[Fedora-packaging] Reviewing explicit Requires

Michael Schwendt mschwendt at gmail.com
Fri Jan 16 10:41:23 UTC 2009

Hi everyone!

Because of broken dependencies in an update declared as stable, I've run
into package "condor". It's a 20K spec file with a remarkably short review
ticket, and I wondered why it contains the following explicit dependencies?

    Requires: pcre
    Requires: postgresql-libs
    Requires: openssl
    Requires: krb5-libs
    Requires: gsoap
    Requires: mailx

Actually, all of them except for "mailx" are added automatically by
rpmbuild already (as dependencies on SONAMEs):

I've double-checked with the current ReviewGuidelines, and I could not
find a corresponding entry that would make reviewers block such explicit
dependencies. If memory serves correctly, we've had a section
somewhere in the Wiki. Searching further, I've found only


which only says

    RPM has very good capabilities of automatically finding dependencies
    for libraries and eg. Perl modules. In short, don't reinvent the
    wheel, but just let rpm do its job. There is usually no need to
    explicitly list eg. Requires: libX11 when the dependency has already
    been picked up by rpm in the form of depending on libraries in the
    libX11 package.

and which is linked from the review item

  MUST: The package must meet the  Packaging Guidelines .

The phrase "there is usually no need to" is vague without any emphasis
like SHOULD/MUST and no specific entry in the review guidelines.

Does anyone remember where the paragraph has gone, which commented on
the badness of explicit dependencies on package names?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-packaging/attachments/20090116/2dbc0a32/attachment.sig>

More information about the Fedora-packaging mailing list