On Wed, 2013-11-06 at 13:04 -0500, Ian Stakenvicius wrote: > On 06/11/13 12:56 PM, yac wrote: > > On Wed, 06 Nov 2013 16:48:54 +0100 Alexis Ballier > > <aball...@gentoo.org> wrote: > > > >> On Wed, 2013-11-06 at 10:15 -0500, Ian Stakenvicius wrote: > >>> However, it's been a long-standing general practise that if > >>> there are no deps in the tree older than what is necessary for > >>> a package, that package doesn't need to have a minimum version > >>> on the dependency atom. As such, issues similar to this are > >>> probably lying in wait all other the place in the tree. > >> > >> this is a common misconception: ebuilds must have min. deps > >> matching their requirements (exactly because of this problem) > >> > >> it can be fixed on the user side by 'emerge -uDN world' meanwhile > >> but this doesn't mean the ebuild doesn't have a bug, even if > >> minor > >> > >> Alexis. > > > > When I started contributing via sunrise, I've been adding the > > minimal versions of dependencies as declared by upstream but I met > > with very strict enforcement of the policy to not specify minimal > > version if all the ones in current tree satisfies. > > > > Is it documented somewhere or is it just unwritten consensus? > > > > What I see is only Ebuild Policy [1e] which doesn't deal with > > this. > > > > .. [1e] > > http://www.gentoo.org/proj/en/devrel/handbook/handbook.xml?part=2&chap=1 > > > > > I searched as well, and couldn't find anything documented one way or > the other, either. I concluded that it's unwritten consensus. > > That's the main reason I wanted to start this discussion -- to > effectively start documenting it and get dev's all on the same page. > To be honest I think it should be policy or at least a written-down > guideline, that dev's should do this within reason -- if an > older-than-minimum version of something has been in the tree within > the past year. Gone for more than a year should be safe, I expect.
its kind of common sense IMHO but if you want a policy, then go for it :) there shouldn't be any time limit; portage doesnt do -uDN by default and people want this because of the "if it ain't broken don't fix it" motto. with prod servers you want to update portage for EAPI stuff, get security fixes, but not much more; even an "up to date" box can have 5 years gone packages. in short: if a package requires version X then the ebuild should require version X; it can be forgotten but it's a bug.
