From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 29F171382C5 for ; Sun, 4 Mar 2018 11:37:45 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 51ED2E0917; Sun, 4 Mar 2018 11:37:38 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id F35AFE08D3 for ; Sun, 4 Mar 2018 11:37:37 +0000 (UTC) Received: from pomiot (d202-252.icpnet.pl [109.173.202.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mgorny) by smtp.gentoo.org (Postfix) with ESMTPSA id 6187C335C39; Sun, 4 Mar 2018 11:37:36 +0000 (UTC) Message-ID: <1520163453.836.11.camel@gentoo.org> Subject: [gentoo-dev] RFC: Repoman to warn about suspicious =-dependencies From: =?UTF-8?Q?Micha=C5=82_G=C3=B3rny?= To: gentoo-dev Date: Sun, 04 Mar 2018 12:37:33 +0100 Organization: Gentoo Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.24.6 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-Archives-Salt: c305dad3-8a8f-4779-bb94-e20b67f8062a X-Archives-Hash: 3c22af3f46b251800bb3295a740e530f Hi, everyone. I have proposed a new check for repoman [1] (with a patch at [2]) that would warn developers about suspicious '=' deps. By suspicious, I mean dependencies '=foo-1.2.3' which are sometimes mistakenly used instead of '~foo-1.2.3', and cause some degree of mayhem when someone revbumps the package (either by preventing people from upgrading or causing depgraph breakage). The check would trigger whenever '='-class dependency is used without a revision specified and without the '*' suffix. It would suggest to either use '~' operator when any revision is acceptable, or explicitly specify '-r0' (which is equivalent to no revision specified). In other words, repoman would complain at: =dev-foo/bar-1.2.3 but it will be happy if you used: ~dev-foo/bar-1-2.3 =dev-foo/bar-1.2.3-r0 I think this cause the trouble of specifying '-r0' rather rarely, and it will decrease the number of mistakes, also effectively making Gentoo development easier. It is somewhat inspired by the handling of slot operators (where repoman explicitly asks you to use ':*' instead of no operator when the latter would be ambiguous). What do you think? [1]:https://bugs.gentoo.org/649482 [2]:https://archives.gentoo.org/gentoo-portage-dev/message/59acb3995301966102b58fa8ed5bb6a5 -- Best regards, Michał Górny