You are not logged in.

#26 2018-09-02 01:41:16

eschwartz
Member
Registered: 2018-08-31
Posts: 11

Re: New tool to check the dependency tree of your repos

levi wrote:

Thanks for the suggestions.

I couldn't get your fakerooted example to work as is, since the lock file genuinely needed root permissions to access.  I was able to kind of getting it to work by specifying a local dbpath, but then it seemed to want to download the whole dependency tree for the package, which is rather unnecessary.

Local dbpath is fine, see how the "checkupdates" script from pacman-contrib does it though since you likel.

Or you could just use -dd to skip dependency checks, since you're operating as a download agent on a db copy...

But -Sp works.  It does spit out the missing dependencies I think, but they seem to come first in the listing.  I wasn't initially keen on just assuming the last entry is the right one, but I can also check it has the package name and the right version in it I guess, which seems like it should be reliable.  Perhaps I don't even need to filter by position; just look for the thing with the right name and version, which I should already know, which should be less flakey in case pacman decides to reorder the output in the future.

This is actually an explicit feature, it should follow the same order as pacman -Su in listing the order of packages -- that is to say, IIRC it is topological dependency sorting.

We've actually received a bug report because someone wanted to have it alphabetically sorted or sorted by command-line order. hmm
https://bugs.archlinux.org/task/59371

But again, -Sddp would only print the packages you explicitly list, without also listing the unfulfilled dependencies you'd need to install first.


Arch Linux (64) Bug Wranger and Trusted User

Offline

#27 2018-09-02 01:53:29

eschwartz
Member
Registered: 2018-08-31
Posts: 11

Re: New tool to check the dependency tree of your repos

levi wrote:

So the list is really:

make (core) -> guile (extra)
python-gpgme (core) -> python (extra) (ditto for python2)
qgpgme (core) -> qt5-base (extra)
squlite-analyzer (core) -> tcl (extra)
util-linux (core) -> libcap-ng (extra)

I guess, to fix those things either need to be pushed from core back out to extra (python-gpgme maybe) or vice versa and promoted (libcap-ng perhaps), or a third way which is to demote the positive dependency down to an optional dependency (I don't see why make can't work without guile).

For anyone else, I'll try to make clear that these issues have only been tested on arch64 so far, but I reckon there's good odds these apply in arch32 too.  They should probably be fixed upstream and ported down though I guess.

Huhhhhhh. I'll need to raise this for discussion.

Make is linked to guile, in order to support the guile scripting language in make. Seems to me like guile should be in core.

python-gpgme and qgpgme are split packages not really needed for gpgme, but they're in core because their split pkgbase is... maybe we could fix that, maybe they should just be one package with optdepends.
Same logic applies for sqlite-analyzer

util-linux depends on libcap-ng for /usr/bin/setpriv, added in https://bugs.archlinux.org/task/53248 but I think libcap-ng should have been moved to core at the time...

I suppose, though, that all things being considered core is still doing pretty good in this respect, with the exception of a few things that just sneaked in.

We used to have a service to report on things like this, but it died for a few reasons including https://www.archlinux.org/news/deprecation-of-abs/


Arch Linux (64) Bug Wranger and Trusted User

Offline

#28 2018-09-02 21:18:49

levi
Moderator
From: Yorkshire, UK
Registered: 2018-06-16
Posts: 244

Re: New tool to check the dependency tree of your repos

Ah, thanks for the hint about -dd; I must have missed where it says that in man pacman.  Using -Sddp and then constructing a curl statement based on the returned string seems easier than having to set up some fake directories to get fakerooted -Sddw to work, and then I can check the contents using tar -tf while redirecting STDERR to /dev/null since there seems to be some metadata tar doesn't understand which it squarks about before every line; unless there's a simpler way of listing the package contents without installing it?

And yeah, I don't think that handful of packages that can't be installed with core only is bad given the couple hundred that are in that repo.  It just surprised me that there were any.

Currently in my refactoring, I've hit a situation where I have versioned and unversioned package names swimming in front of me.  I may need to sleep on this to get my head round it.

Offline

#29 2018-09-03 04:28:45

eschwartz
Member
Registered: 2018-08-31
Posts: 11

Re: New tool to check the dependency tree of your repos

levi wrote:

Ah, thanks for the hint about -dd; I must have missed where it says that in man pacman.  Using -Sddp and then constructing a curl statement based on the returned string seems easier than having to set up some fake directories to get fakerooted -Sddw to work, and then I can check the contents using tar -tf while redirecting STDERR to /dev/null since there seems to be some metadata tar doesn't understand which it squarks about before every line; unless there's a simpler way of listing the package contents without installing it?

Use bsdtar instead of tar.

Actually, many people will tell you that that is a general lesson for life. smile


Arch Linux (64) Bug Wranger and Trusted User

Offline

Board footer

Powered by FluxBB