Zope2 packaging

Jonas Meurer jonas at freesources.org
Fri Jun 24 00:33:53 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey again

Am 21.06.2011 14:02, schrieb Arnaud Fontaine:
>     > Are you ok with me uploading zope2.12 packages within the next two
>     > weeks?
> 
> I can perform a last review later  this week as I'm too busy until then,
> but I think  it could be uploaded before,  no?  BTW, is debian/copyright
> ok?  If not, I can double-check it when reviewing.

Today I worked an Debian Zope2.12 packages. The most important changes are:

- - update to Zope2.12 2.12.18
- - remove zope eggs from Dependencies, include all in the source tarball
- - add python distribute modules to Dependencies, remove from tarball
- - major update and reformating of debian/copyright
- - rework and rename debian/patches/*
- - update lintian overrides
- - add debian/README.source to explain current packaging approach
- - install upstream changelogs to /usr/share/doc/zope2.12/changelogs
- - remove upstream license files from zope eggs in zope2.12 binary
- - remove scripts from EGG-INFO subfolders in zope2.12 binary

In my opinion some issues are left before the zope2.12 packages can be
uploaded to Debian. I would like to hear your comments about that:

1. Please review debian/README.source and enhance where appropriate.

2. What shall we do with the egg-info folders? Are they required to be
installed alongside the modules? Currently every included egg installs a
subdirectoy 'EGG-INFO' into /usr/lib/zope2.12/lib/python/<egg>. To my
knowledge these directories are useless, and should be removed from the
binary package. What do you think?

3. It seems like not all zope dependencies are pushed into the tarball
by Michaels debian/scripts/fetch.py. If I compare the list of
dependencies in versions.cfg and the list of installed dependencies, a
lot are missing even though not listed in DEB_SATISFIED. These are:

buildout.dumppickedversions, jinja2, lxml2, pygments, python-gettext,
roman, sphinx, unittest2, z3c.checkversions, zc.buildout, zc.recipe.egg,
zc.recipe.testrunner, zodbcode, zope.app.apidoc,
zope.app.applicationcontrol, zope.app.authentication, zope.app.broken,
zope.app.cache, zope.app.catalog, zope.app.content, zope.app.dav,
zope.app.dtmlpage, zope.app.error, zope.app.exception, zope.app.file,
zope.app.folder, zope.app.generations, zope.app.http, zope.app.i18n,
zope.app.interface, zope.app.intid, zope.app.locales,
zope.app.localpermission, zope.app.principalannotation,
zope.app.renderer, zope.app.rotterdam, zope.app.security,
zope.app.securitypolicy, zope.app.server, zoper.app.session,
zope.app.traversing, zope.app.undo, zope.app.wsgi, zope.app.zapi,
zope.app.zcmlfiles, zope.app.zopeappgenerations, zope.app.zptpage,
zope.catalog, zope.decorator, zope.documenttemplate, zope.index,
zope.keyreference, zope.modulealias, zope.principalannotation,
zope.principalregistry, zope.securitypolicy, zope.server, zope.thread

Some of them are clearly not required (buildout stuff), and some might
be installed as python modules packages (jinja2, python-gettext, ...),
but I still wonder why they aren't pushed into the tarball by fetch.py
despite not being listed in exclusions. Michael, maybe you have an idea?

4. Generally I'm not sure whether all listed dependency eggs are really
required to be installed inside the zope2.12 binary package (or listed
as dependencies). The python distribute modules for example are used for
setup tasks, and I don't believe that they're required for the zope2.12
application server to run. It's more likely that the zope build system
uses them. Thus it's important to list them in build-depends, but
they're not required in depends.

Do you know a good way to check whether the modules in dependencies are
really used by the application server?

Greetings,
 jonas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOA9toAAoJEFJi5/9JEEn+cSUP/3jv/lG3Y/DYSrqZqe+y/E/z
bPK1UB/BnzeYLzRZTvXyhTiDJNNaWMgbEQHWLC3rXs4kYRT0nnhi5DqKWRBZWPAu
qeZRWyJRR8ScyhU19/B1H3ZkZJmCqUVEzi8+mloPHnmCkwfQFRgq3tkg3sKjfHW0
7vV4csObKiSHffVjOt5nTG0oYu5rS88pmh1I06aA0PF/eCFxJFILv2C946Kq5RW9
yjQPfvEZbJTArWRtv511N2tU+lgnOHazN3HVSFijcimZf96Prpoz1bJD+LmYEJPK
wW0gV3lkeJ6Wmw9zNY3hBl0DlLMPue16hpuZ8ndHO8bfSZxZd7Y1WI40hFlPFnhR
V3oaoh/KWMPMk4cadRjAjacG+yURkSUkTWMl6hQtp86HnJVHnDrtxOWn/nmsrSAI
GgAsZZbsruKOWDff8xJ2ior+grqbm8s+2M2olisn1uQYJ50uaDRfgtwcGvBngtyq
IPXH8nILVk/zrpgbjOZbnWLrlNsZBNw1ih+Xv91xTgaOgba++a5Qnuix5ggkgxgV
hfa/CMOX+HnXAZkKKJantQz352ThePI1i2czJpeNBkYCIfEyHleIitoR77iP3DkP
8W1POIbJbCEia8FXc5bxu0Nw2FZsGtFBaU0dyFT252wndS9eDACzEsd55LMv1JKM
tB0Ts6M28XlKRrr7DvjV
=fFZI
-----END PGP SIGNATURE-----

More information about the pkg-zope-developers mailing list