[Fedora-packaging] How Fedora is updated/built?

Tue Aug 4 08:59:59 UTC 2009

2009/8/4 Toshio Kuratomi <a.badger at gmail.com>:
> Note: This is probably more of a fedora-devel-list topic.  No way for
> you to know that, just looking in from the outside, though :-)

I must admit I just did a quick look... it's my experience that you
never get it right no matter how hard you try :-p

> On 08/01/2009 09:41 AM, Cristian Morales Vega wrote:
>> Hi,
>>
>> I'm not a Fedora user, but looking at the repositories I saw that you
>> update things like KDE in a regular basis. That's uncommon, distros as
>> Ubuntu, Mandriva or openSUSE just release security updates and fixes
>> for really important bugs (frightened about the possibility of
>> upstream breaking ABI compatibility by error). At the same time I saw
>> some packages not updated... so, which exactly is the Fedora updates
>> policy?
>
> This is up to maintainer discretion.  In some cases individual SIGs
> (Special Interest Groups) manage a specific set of dependent packages.
> (KDE is largely this way).
>
>> What I'm most interested in is knowing if a package built against a
>> base (not updated) Fedora install is guaranteed to work with an
>> updated Fedora system.
>
> No.  It's generally frowned upon to make incompatible updates but it's
> not unheard of.  Many maintainers prefer to go to the latest version
> rather than backporting security fixes which can break compatibility
> (mozilla/xulrunner/firefox is this way, for instance).
>
>> And, when you release an update to the latest
>> version of Amarok, is it built against the original distro/KDE or the
>> updated one?
>
> The updated one.
>
>> If you release an update from KDE 4.2.2 to 4.2.3, a new
>> Amarok package is also released (without changes, only rebuilt against
>> the new KDE)?
>>
> If the libraries are supposed to be compatible and there is not a new
> Amarok package we won't recompile Amarok.
>
>> One cause I ask is because the openSUSE Build Service builds
>> everything against the original, not updated, Fedora. Is this a
>> problem?
>>
> Yes.  Depending on what libraries your package depends on, you could end
> up with a package that does not work on an updated Fedora.
>
> Within Fedora we have three repositories for any given release.  The
> actual release repo has the packages that were available at the time of
> release with whatever QA and other testing that we did at that point.
> The official livecd's, install cds, spins, etc are composed from this
> tree.  Then we have an update repo and an updates-testing repo.  Updated
> packages and new packages generally go to updates-testing and then are
> pushed to updates after a few weeks.
>
> If you're building a third party package it would make the most sense
> from a Fedora user's point of view to act like you're part of the normal
> Fedora update stream -- thus your package should build against and run
> with the package set that's in the updates repository.  However, it's
> harder for you to coordinate this than a package within Fedora as Fedora
> package maintainers can be proactive about checking which packages
> depend on theirs whenever they issue an incompatible update -- they
> can't be proactive about checking which third party packages their
> update will break.

Thanks, that answers all my doubts.

I have asked in the openSUSE Build Service about this, perhaps they
can do something to improve the situation.