Subject: Re: CVS commit: pkgsrc/pkgtools/pkg_install/files/admin
To: None <>
From: Greg Troxel <>
List: tech-pkg
Date: 08/10/2007 20:11:23

Joerg Sonnenberger <> writes:

> On Fri, Aug 10, 2007 at 07:21:52PM -0400, Greg Troxel wrote:
>> The nature of make replace is that anything that depended on the old
>> package is modified to depend on the new package.  This is a safe
>> transformation if there isn't an ABI change, and it's dangerous if there
>> is.  The unsafe_depends tag enable pkg_rolling-replace to resolve the
>> dangerous situations.
> If the pattern can be used to still match the package, there is no point
> in modifying the PLIST. This is similiar to how binary packages don't
> play such games either. I'd even argue that it is destroying
> informations here.

I think see your point.  You're objecting to replacing a dependency
pattern in a depending package with a particular version.  I agree that
this is unnecessary and arguably harmful, and it would be fine with me
were it to stop.  As long as 'make replace' still functions with more or
less the same semantics as it does now, I'll be relatively content.

In a recent discussion with dillo@, I came to believe that dependency
matching had both to be more complex and simpler than it is now.  A
package depends (strictly) on the version of a package with which it was
built.  It depends more generally on any version of that package which
has the same ABI.  Because ABI coding is hard (people will get it
wrong), he and I concluded that a sensible approach was to allow the
dependency to be satisfied by any later version that did not break ABI

With this, the dependency would just be expressed as x.y (the build
dependency).  Then, any version that doesn't have an

So I believe that "foo > 1.3" doesn't make sense; we can't know that
foo-2.0 is ok.  But "foo 1.3", where that means foo-x.y where x.y >= 1.3
and the foo-x.y doesn't set EARLIEST_COMPATIBLE_VERSION > 1.3 seems to
capture the situation exactly.

So, with make replace, and I'd argue pkg_add -u, we'd set unsafe_depends
if the above rule is violated, and otherwise not.

Does that seem ok to you?

Content-Type: application/pgp-signature

Version: GnuPG v1.4.7 (NetBSD)