already is in testing, and none of this
information is transparent, neither through the rsyslog bug entries, nor
through the ftp.debian.org bug entries
 https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=ftp.debian.org;dist=unstable#_0_1_4

BUT, having these overrides now added by the ftp masters, as the replies
I read until now suggest is the current workflow, will have an impact on
the set of high priority packages I don't agree with.  And policy
neither.

Regards, Gerrit.

[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757891#42
Reply to: