Bug#574956: dpkg drops zero-epoch in status file
- To: David Kalnischkies <kalnischkies+debian@gmail.com>
- Cc: 574956 <574956@bugs.debian.org>, Celejar <celejar@gmail.com>, pkg-perl-maintainers@lists.alioth.debian.org, gregoa@debian.org, debian-dpkg <debian-dpkg@lists.debian.org>, Goswin von Brederlow <goswin-v-b@web.de>
- Subject: Bug#574956: dpkg drops zero-epoch in status file
- From: Guillem Jover <guillem@debian.org>
- Date: Fri, 30 Apr 2010 18:31:42 +0200
- Message-id: <[🔎] 20100430163142.GA5026@gaara.hadrons.org>
- Mail-followup-to: David Kalnischkies <kalnischkies+debian@gmail.com>, 574956 <574956@bugs.debian.org>, Celejar <celejar@gmail.com>, pkg-perl-maintainers@lists.alioth.debian.org, gregoa@debian.org, debian-dpkg <debian-dpkg@lists.debian.org>, Goswin von Brederlow <goswin-v-b@web.de>
- Reply-to: Guillem Jover <guillem@debian.org>, 574956@bugs.debian.org
- In-reply-to: <[🔎] p2yc64043e61004300356za77e0adeie1a4b256808a3bc6@mail.gmail.com>
- References: <[🔎] p2yc64043e61004300356za77e0adeie1a4b256808a3bc6@mail.gmail.com>
Hi!
On Fri, 2010-04-30 at 12:56:08 +0200, David Kalnischkies wrote:
> The problem:
> To compare versions with the same version number apt generates
> a hash over a few informations which are available online and
> in dpkgs status file: all dependencies and the installation size.
> (as these are likely to change if this is another version)
[...]
> we can see that dpkg in his status file drops the zero-epoch.
> This doesn't change the semantic as zero-epoch and no epoch are
> considered equal, but as apt uses the string without deeper
> parsing at this stage this is a big difference in the hash.
> ( can be seen in apt-pkg/deb/deblistparser.cc VersionHash() )
The same problem arises with non-significant zeros before digits, for
example:
0.001 == 0.1 == 00:000.1
Although this might be trickier to see in the wild, as dpkg itself
would not normalize these versions, but an unknowing packager could
generate those (somehow) thinking they are different.
> Quick&Dirty workaround is to drop the zero-epoch in the package
> so the Packages and status file are equal again. (cc'ed perl group
> and last uploader, maybe they want to do that)
>
> The real solution is to either tell apt to strip out the zero-epoch for
> the hash or to tell dpkg to not remove the zero-epoch in status.
> It is relatively easy for apt to ignore the epoch for the hash as it is
> a simple hash and we don't need to care about false positive removes
> so apt still doesn't need to do expensive parsing here, but i want
> to ask dpkg maintainers (cc'ed and titled to grep their attension)
> for their opinion as this is maybe something they want to change
> instead in their logic for consistence…
> (through no zero epoch could be a change to be consistence…).
I don't think dpkg should stop removing the zero-epoch, it would be
redundant and confusing information. But it might be a good idea to
make dpkg-gencontrol for example drop it on output. And it seems that
apt might need to consider the other equivalent versions too.
regards,
guillem
Reply to: