Bug#1104823: pre-approval/unblock: dpkg/1.22.19
Hi!
On Thu, 2025-05-15 at 23:02:56 +0200, Guillem Jover wrote:
> On Thu, 2025-05-15 at 20:55:30 +0200, Paul Gevers wrote:
> > On 15-05-2025 19:00, Guillem Jover wrote:
> > > > Ack, but please (for avoidance of any trouble) only upload after the
> > > > debian-installer RC1 has been released, which will be announced on
> > > > d-d-a.
> > >
> > > Perfect thanks! Ah, and also thanks for the explicit note, it was not
> > > entirely clear to me from the announcement, as that only mentioned
> > > udeb-producing packages, which dpkg is not. I'll wait until the
> > > release has happened.
> >
> > I don't think dpkg is involved, but I'd rather be safe then sorry.
>
> Sure, no problem.
I've just uploaded it now.
> > > > While reviewing I spotted the following, it seems like this might
> > > > now be obsolete in the Breaks:
> > > > # Uses new sq features, w/o requiring a hard dependency on sq.
> > > > sq (<< 0.40.0~),
> > >
> > > In stable/bookworm sq is currently at 0.27.0-2+b1, so to avoid
> > > breakage during partial upgrades it seems to me that's still relevant,
> > > but perhaps you were thinking about sqv which in stable/bookworm
> > > is currently at 1.1.0-1+b5? Or perhaps something else?
> >
> > I was more thinking that dpkg now doesn't drive sq anymore (as it's
> > not in the list of Depends) so I'd expect an older version of that
> > wouldn't matter. But reading the diff again, I see that
> > `DEFAULT_CMD` still points at sq, so I guess the code to drive sq is
> > still there. Or did I still misread the diff? Or perhaps something
> > else?
>
> Ah. The OpenPGP backends can support a "full" (in terms of what dpkg
> needs) OpenPGP implementation that can sign, verify, etc, (for the Sequoia
> backend that would be «sq»), or a "verification-only" implementation
> (for the Sequoia backend that would now be «sqv»). The users of the
> API can request whether the latter is enough for their use (such as
> dpkg-source), and then the auto-detection code will try to find a
> backend that has a suitable command available.
>
> sq is still in the list of Recommends/Suggests for the "full"
> implementation alternatives. sqv is now in the alternatives for the
> "verification-only" implementations (where in case an implementation
> does not have a matching "verification-only" command the one providing
> the "full" one is listed instead).
>
> Hope that clarifies. :)
I took the liberty (given the nature of the change) and ended up adding
a couple of comments trying to clarify the above in the debian/control
file, patch attached, hope that's fine!
Thanks,
Guillem
From f089a3c89956e5a1ff2b96361c4e0201c27d598b Mon Sep 17 00:00:00 2001
From: Guillem Jover <guillem@debian.org>
Date: Sun, 18 May 2025 23:33:30 +0200
Subject: [PATCH] debian: Document OpenPGP implementation dependencies
Clarify that the ones are for full implementations, and the others are
for at least verification-only implementations.
Prompted-by: Paul Gevers <elbrus@debian.org>
---
debian/control | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/debian/control b/debian/control
index 429a438e6..9e15c9bb4 100644
--- a/debian/control
+++ b/debian/control
@@ -131,7 +131,9 @@ Recommends:
build-essential,
gcc | c-compiler,
fakeroot,
+# OpenPGP implementations providing full support.
sq | sqop | rsop | gosop | pgpainless-cli | gpg-sq | gnupg,
+# OpenPGP implementations providing at least verification-only support.
sqv | sqopv | rsopv | sopv | gosop | pgpainless-cli | gpgv-sq | gpgv,
# Used by dpkg-mergechangelogs.
libalgorithm-merge-perl,
@@ -185,7 +187,9 @@ Recommends:
Suggests:
debian-keyring,
debian-tag2upload-keyring,
+# OpenPGP implementations providing full support.
sq | sqop | rsop | gosop | pgpainless-cli | gpg-sq | gnupg,
+# OpenPGP implementations providing at least verification-only support.
sqv | sqopv | rsopv | sopv | gosop | pgpainless-cli | gpgv-sq | gpgv,
gcc | c-compiler,
binutils,
--
2.49.0
Reply to: