On Sun, 19 May 2002, Frederick Bruckman wrote:
> The thing about going through all of the hundreds of packages that
> depend on "png" to see exactly which version is minimally needed, is
> that, in the long run, it would benefit nobody. We only support having
> one version of "png" installed, so eventually, as you upgrade
> packages, you'd get to one package that requires the latest version,
> and then you'd have to rebuild all the packages you'd already built.

Yes, I'd probably have to upgrade png and everything that depends on it,
eventually.  If that happens after the png in pkgsrc has been upgraded
from 1.2.1 to something later, then my delay will have allowed me to
rebuild everything only once (to upgrade png from the 1.0.12 that I have
to the future 1.x.y), instead of twice (first to upgrade png from 1.0.12
to 1.2.1, and then again to upgrade png from 1.2.1 to 1.x.y).  I claim
that a reduction in the number of rebuilds would be a benefit in the
long run.

I can see why we don't want binary packages built against new versions
of libpng.so to be installed with old versions of libpng.so, but the
same argument doesn't seem to hold for packages built from sources.  It
seems to me that it would be reasonable for a binary package to depend
on *exactly* the version of any shared library packages that it was
built with, but for the corresponding source package to have much looser
dependencies.

--apb (Alan Barrett)