Bug#527980: Please provide upgrade path from libphysfs-1.0-0 to libphysfs1

[Artur R. Czechowski]

On Sun, May 10, 2009 at 09:10:53AM -0400, Barry deFreese wrote:
> Artur R. Czechowski wrote:
> >Please provide upgrade path from libphysfs-1.0-0 to libphysfs1.
> >In current setup replacing libphysfs-1.0-0 with libphysfs1 requires user's
> >manual intervention.
> libphysfs1 Provides libphysfs-1.0.0 and has the symlink from 1.0.so.0 to 
> .so.2.0.0.  I tested this with several packages.  What type of 
> intervention are you seeing?

Barry,

Please consider following scenario.

User had installed any paackage (let's say, balder2d), depending on
libphysfs-1.0-0. So, real package libphysfs-1.0-0 is installed too.
Next, libphysfs-1.0-0 disappeared and new package libphysfs1 is uploaded.
Of course, it provides virtual package libphysfs-1.0-0, but relation:
balder2d depends on libphysfs-1.0-0 is fullfilled - the latest one is
still installed. So, package manager has no reason to replace this
package with libphysfs1. We have a situation where user has installed
unavailable and unmaintained package. At least unless one manually install
libphysfs1.

In case of serious error (let's say: security related) found in
libphysfs-1.0-0 user have vulnerable package. Even if you release
fixed libphysfs1 it wont be installed.

Yes, there is the worst scenario I can imagine, but one can say it is
able to happen.

As I written in my initial bugreport there are two solution:
1) force user to automatically replace libphysfs-1.0-0 with libphysfs1
   via dummy package;
2) ask maintainers of depending packages to rebuild them to pull
   dependency on libphysfs1 from current shlibs.

As you noticed initial bug is submitted as a wishlist - there is no
threat at the moment. But please consider to resolve the problem.
Being in your shoes I would choose option 2 - asking maintainers to
rebuild packages at their convenience. I also volunteer for submitting
bugreports to proper maintainer if you agree.

Regards
	Artur