Re: pkgsrc package information problem

[oskar%fessel.org@localhost]

Am 06.08.2023 um 12:08 schrieb Greg Troxel <gdt%lexort.com@localhost>:

Jan-Hinrich Fessel <oskar%fessel.org@localhost> writes:

while sorting out some other bugs in som software, PHO and i ran across a circular dependency in some of my systems.
I found out  that in the package information there is too much information stored.
Example:

dweezil# pkg_info -rN libpsl
Information for libpsl-0.21.2:

Built using:
libidn2-2.3.4
libunistring-1.1
digest-20220214
wget-1.21.3nb2

Full required by list:
wget-1.21.4

This is completely wrong from my point of view.  A package should
never have the „FETCH_USING“ part recorded as being built with,
because it has no impact on the actual build process and implies it
can only be rebuilt using that circular dependency.
Probably noone else uses pkg_rolling-replace in combination with FETCH_USING.  But this looks like a design error to me.

Perhaps this is a side effect that FETCH_USING adds a BUILD_DEPENDS
(which is maybe TOOL_DEPENDS or should be).

dweezil# grep wget libpsl-0.21.2/*
libpsl-0.21.2/+CONTENTS:@blddep wget-1.21.3nb2
libpsl-0.21.2/+REQUIRED_BY:wget-1.21.4

It seems ok to record this as a dependency that *was used to build the
package*.  

I tend to disagree, it was not used to build the package, it was used to fetch the sources.

And worse, in the past i stumbled upon cases where rebuilding any packet was triggered by updating wget.  That is clearly not what i desire to do.

That is different from a dependency that *will be used to
build the package*, which pkg_rr obtains via

       bdeps=$(/usr/bin/env ${MAKE_SET_VARS} ${MAKE} show-depends VARNAME=BUILD_DEPENDS)
       tdeps=$(/usr/bin/env ${MAKE_SET_VARS} ${MAKE} show-depends VARNAME=TOOL_DEPENDS)
       rdeps=$(/usr/bin/env ${MAKE_SET_VARS} ${MAKE} show-depends)

It does, but before that it does:

        echo "${OPI} Checking if $pkg has new depends..."
        OLD_DEPENDS=$(${PKG_INFO} -Nq $pkg | sed 's/-[0-9][^-]*$//')
        NEW_DEPENDS=
        cd "$PKGSRCDIR/$pkgdir"
        bdeps=$(/usr/bin/env ${MAKE_SET_VARS} ${MAKE} show-depends VARNAME=BUILD_DEPENDS)
        tdeps=$(/usr/bin/env ${MAKE_SET_VARS} ${MAKE} show-depends VARNAME=TOOL_DEPENDS)
        rdeps=$(/usr/bin/env ${MAKE_SET_VARS} ${MAKE} show-depends)
        for depver in $bdeps $tdeps $rdeps; do
            dep=$(echo $depver | sed -e 's/[:[].*$/0/' -e 's/[<>]=/-/' \
                -e 's/-[0-9][^-]*$//')
            if ! is_member $dep $OLD_DEPENDS $NEW_DEPENDS; then
                NEW_DEPENDS="$NEW_DEPENDS $dep"
                DEPGRAPH_SRC="$DEPGRAPH_SRC $dep $pkg"
            fi
        done

and from pkg_info -Nq it gets the wget dependency:

dweezil# pkg_info -Nq libpsl

libidn2-2.3.4

libunistring-1.1

digest-20220214

wget-1.21.3nb2

dweezil# pwd

/usr/pkgsrc/www/libpsl

dweezil# make show-depends VARNAME=BUILD_DEPENDS

dweezil# make show-depends VARNAME=TOOL_DEPENDS

python311>=3.11:../../lang/python311

libtool-base>=2.4.2nb9:../../devel/libtool-base

mktools-[0-9]*:../../pkgtools/mktools

gmake>=3.81:../../devel/gmake

lzip>=1.14:../../archivers/lzip

pkgconf-[0-9]*:../../devel/pkgconf

cwrappers>=20150314:../../pkgtools/cwrappers

checkperms>=1.1:../../sysutils/checkperms

dweezil# make show-depends

libidn2>=2.3.3nb1:../../devel/libidn2

libunistring>=1.1:../../textproc/libunistring

which seems quite right to me.

For me, pkg_rolling-replace is not at fault, it is the build-process that adds wget, at least to the wrong category.

I wonder about your circular dependency, what it was exactly, and if it
is real.  It seems like it is real, and you should perhaps exempt libpsl
from FETCH_USING.

and libunistring.  and remove the dependency on wget from all packages apart from those who actually depend on it so they don’t get updated everytime wget gets an update.  I find that rather non-intuitive.  And for me, this is not a real dependency.

dweezil# pkg_rolling-replace -nv

RR> Checking for mismatched installed packages (mismatch=YES)

RR> Excluding the following mismatched packages:

rr> EXCLUDE=[]

RR> Checking for rebuild-requested installed packages (rebuild=YES)

RR> Checking for unsafe installed packages (unsafe_depends=YES)

RR> Packages to rebuild:

rr> MISMATCH_TODO=[p5-YAML p5-HTML-Tiny libwebp p5-Path-Tiny p5-HTML-Parser meson p11-kit net-snmp p5-Inline p5-JSON liblinear p5-Email-MIME-ContentType p5-Inline-C p5-Graph autogen gpgme p5-Readonly lcms2 nghttp3 libpaper openjdk17 p5-Net-LibIDN tex-wasy py311-pip p5-Math-Round orc p5-URI p5-HTML-Tagset blas p5-XML-XPath qt4-qdbus p5-Test-Pod p5-Digest-HMAC p5-Pod-POM go118 p5-Net poppler-includes p5-XXX rarian p5-Email-Date-Format py311-dns g95 p5-File-Listing lua53-lpeg qca2 p5-HTTP-Negotiate p5-Clone p5-Pegex p5-IPC-Run3 p5-Email-Valid p5-Test-Base p5-Pod-Markdown gnupg2 tdb cmake xxhash libXaw qca2-ossl boehm-gc openjdk11 py311-lxml p5-Try-Tiny py311-anytree p5-Test-Deep p5-Test-Fatal py311-pathspec p5-XML-SAX p5-MailTools p5-Net-Domain-TLD p5-Business-ISBN p5-Module-Implementation p5-Socket6 p5-Heap p5-Error openldap-server gobject-introspection curl p5-TimeDate p5-IO-stringy talloc p5-Filter openldap cargo-c p5-Email-Address p5-IO-tty libheif lldpd pyzy p5-GD p5-Net-IP p5-Spiffy python-versions-check qoauth postfix rhash p5-Test-Pod-Coverage ImageMagick p5-IO-String p5-IO-Pipely ngtcp2 p5-Test2-Suite ImageMagick6 p5-XML-NamespaceSupport p5-IO-CaptureOutput p5-IO-HTML p5-Data-OptList p5-Importer p5-Term-ReadKey p5-Params-Util p5-Sub-Exporter-Progressive gcc10 p5-inc-latest p5-Email-Send p5-CPAN-Meta-Check p5-Test-Warn p5-Sub-Install p5-File-ShareDir-Install dbus tex-pslatex p5-File-Which wayland-protocols qemu p5-Params-Validate nodejs p5-Sub-Name p5-Test-YAML go14 py311-pdf p5-Class-Method-Modifiers p5-MIME-Types pango qt4-tools py311-charset-normalizer p5-Image-Info nghttp2 tex-algorithms p5-Moo libva yt-dlp p5-List-SomeUtils-XS p5-Email-Address-XS p5-List-UtilsBy p5-Email-MIME p5-Exporter-Tiny py27-curses p5-Module-Util hiredis gsftopkk p5-File-Slurper gtexinfo p5-Devel-Cycle p5-Test-Memory-Cycle p5-File-Slurp-Tiny p5-Net-SSLeay p5-Tree-DAG_Node p5-Test-Requires p5-HTTP-Cookies p5-FFI-CheckLib p5-List-SomeUtils p5-YAML-LibYAML p5-Readonly-XS p5-Ref-Util-XS riemann-client p5-Digest-SHA1 p5-Set-Object p5-Text-Autoformat p5-File-MimeInfo openjdk8 openldap-client p5-Authen-SASL xmlsec1 taglib p5-IO-Socket-SSL p5-Email-MessageID p5-Test-CPAN-Meta p5-HTTP-Date p5-PkgConfig p5-Role-Tiny p5-Specio p5-Devel-Symdump p5-Pod-Coverage perl p5-Test-LeakTrace p5-Event p5-PadWalker p5-Mail-Sendmail p5-MRO-Compat lmdb p5-Capture-Tiny p5-LWP-MediaTypes p5-Mozilla-CA qjson p5-Alien-Libxml2 p5-Test-Needs p5-Module-Build-Tiny p5-List-AllUtils p5-XML-Parser p5-Path-Iter p5-File-Copy-Recursive MesaLib p5-HTTP-Message p5-Net-SMTP-SSL p5-Net-HTTP p5-Text-Reform p5-Scalar-List-Utils p5-String-ShellQuote p5-Email-MIME-Encodings p5-File-BaseDir p5-Module-CPANfile p5-Encode-Locale p5-Sub-Uplevel p5-Parse-PMFile p5-boolean p5-File-HomeDir p5-XML-LibXML redis rust qt4-libs p5-IPC-Run p5-Devel-GlobalDestruction p5-Regexp-Common p5-XML-SAX-Base p5-gettext p5-Sort-SQL p5-File-DesktopEntry p5-Ref-Util p5-common-sense p5-Path-Class p5-XML-Simple p5-List-MoreUtils p5-XML-SAX-Expat p5-Test-Manifest p5-GSSAPI p5-File-pushd p5-Net-DNS p5-Text-TabularDisplay p5-Devel-Caller p5-Sub-Info p5-Set-Crontab p5-XML-Writer p5-Task-Weaken p5-YAML-PP p5-Type-Tiny p5-Module-Build p5-List-MoreUtils-XS p5-Devel-OverloadInfo py311-trove-classifiers py311-typing-extensions p5-Pod-Parser p5-Getopt-Long-Descriptive p5-File-chdir p5-HTTP-Tinyish p5-HTML-Scrubber p5-Dist-CheckConflicts p5-Business-ISBN-Data p5-Shell-Config-Generate p5-Shell-Guess p5-Locale-libintl p5-WWW-RobotRules p5-IO-Socket-INET6 p5-File-Slurp p5-Sub-Identify p5-Data-UUID p5-ExtUtils-Helpers guile22 glib2 p5-Package-Variant p5-Sub-Quote p5-Parse-Yapp dovecot-pigeonhole p5-Scope-Guard w3m py311-urllib3 samba py311-wheel p5-Module-Runtime-Conflicts p5-Devel-StackTrace p5-Text-Glob p5-Test-Warnings python311 gdbus-codegen p5-Eval-Closure wandio p5-Unicode-EastAsianWidth p5-Unix-Process p5-Text-Unidecode p5-Module-Runtime p5-Sub-Exporter glib2-tools p5-Import-Into p5-ExtUtils-MakeMaker-CPANfile p5-local-lib p5-LWP-Protocol-https harfbuzz p5-OLE-Storage_Lite p5-Number-Compare p5-MooX-Types-MooseLike poppler-utils p5-IO-LockedFile p5-POE-Test-Loops p5-Data-Perl p5-File-Find-Rule p5-Module-Pluggable p5-Time-Duration p5-Return-Value p5-ExtUtils-InstallPaths p5-HTML-LinkExtractor p5-HTML-Tree p5-Alien-Build p5-ExtUtils-Config p5-Devel-LexAlias xml-security-c p5-Email-Simple p5-Perl4-CoreLibs p5-Package-Stash iso-codes go120 p5-strictures p5-IPC-System-Simple py27-sqlite3 py27-SimpleTAL p5-Sort-Versions p5-Test-EOL p5-Test-NoTabs openldap-doc p5-HTTP-Daemon p5-Search-QueryParser p5-Set-Infinite p5-ExtUtils-PkgConfig p5-Digest-Perl-MD5 p5-Win32-ShellQuote libimagequant p5-Term-Table p5-Package-Stash-XS dbus-glib py311-pspdfutils p5-Text-Balanced p5-Parse-RecDescent postfix-pgsql SDL2 cbindgen py311-cryptography nss]

rr> REBUILD_TODO=[tex-url xenkernel415]

rr> UNSAFE_TODO=[desktop-file-utils ORBit2 orc atk blas liblqr libIDL libvdpau boehm-gc at-spi2-atk cairo-gobject mm-common gobject-introspection poppler pango p5-Email-MIME riemann-client p5-List-AllUtils at-spi2-core harfbuzz dbus-glib]

RR> Building dependency graph for installed packages

RR> Tsorting dependency graph

tsort: cycle in data

tsort: wget

tsort: libpsl

Attachment: smime.p7s
Description: S/MIME cryptographic signature