Re: Bug#1109655: Bug#1109513: Likely golang-github-golang-protobuf-1-{3,5}-dev transition

To: Mathias Gibbens <gibmat@debian.org>, 1109655@bugs.debian.org, Simon Josefsson <simon@josefsson.org>
Cc: 1109513@bugs.debian.org, 1109514@bugs.debian.org, 1109516@bugs.debian.org, 1109517@bugs.debian.org, 1109515@bugs.debian.org, Debian Release Team <debian-release@lists.debian.org>, Debian-Go Mailing List <debian-go@lists.debian.org>, Jérémy Lal <kapouer@melix.org>
Subject: Re: Bug#1109655: Bug#1109513: Likely golang-github-golang-protobuf-1-{3,5}-dev transition
From: Jochen Sprickerhof <jspricke@debian.org>
Date: Mon, 28 Jul 2025 20:53:54 +0200
Message-id: <[🔎] aIfHQvPjFA8GqBAf@fenchel>
In-reply-to: <87freq3prl.fsf@josefsson.org> <[🔎] ffee13e49497b779cee3752689a695b84eb824c2.camel@debian.org>

* Simon Josefsson <simon@josefsson.org> [2025-07-21 10:35]:

So are these the right patches?  It seems both
golang-github-golang-protobuf-1-3 and golang-github-golang-protobuf-1-5
uses Conflicts and needs to be modified.  The first patch below is for
1-3 and the last one for 1-5.  I have limited time so if anyone has time
to test, revise patches and do the upload, please don't wait for me.


I did a quick test and this does not solve the upgrade problem.
To test yourself you can simply run:

PKG=golang-github-denverdino-aliyungo-dev; mmdebstrap \
  --chrooted-customize-hook="set -x ; apt -y install $PKG && sed -e s/bookworm/trixie/ -i /etc/apt/sources.list && apt update" \
	--chrooted-customize-hook=bash bookworm /dev/null

once it dropped into the shell edit the Packages file from outside:

unshare --map-root-user --map-auto vi \
  /tmp/mmdebstrap.*/var/lib/apt/lists/deb.debian.org_debian_dists_trixie_main_binary-amd64_Packages

and then run apt dist-upgrade inside the mmdebstrap shell.

* Mathias Gibbens <gibmat@debian.org> [2025-07-27 17:50]:

 What makes this tricky is that golang-github-golang-protobuf-1-3
provides pre-APIv2 protobuf libraries and golang-github-golang-
protobuf-1-5 provides APIv2. While some code might compile with both
versions, they are runtime incompatible and mixing resulting binaries
will result most likely in crashes.

That sounds bad. Given that most packages now have an alternativedependency on 1-3 and 1-5 I guess we have packages compiled against bothversions in the repo. Do you know an example for mixing the binarieswhere we should check?

 I think that a Breaks+Replaces as suggested in bug #1109655 isn't
correct. I'm not familiar enough with the details to be able to
confidently suggest the correct solution to this problem. I did mention
this on the debian-go mailing list hoping to solicit feedback from
others.

Correct, the problem is at dependency resolution time where this isunrelated. Also see above.

 The affected packages in bugs #1109513-7 are all golang development
libraries, which aren't expected to be used other than building golang
packages. I think the odds of an end user encountering the upgrade
issue is low, although it would still be good to fix.


I agree with this.

Cheers Jochen

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Bug#1109655: Bug#1109513: Likely golang-github-golang-protobuf-1-{3,5}-dev transition
  - From: Reinhard Tartler <siretart@gmail.com>

References:
- Re: Bug#1109513: Likely golang-github-golang-protobuf-1-{3,5}-dev transition
  - From: Mathias Gibbens <gibmat@debian.org>

Prev by Date: Bug#1108984: unblock: git/1:2.50.0-1 (discussion)
Next by Date: Bug#1110045: marked as done (unblock: poppler/25.03.0-5)
Previous by thread: Re: Bug#1109513: Likely golang-github-golang-protobuf-1-{3,5}-dev transition
Next by thread: Re: Bug#1109655: Bug#1109513: Likely golang-github-golang-protobuf-1-{3,5}-dev transition
Index(es):
- Date
- Thread