Removes overbroad use of -f to override the
depending-packages-have-satisfied-dependencies check, replacing with
the narrow override of -D.
Discussed on tech-pkg@.
OK pkgsrc-pmc@.
course a too-large hammer, but in addition to overriding checks it
appears to change behavior in some cases when no overrides are
necessary. Therefore, use pkg_add -U as before first, and only try -f
if that fails. (This is temporary and should be replaced by -D to
omit only the exact depends check as soon as that's in tree.)
"make replace" is defined to replace a package with a newer version,
and update depdending packages to depend on the new version. It has
long been understood that this is not always safe, with the responses
being "tell people to be careful" and the unsafe_depends variable
scheme and pkg_rolling-replace. In the DESTDIR case, make replace is
implemented by pkg_add -U. Usually, this is fine - even if the
ABI/shlib majors have changed, the package is replaced, and then a
later make replace of unsafe_depends=YES packages, either manually or
via pkg_rolling-replace, will bring the system to where it should be.
However, there are pinned dependencies on osabi where the depending
package will not accept the new version, and that causes pkg_add -U to
fail. This is incorrect, as a) those packages don't depend on the
osabi exact version any more than packages depending on jpeg depeend
on the particular shlib major, yet jpeg dependencies aren't pinned.
And, osabi changing version is not necessarily an ABI change -
consider 5.0_STABLE just before 5.1RC1 and just after, where only the
version string changed.
Therefore, add -f to pkg_add -U so that the update will succeed.
These will be available from pkg_summary(5) database.
To be used to find previous packages when a package is moved
or renamed. (Even though that is not recommended.)
Documented in pkgsrc Guide and in the pkg_summary(5) manual page.
Upcoming commit will have some packages modified to add them.
For the dependency chain A->B->B the old code created:
_PKGSRC_DEPS=", B-1.0, A-1.0", which obviously can't match the PKGNAME
of B.
Skip the _flavor-bootstrap-depends processing if PKG_FAIL_REASON is
already set and move the check for circular dependencies right after the
block that defines PKGNAME and friends.
You must *not* use "test ... && ..." when you use "set -e". Because if the
first expression fails your shell script will abort.
This should fix problem with NetBSD-current's (correctly behaving)
"/bin/sh" report on current-users by David Holland and Kurt Schreiner.
phase pkg_install-depends before bootstrap-depends that just tries to
install a new pkg_install if the current version is too old. Still
keep it as bootstrap dependency for the bulk build code.
For NetBSD, PKG_TOOLS_BIN has to be computed in shell code due to a make
bug.
OK: jlam@
in bsd.buildlink3.mk was broken with pkg_install-20080309 was it
returned a relative path. It would have failed before e.g. with symbolic
links in the path. pkg_info -E is simpler and was added exactly for this
purpose. Fixes PR 38213 and PR 38211.
name which isn't correct, and the "Value of SrcDir" that is used is not
important to any pkgsrc user. Instead, let the pkgsrc infrastructure
print the package name.
possible to create the package file using a temporary file first, and if
everything has succeeded, to rename it to the real name. This time, I
tested it creating various binary packages and installing them
afterwards, so I'm pretty sure it works now.
it had severe consequences: pkg_create gets lots of information from the
filename into which the package is written. The extension decides what
compression to apply, and the basename gets recorded as the @name. This
part needs more work.
Noticed by stoned@.
everything went well, rename it to the real name. That way, it is less
likely that broken binary packages are created. It is a common
assumption that binary package files, if they exist, are usable.
An example for a broken binary package is security/sudo-1.6.9p10, in
which sbin/visudo wasn't readable when creating the package as an
unprivileged user.
* Add DOWNLOAD_VULN_LIST var
* Get AUDIT_PACKAGES and DOWNLOAD_VULN_LIST to point to the right binaries
taking into consideration OPSYS and pkg_install version
* Replace all references to audit-packages and download-vulnerability-list
with AUDIT_PACKAGES and DOWNLOAD_VULN_LIST
