Bug#812465: Please do not be so restrictive with versions of urllib3
On 01/24/2016 01:32 PM, Ian Cordasco wrote: > Hi Thomas, > > Requests has a policy of only supporting one version of urllib3. As > such, Debian attempting to be less restrictive will result in Debian > having to carry patches for those versions of urllib3 which Requests > will not support. The Requests project has already made accommodations > with Debian and Fedora to only use versions of urllib3 that have been > released. > > If you'd like to develop patches to make backporting requests without > backporting the necessary version of urllib3, that's fine. I don't > think there should be a policy of carrying unnecessary unsupported > patches that will likely cause more bug reports than not. > > Cheers, > Ian Ian, Just to make sure you got it, if we write: Depends: python-urllib3 (>= 1.13.1-1~), python-urllib3 (<< 1.13.2) it means that effectively, only version 1.13.1 will be installed. Anything higher or lower will not be accepted. So my proposal doesn't break your rule, it just allows to use multiple debian revision, and allows backporting to previous Debian (or Ubuntu) releases. By the way, what I wrote wasn't perfect, we could/should even write: Depends: python-urllib3 (>= 1.13.1), python-urllib3 (<< 1.13.2) and we shouldn't even care about the Debian part of the version. Cheers, Thomas Goirand (zigo)
Bug#812465: Please do not be so restrictive with versions of urllib3
On Sunday, January 24, 2016 12:13:38 PM Daniele Tricoli wrote: > So, an upload of urllib3 1.13.1-2 (note the Debian revision bump) > will be fine. Right now it's not. It's better I clarify more: s/will be fine/will not need a new upload of requests/. -- Daniele Tricoli 'eriol' https://mornie.org signature.asc Description: This is a digitally signed message part.
Bug#812465: Please do not be so restrictive with versions of urllib3
Hello all, On Sunday, January 24, 2016 12:28:37 PM Thomas Goirand wrote: > python-requests (build-)dependencies on urllib3 are too restrictive, in a > way which doesn't allow backporting without tweaking (build-)dependencies. Yes I realized that myself, but James Page already reported this issue on #809485. It was not fixed before only because James did not need the fix immediately. I consider this new report as a increased priority so I'm merging this bug with the original one and fixing this now. :) @Ian: Thomas and Brian are right saying I was to restrictive, I realized that myself (see #809485), this change will allow to have a strict versioned dependency between requests and urllib3 upstream version leaving out Debian revisions. So, an upload of urllib3 1.13.1-2 (note the Debian revision bump) will be fine. Right now it's not. As I said in #809485 it was not fixed immediately because it was not so urgent at that time. Regards, -- Daniele Tricoli 'eriol' https://mornie.org signature.asc Description: This is a digitally signed message part.
Bug#812465: [Python-modules-team] Bug#812465: Please do not be so restrictive with versions of urllib3
Ian Cordascowrites: > If you'd like to develop patches to make backporting requests without > backporting the necessary version of urllib3, that's fine. I don't > think there should be a policy of carrying unnecessary unsupported > patches that will likely cause more bug reports than not. To expand on my previous email, the backports version would be 1.13.1-1~bpo8+1 However debian/control specifies python-urllib3 (= 1.13.1-1); this will not allow the backported version to work. Changing this in debian/control as suggested has no impact on the upstream policy, nor does it require maintaing patches. -- Brian May
Bug#812465: [Python-modules-team] Bug#812465: Please do not be so restrictive with versions of urllib3
On Jan 23, 2016 11:54 PM, "Brian May"wrote: > > Ian Cordasco writes: > > > If you'd like to develop patches to make backporting requests without > > backporting the necessary version of urllib3, that's fine. I don't > > think there should be a policy of carrying unnecessary unsupported > > patches that will likely cause more bug reports than not. > > You do realize this isn't a upstream change that is being proprosed, > just a small change to debian/control that will not have any impact for > unstable, testing or stable? Requests integrates tightly with urllib3. Trying to use an older version of the dependency (or a newer version) can wreak havoc. Try using requests 2.2.1 and urllib3 1.10 or 1.11. The right constraint is necessary to prevent Debian from needing to carry patches for compatibility. Upstream will not support anything for users that violates the existing restrictions.
Bug#812465: [Python-modules-team] Bug#812465: Bug#812465: Please do not be so restrictive with versions of urllib3
Ian Cordascowrites: > Requests integrates tightly with urllib3. Trying to use an older version of > the dependency (or a newer version) can wreak havoc. Try using requests > 2.2.1 and urllib3 1.10 or 1.11. The right constraint is necessary to > prevent Debian from needing to carry patches for compatibility. Upstream > will not support anything for users that violates the existing restrictions. Better read that request again. There was nothing I saw about using it with an older upstream version of urllib3. -- Brian May
Bug#812465: Please do not be so restrictive with versions of urllib3
Package: python-requests Version: 2.9.1-1 Severity: normal Hi there, python-requests (build-)dependencies on urllib3 are too restrictive, in a way which doesn't allow backporting without tweaking (build-)dependencies. Instead of writing something like this: python-urllib3 (= 1.13.1-1) please write something like this: python-urllib3 (>= 1.13.1-1~), python-urllib3 (<< 1.13.2) so that we don't need to "fix" the dependencies when doing a backport. Please note that the fact requests is already maintained or not within the official Jessie backports isn't relevant. Here, I needed to do backports to Trusty, and one may want to backport to another derivative of Debian. Cheers, Thomas Goirand (zigo)
Bug#812465: Please do not be so restrictive with versions of urllib3
Hi Thomas, Requests has a policy of only supporting one version of urllib3. As such, Debian attempting to be less restrictive will result in Debian having to carry patches for those versions of urllib3 which Requests will not support. The Requests project has already made accommodations with Debian and Fedora to only use versions of urllib3 that have been released. If you'd like to develop patches to make backporting requests without backporting the necessary version of urllib3, that's fine. I don't think there should be a policy of carrying unnecessary unsupported patches that will likely cause more bug reports than not. Cheers, Ian
Bug#812465: [Python-modules-team] Bug#812465: Please do not be so restrictive with versions of urllib3
Ian Cordascowrites: > If you'd like to develop patches to make backporting requests without > backporting the necessary version of urllib3, that's fine. I don't > think there should be a policy of carrying unnecessary unsupported > patches that will likely cause more bug reports than not. You do realize this isn't a upstream change that is being proprosed, just a small change to debian/control that will not have any impact for unstable, testing or stable? -- Brian May