Bug#832654: debian-policy: 3.5 Dependencies possibly not detailed enough (about versioning etc.)
Package: debian-policy
Version: 3.9.8.0
Severity: wishlist
Hello,
I just filed #832650
(insufficient Depends of systemd 230-7),
and also had
several similar package issues
reported in earlier times.
I just realized that
debian-policy section "3.5 Dependencies"
perhaps is insufficiently worded:
It does not mention e.g. "versioning" of a dependency
(this may be intentional after all,
since this section may want to be
a more general, short/concise statement
that dependencies simply need to be "correct",
regardless of whether this then applies to
specific dependency information stuff
such as version values, etc.).
One additional aspect here
(which may also need mentioning via explaining)
is the question of
whether (or: how strongly)
reliability of these dependency requirements
also apply to
the use case of
inter-distro-version upgrading
(i.e., upgrading from a rather old distro base).
A key phrase which may be missing from that section
(especially near
"Every package must specify the dependency information")
is
"require a sufficiently fully qualified dependency",
to "always guarantee successful operation of the depender
after installation or upgrades".
Worded differently, perhaps a good form is
"require dependencies stated in
sufficiently fully precisely qualified information form
(package name, version level, etc.),
to achieve
always guaranteeing successful operation of the depender
after whichever installation or upgrade occurs".
[or "after any installation or upgrade"]
Policy demands here
ought to be clarified a bit I believe
(without this section then ending up overly verbose, of course),
in order to achieve
maximally precisely stating
what is or is not the requirement that
package maintenance efforts
are expected to meet.
Thanks,
Andreas Mohr
Reply to: