Unstable EPEL? (frequent package updates)
Felix Schwarz
felix.schwarz at oss.schwarz.eu
Tue Jul 1 07:23:19 UTC 2008
Hi,
in the past few months there were quite a few packages in EPEL
which got version updates. This has come to a point where I
seriously doubt my understanding of the EPEL policy.
Rahul Sundaram wrote [1]:
"The simple rule: Don't release an update unless absolutely necessary.
This is to avoid regressions."
This was exactly my understanding of how package updates should be
done in EPEL.
But obviously other packagers don't see this policy so strictly - or
maybe I'm just too blind to find important information why all these
updates were absolutely necessary.
One example is shorewall which had several updates in the last months,
always to match the latest upstream version:
http://cvs.fedoraproject.org/viewcvs/rpms/shorewall/EL-5/shorewall.spec?rev=1.48
Thankfully, no update caused trouble for me but I'm a bit sceptical if this
update policy is really healthy for EPEL.
There are other packages, too. I don't want to list every packages and some
updates are really nice. But let's take python-genshi 0.5 which is currently
in testing for EPEL 5 and about to be pushed shortly:
http://cvs.fedoraproject.org/viewcvs/rpms/python-genshi/EL-5/python-genshi.spec
0.5 changed some semantics of py:match and I personally had troubles when
upgrading from 0.4.4 to 0.5. So while most people won't experience any problems,
this is one of the upgrades that can cause pain.
Some other examples:
http://cvs.fedoraproject.org/viewcvs/rpms/python-lxml/EL-5/python-lxml.spec
http://cvs.fedoraproject.org/viewcvs/rpms/python-paste/EL-5/python-paste.spec
I understand that there are packages like Firefox, Wine and clamav which must be
always at the latest version because it makes no sense/its impossible to backport
all the important stuff. But what I don't understand is why all these library
packages are updated so often.
IMHO EPEL should have more control over updates so that every package update gets
a solid reasoning why the package has to updated, if there are known compatibility
issues and so on...
I always thought of EPEL as 'this is an repository where I can pull updates without
too much caution because the guys will really make sure that every package is
necessary'.
</rant>
fs
[1] https://www.redhat.com/archives/epel-devel-list/2008-April/msg00019.html
More information about the epel-devel-list
mailing list