Relationship to existing 3rd party repos/CentOS/SL?

Jeff Sheltren sheltren at cs.ucsb.edu
Sat Apr 14 14:11:26 UTC 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Apr 14, 2007, at 7:17 AM, Axel Thimm wrote:

> Hi,
>
> the voting/decision on repotags was labeled as being 99% a political
> one, and no one objected against that old statement. Does the outcome
> of EPEL not carrying repotags mean that there is no interest in
> cooperation with 3rd party repos?
>
> I'm not after answers on pseudo-technical details, so consider the
> above question as rhetorical, instead let me rephrase completely
> outside the scope of repotags:
>
> What is EPEL's intended relation to the existing third party repos?
>
>  * Will it jump in the game ignoring that 3rd party repos exist and
>    let Darwinism prevail?
>  * Will it try to work together with these repos? If yes, in what
>    concrete way?
>  * Does EPEL consider itself at the same level as these repos, or does
>    it place itself higher, pushing any compatibility issues to the
>    workload of these repos?
>
> The Fedora/3rd party rift created several years ago is still in the
> healing process, I think everyone agrees in retrospect that it wasn't
> neccessary and we'd be better off not to allow it to happen in the
> first place.
>
> But I see the danger of this history pattern to repeat itself, and
> standing with one feet in a 3rd party repo and another in EPEL I'm in
> conflict with myself right now, so I'd like us to clarify this.
> --  
> Axel.Thimm at ATrpms.net
>

Hi Axel, I'm a bit confused about which statement you are referring  
to in your first sentence, could you please clarify for me?

I'm glad that you brought up this subject directly as I feel it does  
need to be addressed.  In your questions, are you referring to all  
possible "3rd party" repos, or only to a few of the biggest ones - if  
so, which are considered big enough to be considered?

In my opinion it is difficult at best to enable multiple repos on a  
single machine.  Too many variables come into play that could wreak  
havoc on a system.  This is not meant to be a jab at the packages/ 
packagers for these repos, but simply a fact that if they don't work  
with some very strict rules about what is packaged and how it is  
packaged then people can end up with very strange results.  Clearly  
there are circumstances when a package included in multiple repos  
could be upgraded in one at which point a system using the package  
from "repo A" is suddenly upgraded to a package from "repo B" with  
perhaps unintended/bad results.  Repo tags, etc. aside, how is it  
decided which repo can carry which packages?  What if a package that  
"repo A" wants to include has a dependency in "repo B"?  What if the  
maintainer of a "3rd party" repo suddenly looses interest or ability  
to maintain the repo and it goes away?  It seems it would be a full  
time job for a group of people to work out all these possibilities  
and create/enforce rules to try to prevent bad things from happening  
to unknowing users.

Again, this is only my opinion, but I feel that one good solution is  
to merge all these external repos as much as possible much as Fedora  
Extras as done, and EPEL seems to be doing.  "3rd party" repo  
packagers should be encouraged to submit their packages to EPEL so  
that users can easily access a large number of wanted/needed packages  
without having to enable separate repos and worry each time that  
something may conflict, etc.  It seems to me that pushing towards one  
"super repo" ala EPEL ends up with much less overhead and work than  
trying to make a lot of rules, etc. for all the repos to follow (and  
argue about).  I don't think this means that "3rd party" repos are  
any less important, but perhaps they should be used more for  
specialized packages and things that Fedora/RedHat is not legally  
willing/able to provide.  This does not mean I'm saying EPEL is "on a  
higher level", but I think that there needs to be one central repo  
which can provide the majority of packages that people want to install.

Axel, I would also be interested to know what your thoughts are on  
the questions you posed to the list.  How would you like to see EPEL  
and other repos interact (if at all)?

- -Jeff

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFGIOEOKe7MLJjUbNMRAjziAJ9EeFyeBxUXNnfuEK0KAR0tjBupXQCgm6t4
8mtvOaTH9PTTLeZOlUoEDOU=
=ugR4
-----END PGP SIGNATURE-----

More information about the epel-devel-list mailing list