Breaking deps deliberately

Josh Boyer jwboyer at
Wed May 13 13:52:09 UTC 2009

On Wed, May 13, 2009 at 03:02:15PM +0200, drago01 wrote:
>On Wed, May 13, 2009 at 2:33 PM, Seth Vidal <skvidal at> wrote:
>> On Wed, 13 May 2009, Michael Schwendt wrote:
>>> Is it permitted to deliberately break deps in stable updates?
>>> To me it sounds as if I'm in the wrong movie. :(
>> +1.
>> Creating broken deps when you know they won't be corrected should not be
>> allowed.
>One more reason why we need depchecking before pushing updates.

Not that I disagree, but let me elaborate on what that would entail.

1) All the stuff that already happens today for updates.  This takes roughly
   an hour or so to get the set of updates signed and the push started.  The
   push itself takes roughly 7-8 hours with f9,f10,f11 testing and stable.
   I'm already pushing updates almost 5 days a week, so doing it more
   frequently isn't going to help much.  Particularly when there are typically
   between 70-150 pending updates every day.  The mash time only grows as the
   repos grow larger from new packages.

2) In addition to 1 above, we'd now have to run a depcheck on the resulting
   repos.  If it finds no problems, great!  Continue with the push.  If it
   has dependency issues, fail.  Take the packages that have dep errors, and
   automatically revoke those update requests in bodhi.  The start over again.

   Except it's not that easy.  Because in order to mash the repos, we need the
   packages to move tags in koji.  So now we have to roll back those tag
   operations too.  And we also have to trim those packages out of the push
   list.  The bodhi state machine cannot cope with any of this today.

   I don't believe dep checking can be done on update submission (at least
   not easily), because in order to do that we need a repo to run it against
   and the update might be relying on other pending updates that aren't in the
   repos yet.  The way to get them in the repo is to mash it...

   (Doing test/throw-away mash->dep checks would just be sort of silly due to
    the time it takes and the ever fluctuating pending updates list).

3) We would need some significant code changes to bodhi and possibly mash to
   get all of that.  That code is thoroughly understood by exactly 1 person.
   Another person (me) is trying to grok it in his spare time, but it's rather
   involved and the bodhi setup on the infrastructure machines is a bit
   convoluted.  Having people jump in to help would be awesome, but it is not
   a trivial task.

So it's easy to say "we should dep check before pushing".  And I'll even agree
we should.  However, in reality there is a _lot_ of work that needs to be done
to make that even remotely possible.

I'm certainly open to other suggestions on how to accomplish this.  I would
love if someone would tell me how stupid I am and how it can be done more
easily.  However, I am growing slightly tired of people saying we should 'do it'
(or worse, ranting about it) without having a clue on what needs to be done
to actually do it or even volunteering to help.  Hopefully those that want to
see this happen will read over the strawman above and put some collective
brain/muscle power behind it.


More information about the fedora-devel-list mailing list