[ros-release] Is there a reason why dependencies get broken so often with ROS packages?

Sat May 24 16:09:56 UTC 2014

On Fri, May 23, 2014 at 3:56 PM, Tully Foote <tfoote at osrfoundation.org>wrote:

>
> On Fri, May 23, 2014 at 12:41 PM, Jonathan Bohren <
> jonathan.bohren at gmail.com> wrote:
>
>>
>> On Fri, May 23, 2014 at 3:30 PM, Tully Foote <tfoote at osrfoundation.org>wrote:
>>
>>> Can you clarify a little bit more about what you mean about conflicting
>>> dependencies? The only known issues have been related to upstream debian
>>> packages we depend upon which have changed.
>>>
>> This has been mostly with students who aren't too familiar with the way
>> debian package dependencies work. They try to install a new package after
>> not upgrading for a while, and they get errors about broken package
>> dependencies.
>>
>
> If you fail to update before you try to upgrade or install new packages,
> that behavior is inherent to the apt system. The problem is that if your
> database is out of date it will refer to old files in the repository. If
> nothing has been released everything will work.  Assuming you try to
> install foo which depends on bar, neither of which have been installed, if
> either foo or bar have been released since you apt-get updated, apt will
> fail. And if only bar has been updated it will fail to fetch it from the
> old url and say the very generic failure message  along the lines of "bar
> requested but is not going to be installed"
>
> For ROS this is more noteable than Ubuntu or Debian as we have a lot of
> patch releases made by maintainers. The chance that any Ubuntu package has
> been updated in a given month is close to zero. For a ROS package it's very
> much non-zero thanks to our very responsive maintainers!
>
>
>>  Also if you are on shadow-fixed this is possible as we sometimes roll
>>> back releases in that repo.
>>>
>> Nope, this has been with the standard public repos.
>>
>>> And as Mike mentioned dist-upgrade is required if there are new
>>> dependencies added.
>>>
>>> I don't know of anything in the ROS release system itself has nothing
>>> inherently causing conflicts except that it's very active with a large user
>>> base making many releases.
>>>
>> One problem I have observed with ROS packages is that Ubuntu maintainers
are fairly careful to document their version dependencies, conflicts and
replaces with respect to other packages.

Most ROS maintainers (including me) do not make good use of the
``version_gte`` attribute. That means that down-level systems frequently
end up using out-of-date dependencies, which no longer work. The
dist-upgrade command helps mask this problem.

And, we hardly ever make use of the <replaces> tag when a package gets
renamed.
-- 
 joq
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ros.org/pipermail/ros-release/attachments/20140524/8e88d3af/attachment.html>