Re: [HEADS UP] No more gnupg2 in buildroot
>> > > On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote: >> > > > On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko >> > > >wrote: >> > > > > -BEGIN PGP SIGNED MESSAGE- >> > > > > Hash: SHA256 >> > > > > >> > > > > Hey, >> > > > > >> > > > > today I've split⁰ librpmsign from rpm-build-libs into its own >> > > > > subpackage >> > > > > rpm- >> > > > > sign-libs. >> > > > >> > > > Does this mean that the python bindings no longer depend on >> > > > rpm-build-libs and hence won't be pulled for a standard minimal >> > > > install and similar artifacts anymore? >> > > >> > > Nope, it means that python bindings will depend *also* on >> > > rpm-sign-libs >> > > >> > > Since bindings are monolitic, it's not possible to split them easily. >> > >> > Actually you could split out build- and sign-bindings (together or >> > separately) from the main python bindings package. "import rpm" >> > intentionally lets the build- and sign-module imports to fail to allow >> > this so as long as the "submodules" depend on the main bindings it >> > should be ok. >> >> Oh and BTW, the reason this hasn't been done is basically the same the >> sign-libs hadn't been split up: in the past when I last looked at the >> situation, there just was no benefit to doing so. Back then fedpkg was >> present in buildroots, and yum + yum-utils used to be included in core >> set (quite possibly "minimal" install as you know it today didn't even >> exist), and yum itself dragged in a whole pile of gpg-related packages. > > This probably still doesn't make much sense, dnf pulls in python3-rpm and > python3-gpg. In the end, both are pulling in gnupg2. It might not to you, or from a pure programming/package sense, but it would for people doing audit for large companies that come back with questions like "why is this here? We need to audit all of this to assess impact" it does make sense. Please fix it. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: [HEADS UP] No more gnupg2 in buildroot
On 02/21/2018 10:47 AM, Igor Gnatenko wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, 2018-02-21 at 10:24 +0200, Panu Matilainen wrote: On 02/21/2018 10:12 AM, Panu Matilainen wrote: On 02/20/2018 10:15 PM, Igor Gnatenko wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote: On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenkowrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hey, today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm- sign-libs. Does this mean that the python bindings no longer depend on rpm-build-libs and hence won't be pulled for a standard minimal install and similar artifacts anymore? Nope, it means that python bindings will depend *also* on rpm-sign-libs Since bindings are monolitic, it's not possible to split them easily. Actually you could split out build- and sign-bindings (together or separately) from the main python bindings package. "import rpm" intentionally lets the build- and sign-module imports to fail to allow this so as long as the "submodules" depend on the main bindings it should be ok. Oh and BTW, the reason this hasn't been done is basically the same the sign-libs hadn't been split up: in the past when I last looked at the situation, there just was no benefit to doing so. Back then fedpkg was present in buildroots, and yum + yum-utils used to be included in core set (quite possibly "minimal" install as you know it today didn't even exist), and yum itself dragged in a whole pile of gpg-related packages. This probably still doesn't make much sense, dnf pulls in python3-rpm and python3-gpg. In the end, both are pulling in gnupg2. What about the minidnf thingie, does it pull gnupg2 in as well? The other thing is the build-side dependencies: elfutils-libs and file-libs. They're by no means big, but if you're going for the absolutely bare minimum (container or otherwise) images... - Panu - ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: [HEADS UP] No more gnupg2 in buildroot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Wed, 2018-02-21 at 10:24 +0200, Panu Matilainen wrote: > On 02/21/2018 10:12 AM, Panu Matilainen wrote: > > On 02/20/2018 10:15 PM, Igor Gnatenko wrote: > > > -BEGIN PGP SIGNED MESSAGE- > > > Hash: SHA256 > > > > > > On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote: > > > > On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko > > > >wrote: > > > > > -BEGIN PGP SIGNED MESSAGE- > > > > > Hash: SHA256 > > > > > > > > > > Hey, > > > > > > > > > > today I've split⁰ librpmsign from rpm-build-libs into its own > > > > > subpackage > > > > > rpm- > > > > > sign-libs. > > > > > > > > Does this mean that the python bindings no longer depend on > > > > rpm-build-libs and hence won't be pulled for a standard minimal > > > > install and similar artifacts anymore? > > > > > > Nope, it means that python bindings will depend *also* on > > > rpm-sign-libs > > > > > > Since bindings are monolitic, it's not possible to split them easily. > > > > Actually you could split out build- and sign-bindings (together or > > separately) from the main python bindings package. "import rpm" > > intentionally lets the build- and sign-module imports to fail to allow > > this so as long as the "submodules" depend on the main bindings it > > should be ok. > > Oh and BTW, the reason this hasn't been done is basically the same the > sign-libs hadn't been split up: in the past when I last looked at the > situation, there just was no benefit to doing so. Back then fedpkg was > present in buildroots, and yum + yum-utils used to be included in core > set (quite possibly "minimal" install as you know it today didn't even > exist), and yum itself dragged in a whole pile of gpg-related packages. This probably still doesn't make much sense, dnf pulls in python3-rpm and python3-gpg. In the end, both are pulling in gnupg2. - -- - -Igor Gnatenko -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqNMhYACgkQaVcUvRu8 X0zsDQ/8CQoCohJHeh7kIe0/++LBpYF8unBYc+176LirKAs3uJUjEp80aUlljiYp HDJEkkIszQn1os3zJWv5PdsU3EBS5y0Uj1+hQBVkthEFfe5NEC/qXvw8OG+goshE 42qZJBI16lqOy5ORLq0fLDKDarEnAUYyDp8Tykjww+YBPVQr/2zQh3Ec7k+WmXmO a/j5lIrGYXCISeNzeZ0C+T0SFyIX/whYiPI73sKlGhdkMEirEspFk5GQlEmblSUu PPElBV+EXmaF2hwGJMNuq+WOaR6wbxz7U5WwvtXS5OXBM3+GA4Y70G2lXMT+xefv FPwrQk71EN/XTevTVep8wf9zdzGOjdtCbO4JTImcFGiOc2lWzh4HNja9de2c9u+s RMHn1xoPBw3krVZtUMyLFXiSus/BlKLtxuU/tP0Os1Zb9cbLx2+xt7uGBwHG/4tI dYkLrJSw++G+TiFzk8lX6CCOcZMZ6uedAMPA4vgpIcRxYyJvrmrnOf7ninOPyaNu AttWHW8H00//vEHiDa9RotC45/p+G6pSx4M+rGgcBGQpImIaygTSDXyNs/B0u30d JyhuAE9oZlMYucJW8XkhhiorqJR0p4l68EZgaJwxrv2zC5wjW/FW4RnwrNtKdxsF QSjV9RfqxnMmushzcz8XoQS1QQhzjFjV9K3cbyMC2wQ9vvRyoZ8= =o6lZ -END PGP SIGNATURE- ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: [HEADS UP] No more gnupg2 in buildroot
On 02/21/2018 10:12 AM, Panu Matilainen wrote: On 02/20/2018 10:15 PM, Igor Gnatenko wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote: On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenkowrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hey, today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm- sign-libs. Does this mean that the python bindings no longer depend on rpm-build-libs and hence won't be pulled for a standard minimal install and similar artifacts anymore? Nope, it means that python bindings will depend *also* on rpm-sign-libs Since bindings are monolitic, it's not possible to split them easily. Actually you could split out build- and sign-bindings (together or separately) from the main python bindings package. "import rpm" intentionally lets the build- and sign-module imports to fail to allow this so as long as the "submodules" depend on the main bindings it should be ok. Oh and BTW, the reason this hasn't been done is basically the same the sign-libs hadn't been split up: in the past when I last looked at the situation, there just was no benefit to doing so. Back then fedpkg was present in buildroots, and yum + yum-utils used to be included in core set (quite possibly "minimal" install as you know it today didn't even exist), and yum itself dragged in a whole pile of gpg-related packages. - Panu - ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: [HEADS UP] No more gnupg2 in buildroot
On 02/20/2018 10:15 PM, Igor Gnatenko wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote: On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenkowrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hey, today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm- sign-libs. Does this mean that the python bindings no longer depend on rpm-build-libs and hence won't be pulled for a standard minimal install and similar artifacts anymore? Nope, it means that python bindings will depend *also* on rpm-sign-libs Since bindings are monolitic, it's not possible to split them easily. Actually you could split out build- and sign-bindings (together or separately) from the main python bindings package. "import rpm" intentionally lets the build- and sign-module imports to fail to allow this so as long as the "submodules" depend on the main bindings it should be ok. - Panu - ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: [HEADS UP] No more gnupg2 in buildroot
On 20 February 2018 at 13:11, Igor Gnatenkowrote: [..] > today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm- > sign-libs. [root@tin ~]# rpm -e rpm-build-libs error: Failed dependencies: librpmbuild.so.8()(64bit) is needed by (installed) python3-rpm-4.14.1-6.fc28.1.x86_64 librpmsign.so.8()(64bit) is needed by (installed) python3-rpm-4.14.1-6.fc28.1.x86_64 [root@tin ~]# rpm -e rpm-build-libs python3-rpm error: Failed dependencies: python3-rpm >= 4.13.0-0.rc1.29 is needed by (installed) python3-dnf-2.7.5-8.fc28.noarch [root@tin ~]# rpm -e rpm-build-libs python3-rpm python3-dnf error: Failed dependencies: python3-dnf >= 2.7.0 is needed by (installed) python3-dnf-plugins-core-2.1.5-4.fc28.noarch python3-dnf < 3.0 is needed by (installed) python3-dnf-plugins-core-2.1.5-4.fc28.noarch python3-dnf = 2.7.5-8.fc28 is needed by (installed) dnf-2.7.5-8.fc28.noarch I'm only pointing to the fact that now package which name suggests that it has something to do with the building packages is required by @Core On top above now both (rpm-build-libs and rpm-sign-libs) still are required by the minimal set of packages. In other words, this and prev change introduces negative simplification factor. Maybe it would be good to review the content of the python3-rpm .. *maybe*. kloczek -- Tomasz Kłoczko | LinkedIn: http://lnkd.in/FXPWxH ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: [HEADS UP] No more gnupg2 in buildroot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote: > On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko >wrote: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA256 > > > > Hey, > > > > today I've split⁰ librpmsign from rpm-build-libs into its own subpackage > > rpm- > > sign-libs. > > Does this mean that the python bindings no longer depend on > rpm-build-libs and hence won't be pulled for a standard minimal > install and similar artifacts anymore? Nope, it means that python bindings will depend *also* on rpm-sign-libs Since bindings are monolitic, it's not possible to split them easily. - -- - -Igor Gnatenko -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqMgdAACgkQaVcUvRu8 X0wE4A//dtpjcv0oNDygoZjZvhWmyL+61Y1OmkuwjRxcMKccDNQ4XurA6pPogM8u Ph2jAUsjEk7wmDKzrq/CcLnBhF4JCTHFQO5A57cRXhw8+Ztr9osDDP0boqbp6l/c W0I2+PSfTHwIu80rfuL7Pb2HxM7Rfof2an64l75X16bZn3IYTJ8i+QznrePur60+ njPP6u6lHEA5e+mTHd1UyIR+eaxra1/72QSzMLKUWlE3THr68qSWI7Z2CjN3ybzS Kfq3jk2lSY16aEpsJF6MNSfZukCnra6cxE3qKrYPPjzRyYy0b6wil2ncrbWHjv2Q Na+/BkKwakQJtWLHnFb+pdzdzcCojVb/Edp1I5HK4jVsvQnBm+bCrK4h7+oMkj5A TuKaaStVENT3Gv3Dz2MeOpgEeIYq0mdH3YHgVCqrOpiu+AtS28tkcXj8QIb6nyRz MbaUsrWtpXq35LXaCgLBFOqBNIgA0l/POPOqJln9wjRylUF0J+H6S4b02/KDaUnq FJ+LngmhT7KMaOjXutYytPDOUnysIAiOoYYqS9hlWXPzBjT4LdOPwNb+bNLZq3rQ z7yeQw8yKhekeosgH8uWL54tJLhCCFKimxoEEQlI8oEJBqSPO9hC55jBoESsMN57 tu0DIDp0x5SP/4pPp8dhLFPwXOjdKrNJi1cjR6wsXawIz9E+/hM= =o5FQ -END PGP SIGNATURE- ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Re: [HEADS UP] No more gnupg2 in buildroot
On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenkowrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Hey, > > today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm- > sign-libs. Does this mean that the python bindings no longer depend on rpm-build-libs and hence won't be pulled for a standard minimal install and similar artifacts anymore? ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
[HEADS UP] No more gnupg2 in buildroot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hey, today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm- sign-libs. This resulted into 8 packages disappearing from buildroot¹². This should not be a problem, but still useful to know. ⁰ https://src.fedoraproject.org/rpms/rpm/c/99d6687a36647cb307b789d19921a34154e9 c671 ¹ gnupg2, gnutls, ima-evm-utils, libassuan, libksba, libusbx, nettle, npth ² 171 → 163 packages - -- - -Igor Gnatenko -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqMHnsACgkQaVcUvRu8 X0wmUhAAtx5N4EQ+ulMHDkWyi1p96RGojp0H0xMudlai54sJOU/0FvNe8y0e0o6H ZERhdDKDgl7KtNEhSS/KsL+8Siog2PCSDv3SbwGrfeqegCRz/qOq4gqPsdLdkgCu dNtUNpvVIBwrTcNSU7igVnlnz5b9Su3TcCBunca3vCEEU5MKtEWQTYqFIjxOAjBX NGkuvmoY3hj07IP9Vh0q0VNyHCBfsXmVHruN9b8VFZx9IcEJ2OguQ6cFVzoeyeeI p4dlKza3znXeS53GtDA7WMGBEl/EI8Czh2/5JXgBZrshshfCY84pa2kZo0igC/3m lAbTCvGtqt8V4HW2RPttQsEtvTrRseuXWRXvNIcrXXiTaB6XyRaf58tY3jWerK5k 3KlDyMSNvD6neSrk7ujykX5Wh4qQAvmvSrjEeYAPpwIoBh1uAH1yKQJ1THPSxwff 9u/kU7bnGfJOIMAi0AQR3jNBxFVWZzEZisA/k6M5RwKLdb+Lvcxpz39wTSzqd0SE 0dMP5VWZ50P9JGh+xmWPtYWId7qzbYsXxzLBTwtbDZNfoUGxawF8jsxLN35tsgw9 Mojw9R34uq1ytPYcg6tIX2tryDW2oBm9AhKPC6+WKCjJeQIZze1YzL+cdFsd0aba 9+smUVTWBRaXI6CL9luXkjSG4jzu7C2Fb7Fvb4/PZ0bM0ZtNhUk= =wlgf -END PGP SIGNATURE- ___ devel-announce mailing list -- devel-annou...@lists.fedoraproject.org To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
[HEADS UP] No more gnupg2 in buildroot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hey, today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm- sign-libs. This resulted into 8 packages disappearing from buildroot¹². This should not be a problem, but still useful to know. ⁰ https://src.fedoraproject.org/rpms/rpm/c/99d6687a36647cb307b789d19921a34154e9 c671 ¹ gnupg2, gnutls, ima-evm-utils, libassuan, libksba, libusbx, nettle, npth ² 171 → 163 packages - -- - -Igor Gnatenko -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqMHnsACgkQaVcUvRu8 X0wmUhAAtx5N4EQ+ulMHDkWyi1p96RGojp0H0xMudlai54sJOU/0FvNe8y0e0o6H ZERhdDKDgl7KtNEhSS/KsL+8Siog2PCSDv3SbwGrfeqegCRz/qOq4gqPsdLdkgCu dNtUNpvVIBwrTcNSU7igVnlnz5b9Su3TcCBunca3vCEEU5MKtEWQTYqFIjxOAjBX NGkuvmoY3hj07IP9Vh0q0VNyHCBfsXmVHruN9b8VFZx9IcEJ2OguQ6cFVzoeyeeI p4dlKza3znXeS53GtDA7WMGBEl/EI8Czh2/5JXgBZrshshfCY84pa2kZo0igC/3m lAbTCvGtqt8V4HW2RPttQsEtvTrRseuXWRXvNIcrXXiTaB6XyRaf58tY3jWerK5k 3KlDyMSNvD6neSrk7ujykX5Wh4qQAvmvSrjEeYAPpwIoBh1uAH1yKQJ1THPSxwff 9u/kU7bnGfJOIMAi0AQR3jNBxFVWZzEZisA/k6M5RwKLdb+Lvcxpz39wTSzqd0SE 0dMP5VWZ50P9JGh+xmWPtYWId7qzbYsXxzLBTwtbDZNfoUGxawF8jsxLN35tsgw9 Mojw9R34uq1ytPYcg6tIX2tryDW2oBm9AhKPC6+WKCjJeQIZze1YzL+cdFsd0aba 9+smUVTWBRaXI6CL9luXkjSG4jzu7C2Fb7Fvb4/PZ0bM0ZtNhUk= =wlgf -END PGP SIGNATURE- ___ devel-announce mailing list -- devel-announce@lists.fedoraproject.org To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org