mozilla dependencies and versioned conflicts
Loïc Minier
lool+debian@via.ecp.fr
Sun, 22 May 2005 21:02:21 +0200
Hi,
On Sun, May 22, 2005, Steve Langasek wrote:
> The question is, how can we be proactive about identifying the classes =
of
> changes that do or don't break these packages, so that mozilla can be
> checked for compatibility at the time of upload instead of having kazeh=
akase
> and enigmail update their conflicts: after the fact?
Mozilla upstream doesn't seem to pay attention to backward
compatibility for third-party software. In the case of Galeon,
upstream is doing an incredibly huge and good work at tracking Mozilla
trunk and various releases of the Mozilla or Firefox tarballs, and then
introduce more and more configure tests to deal with the situation.
The result is something like this:
<http://patches.theflowerdays.com/tinderbox/>
Of course, this means Galeon is built for one Mozilla release, and the
runtime package can't be used for other versions.
My personal opinion is that this implies we're dealing with completely
different Galeon and Mozilla binaries in each case; hence I think we
should live with completely versionned Mozilla packages (that is
directories, binaries, and packages are named after the current
release such as mozilla-1.7.5) and third party software are rebuilt
when their upstream is ready to do so. (But I don't want versionned
Galeon/Epiphany/whatever: there would be one single Galeon, that would
need to be rebuilt when it's ready to be rebuilt against a fresher
Mozilla, and when it's useful to do so, such as for security releases.)
Of course my proposal is really a pain to achieve right now, and it
might be difficult to introduces fixes security-wise, but I think it
reflects the current issues with the Mozilla releases:
- they are incompatible, so we need to handle the transitions period
nicely (instead of the current rush of rebuilds when a new mozilla is
uploaded and no one will tell you when)
- software needs to be adapted each time because things are borken, and
different upstreams might need more or less time to do so.
So my proposal is particularly awful package-wise and security-wise,
I'd like to hear about the opinion of other readers on this topic. May
be it only counts if we can stabilize things for each release, but the
transition periods we will suffer from aren't so dramatic as I paint
them?
Bye,
[ I'm subscribed to pkg-mozilla-maintainers, and only that in the
current recipients. ]
--
Loïc Minier <lool@dooz.org>
"Neutral President: I have no strong feelings one way or the other."