This post is going to be long so sit tight. First, I will lay down some history, then explain some of the design desicions that had to be made when writing Source Package Manager and finally I’m going to write about one pitfail and how it was solved.
Source Package Manager started as a project to take the best of some of the package maagers out there and improving on that where possible. The idea behind it is that building software should be easy and efficient. So, the SRCBUILD format was made up that holds everything needed for particular software to be build in a single file. It has all of the information needed – sources (tarballs, patches, configs, etc.), pre-defined static dependencies (runtime, build and check), intructions how to build and install the software and what to do when the software is installed, upgraded or removed. The format is Bash, so most of the advanced users out there can write a SRCBUILD in no time without the requirement to learn a new set of skills.
So, as the name entitles it – Source Package Manager was never ment to be a binary package manager. Yet, the feature was requested so many times that something had to be done thus nowdays it has a binary mode – and used to sucks! Why? Because it used the dependencies (depends array) from the respective SRCBUILD to resolve them. And to demonstrate the difference here are the dependencies defined in the SRCBUILD for libreoffice:
boost clucene cairo curl expat graphite harfbuzz icu libjpeg-turbo lcms2 libpng libxml2 mesalib neon nss unixodbc openldap openssl poppler redland zlib gst-plugins-base npapi-sdk zip busybox perl-archive-zip
NOTE: for reference see http://www.entropy-linux.com/wports/web/libreoffice.html
And here are the actual dependencies which SPM detected and has set for it after installation with those detected in bold:
boost clucene cairo curl expat graphite harfbuzz icu libjpeg-turbo lcms2 libpng libxml2 mesalib neon nss unixodbc openldap openssl poppler redland zlib gst-plugins-base npapi-sdk zip busybox perl-archive-zip gcc glibc libxslt raptor xorg-libraries python bzip2 gstreamer glib dbus glu nspr cups fontconfig freetype2 kdelibs qt4
NOTE: for reference see /var/local/spm/libreoffice/metadata if you have libreoffice installed
Now, those dependencies are something that the binary mode did not know of and could lead to faulty software installation because SPM did not pull them and libreoffice would have missing runtime dependencies if one decides to install libreoffice on minimal setup where those are not pre-installed. But here is another thing – explicit runtime dependencies are bad! What I mean by that is that packagers/porters should rarely define them in the depends array of their SRCBUILDs because that’s what SPM was made for – to detect them – and it does that for the most part with some exceptions like Python modules because there are a lot of quircks (try importing .pyc file) to handle with different interpreted languages so SPM does not do that (yet?).
So, to avoid forcing packagers specifying the runtime dependencies only for the binary mode a solution I came up recently – let SPM create .depends file for use with the binary mode. An acompaning .depends file will be create for every software tarball created by spm source -a , spm-tools upload will upload the file and finally spm binary will fetch the file (if neccessary) to read it and resolve the dependencies for the binary tarball. That way, clean SRCBUILDs can be used letting SPM do its thing.
With this change, which is not yet part of a stable release but is pending, the binary mode will be much more robust making SPM closer to what a state of completeness. The only major thing left to fix now is the removal of target that is not in any repository (not a remote) but is installed on the system (local) which can happen when a port gets removed from a repository.