Bug#841207: marked as done (apt-rdepends: When multiple versions of a package exists, apt-rdepends uses the oldest)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Mon, 26 Dec 2016 03:03:35 +0000
with message-id <E1cLLZX-00082u-1b@fasolo.debian.org>
and subject line Bug#841207: fixed in apt-rdepends 1.3.0-6
has caused the Debian Bug report #841207,
regarding apt-rdepends: When multiple versions of a package exists, apt-rdepends uses the oldest
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
841207: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841207
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: submit@bugs.debian.org
• Subject: apt-rdepends: When multiple versions of a package exists, apt-rdepends uses the oldest
• From: spike.sp@free.fr
• Date: Tue, 18 Oct 2016 15:46:42 +0200
• Message-id: <748791276057d8f37ab51abbf4468b24@free.fr>
• In-reply-to: <88ea45743854fe2a32b4eb0a603944a4@free.fr>
• References: <88ea45743854fe2a32b4eb0a603944a4@free.fr>

Package: apt-rdepends
Version: 1.3.0-3
Severity: important
Tags: patch

Dear Maintainer,

I was using apt-rdepends to build a package dependencies when I noticed that the dependencies were incorrect.

For instance, here is an extract of "apt-cache show ansible" (ansible has 2 versions available):

	Package: ansible
	Version: 2.1.1.0-1~bpo8+1
	...

Depends: python, python-crypto (>= 2.6), python-jinja2, python-paramiko, python-pkg-resources, python-yaml, python:any (<< 2.8), python:any (>= 2.7.5-5~), python-httplib2, python-netaddr

	...

	Package: ansible
	Version: 1.7.2+dfsg-2
	...

Depends: python (>= 2.7), python (<< 2.8), python-paramiko, python-jinja2, python-yaml, python-pkg-resources, python-crypto (>= 2.6), python-httplib2

	...


Now if I run "apt-rdepends ansible":
	Reading package lists... Done
	Building dependency tree
	Reading state information... Done
	ansible
	  Depends: python (<< 2.8)
	  Depends: python-crypto (>= 2.6)
	  Depends: python-httplib2
	  Depends: python-jinja2
	  Depends: python-paramiko
	  Depends: python-pkg-resources
	  Depends: python-yaml
	...


Clearly the output if for the 1.7.2+dfsg-2 version which is the oldest.

Now if you dig into apt-rdepends code a comment says (lines 247 & 248): "Notice how we get the last version for our forward dependencies."

Obviously this is not working (or was working in the past ?).

A few lines after (line 253) the version used is extracted from the list of versions using the pop() command. Replacing with a shift() command solves the issue.

Here is a patch:

--- /usr/bin/apt-rdepends       2012-09-16 11:47:10.000000000 +0200
+++ apt-rdepends        2016-10-18 14:51:10.579036849 +0200
@@ -256,7 +256,7 @@
   }
   else {
     if (my $i = $p->{VersionList}) {
-      if (my $j = pop(@$i)) {
+      if (my $j = shift(@$i)) {
        return $j->{DependsList};
       }
     }

Once applied, the output of "apt-rdepends ansible" is:
	Reading package lists... Done
	Building dependency tree
	Reading state information... Done
	ansible
	  Depends: python
	  Depends: python-crypto (>= 2.6)
	  Depends: python-httplib2
	  Depends: python-jinja2
	  Depends: python-netaddr
	  Depends: python-paramiko
	  Depends: python-pkg-resources
	  Depends: python-yaml
	  Depends: python:any (>= 2.7.5-5~)
	...

Which corresponds to the last version.


-- System Information:
Debian Release: 8.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apt-rdepends depends on:
ii  libapt-pkg-perl  0.1.29+b2
ii  perl             5.20.2-3+deb8u6

apt-rdepends recommends no packages.

Versions of packages apt-rdepends suggests:
pn  springgraph | graphviz  <none>
pn  vcg                     <none>

-- no debconf information

--- End Message ---

--- Begin Message ---

• To: 841207-close@bugs.debian.org
• Subject: Bug#841207: fixed in apt-rdepends 1.3.0-6
• From: Joao Eriberto Mota Filho <eriberto@debian.org>
• Date: Mon, 26 Dec 2016 03:03:35 +0000
• Message-id: <E1cLLZX-00082u-1b@fasolo.debian.org>

Source: apt-rdepends
Source-Version: 1.3.0-6

We believe that the bug you reported is fixed in the latest version of
apt-rdepends, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 841207@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joao Eriberto Mota Filho <eriberto@debian.org> (supplier of updated apt-rdepends package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 26 Dec 2016 00:23:44 -0200
Source: apt-rdepends
Binary: apt-rdepends
Architecture: source
Version: 1.3.0-6
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Joao Eriberto Mota Filho <eriberto@debian.org>
Description:
 apt-rdepends - recursively lists package dependencies
Closes: 841207
Changes:
 apt-rdepends (1.3.0-6) unstable; urgency=medium
 .
   * QA upload.
   * Bumped DH level to 10.
   * Run wrap-and-sort.
   * debian/control: bumped Standards-Version to 3.9.8.
   * debian/copyright: updated the packaging copyright years.
   * debian/patches/:
       - apt-rdepends: renamed to 10_apt-rdepends.patch.
       - Makefile: renamed to 20_Makefile.patch.
       - 30_fix-multiple-versions.patch: added to fix the use of the oldest
         package when multiple packages exist. Thanks to Michael Bonhomme
         <spike.sp@free.fr>. (Closes: #841207)
   * debian/watch: bumped to version 4.
Checksums-Sha1:
 fa57ec8321662d68c67a5a74138eaa055ffd8173 1773 apt-rdepends_1.3.0-6.dsc
 7e977090ac55c5f975449ade25167aa7dd098151 4920 apt-rdepends_1.3.0-6.debian.tar.xz
Checksums-Sha256:
 be39ce75239656c797a28a9ab3e1606f90ffc09a0297691d17b5ec2c2d356241 1773 apt-rdepends_1.3.0-6.dsc
 a7a0ccc239a85172a1e7c1087a7235bf40d72c692bfbb99bf5cd0743def662d6 4920 apt-rdepends_1.3.0-6.debian.tar.xz
Files:
 8057421dfe22ea8bcffa66e57e9593c9 1773 utils optional apt-rdepends_1.3.0-6.dsc
 e6068ecda60e526e8f6090797b820dc3 4920 utils optional apt-rdepends_1.3.0-6.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENX3LDuyVoBrrofDS3mO5xwTr6e8FAlhggysACgkQ3mO5xwTr
6e+3CA//UgDCO4M/uk3SmDRzNuoAc1IrxhEet7UFg4F/lrGMu/frGa7IUgFPkmG6
VrQWtL0AHa7dbVs2p7XmIhFEeMp6SUPwACxlbL2gNEFbquz6NI24QOk63ugsY+jA
Vl3mq5riD3OSNXPG9GCgut44GIKIXRb/PMHBAsxggjuQXnZ/df7uWDgkAqUMoX0Q
mSvSzGY08sUtNJh25EfeEDjLSV2ra3vLf2O2fSgatR2PmWQCnKeRwL/lC+60/T6Z
sMoSW6IyXTKJjhmhXyH9/wE8JmrbTHDw9qjKzCcSE8Y6i1Gzuov07XmGu/Oiaghz
hYHsdPvEU62/NrEFkeGnpLdhMOXvD9rlUwjt/TJoxLmQ2kPuBXEqo6zL/SRS2MtT
fFaS5SZw3aCbsL09XA27VDu+cFnLKVSSv63lGZGN9v7pZcpT9H7abU4J5txIVC1M
sEZ46CeUf/UJzb+JqBh2RjoZcfHOozjH8cLFbcx4lerYWn3Ui13mXHV0B4KI0uTg
iYw2sAXSCBWcocCdNbqH87cQM4rK+6Ua4spAnBA5gaMX1Q+yGmzC/OVeGwsxBLHC
PfL2en63mfZqonVrPfTeru4gm5nxphFy5A7Grb5DEnGXk2GDyCm7HMzL1td05Qnb
40l4C4Jy8CfhK3/X479OJtCteNaGEcs7aqiVBjGl7JIqIP6iUHQ=
=ecW0
-----END PGP SIGNATURE-----

--- End Message ---