Date: Wed, 28 Sep 2016 00:07:40 +0200 From: Mathieu Arnold <mat@FreeBSD.org> To: marino@freebsd.org, Vsevolod Stakhov <vsevolod@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r422826 - head/security/libsodium Message-ID: <db82e62a-b828-5dba-ec81-58e214873b78@FreeBSD.org> In-Reply-To: <005d1679-6e3c-c09b-0bc5-0fd123330ae4@marino.st> References: <201609271943.u8RJhXe0061946@repo.freebsd.org> <6d763b2f-0745-9f7a-c94e-b9653174bdd5@marino.st> <f67dca1b-3249-fca0-2113-ac440dd4346e@FreeBSD.org> <b23328e4-1adb-177d-5e88-e43588c56a1b@marino.st> <2acdea56-9c02-4ea9-943c-7a5091ca49ab@FreeBSD.org> <005d1679-6e3c-c09b-0bc5-0fd123330ae4@marino.st>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --fg8RNFR6D425slmq2644tJ2iO8uX4PaL1 Content-Type: multipart/mixed; boundary="nPARvXoEpTaUxq9eoq5lav2ordUl9n6Q7"; protected-headers="v1" From: Mathieu Arnold <mat@FreeBSD.org> To: marino@freebsd.org, Vsevolod Stakhov <vsevolod@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Message-ID: <db82e62a-b828-5dba-ec81-58e214873b78@FreeBSD.org> Subject: Re: svn commit: r422826 - head/security/libsodium References: <201609271943.u8RJhXe0061946@repo.freebsd.org> <6d763b2f-0745-9f7a-c94e-b9653174bdd5@marino.st> <f67dca1b-3249-fca0-2113-ac440dd4346e@FreeBSD.org> <b23328e4-1adb-177d-5e88-e43588c56a1b@marino.st> <2acdea56-9c02-4ea9-943c-7a5091ca49ab@FreeBSD.org> <005d1679-6e3c-c09b-0bc5-0fd123330ae4@marino.st> In-Reply-To: <005d1679-6e3c-c09b-0bc5-0fd123330ae4@marino.st> --nPARvXoEpTaUxq9eoq5lav2ordUl9n6Q7 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Le 28/09/2016 =C3=A0 00:03, John Marino a =C3=A9crit : > On 9/27/2016 16:58, Mathieu Arnold wrote: >> Le 27/09/2016 =C3=A0 23:50, John Marino a =C3=A9crit : >>> On 9/27/2016 16:14, Mathieu Arnold wrote: >>>> Le 27/09/2016 =C3=A0 21:51, John Marino a =C3=A9crit : >>>>> On 9/27/2016 14:43, Vsevolod Stakhov wrote: >>>>>> Author: vsevolod Date: Tue Sep 27 19:43:32 2016 New Revision: >>>>>> 422826 URL: >>>>>> https://svnweb.freebsd.org/changeset/ports/422826 >>>>>> >>>>>> Log: - Update to 1.0.11 >>>>>> >>>>>> No bump for dependent port is required as this version has no >>>>>> API changes >>>>>> >>>>>> >>>>>> Modified: head/security/libsodium/pkg-plist >>>>>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> > --- head/security/libsodium/pkg-plist Tue Sep 27 18:25:34 2016 >>>>>> (r422825) +++ head/security/libsodium/pkg-plist Tue Sep 27 >>>>>> 19:43:32 2016 (r422826) @@ -58,7 +58,7 @@ >>>>>> include/sodium/version.h lib/libsodium.a lib/libsodium.so >>>>>> lib/libsodium.so.18 -lib/libsodium.so.18.1.0 >>>>>> +lib/libsodium.so.18.1.1 libdata/pkgconfig/libsodium.pc >>>>>> %%PORTDOCS%%%%DOCSDIR%%/AUTHORS >>>>>> %%PORTDOCS%%%%DOCSDIR%%/README.markdown >>>>>> >>>>> >>>>> First, I don't think the "no API change" means a bump is not >>>>> mandatory. Secondly, the SO name of the library changed!!! You >>>>> have to bump it, there's no question here. >>>>> >>>>> It's 1000x better to bump unnecessarily than to skip a bump >>>>> that is required. >>>> >>>> No it did not. >>>> >>>> $ readelf -d `make -V STAGEDIR`/usr/local/lib/libsodium.so|grep >>>> soname 0x000000000000000e SONAME Library soname: >>>> [libsodium.so.18] >>>> >>>> The file name changed, but software will try to find >>>> libsodium.so.18, and that will still work. >>>> >>> >>> regardless, why should the bump be avoided? There could have been >>> fixes against the existing functions. >>> >>> I'm starting to see a lot of people go out of their way to bump and >>> I don't know where the trend is coming from. >>> >>> Is portmgr saying vsevolod is correct not to bump this? I would >>> bump it and if that's wrong maybe my bump criteria is wrong. >> >> You have to bump ports that depend on a .so when the soname changes. >> For example, if the libsodium update had done this: >> >> lib/libsodium.so -lib/libsodium.so.18 -lib/libsodium.so.18.1.0 >> +lib/libsodium.so.19 +lib/libsodium.so.19.2.1 >> >> You would have needed to bump, because the soname would have changed >> from libsodium.so.18 to libsodium.so.19, and software built with the >> old version would have tried to load the .18 lib that did not exist >> any more. >> >> As a general rule, when you don't know what to do, don't do what you >> guessed, ask. There are people with more knowledge than you, and >> they can explain you what you are doing wrong. > > I wasn't talking about missing linkage. I dropped that after you said > the registered SONAME didn't change. > > The point I was making is that there could have been bug fixes to > existing functions. Those fixes will only accidentally propagate now. > > It's doubtful that many people know with 100% certainty that there are > no fixes that should be propagated. I certainly wouldn't tie the > evaluation to the SONAME. > > I can say I am surprised that you think I'm wrong to assert this needs > a bump. In my case, the worst that can happen are the ports dependent > get rebuilt. In the other case, the worst that can happen is that bug > fixes don't propagate. I don't think my position is wrong. How would bug fixes not propagate ? You know what a .so is, right ? If something gets fixed in libfoo.so.1.2.3 and it previously was bad in libfoo.so.1.2.2, then the fixed function gets in libfoo.so.1.2.3, and everything using it will get the fixed function. --=20 Mathieu Arnold --nPARvXoEpTaUxq9eoq5lav2ordUl9n6Q7-- --fg8RNFR6D425slmq2644tJ2iO8uX4PaL1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJX6u2tXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzQUI2OTc4OUQyRUQxMjEwNjQ0MEJBNUIz QTQ1MTZGMzUxODNDRTQ4AAoJEDpFFvNRg85IY1UQALEglEkqhefh4t1cZ9WW79qq 09oFLCb9U3NnHDx4dgAvT4zmapGUc7q4zXdUwIeq02X8vdzAhbdWtEwDk5gZhEju 5FoMtB1Y2L8p47c5jbyshEUhgUeAHDbfpOHQSoFIb3Y15dG9VMXIGHVqZWLjq92Z MjmkMHUv9QH1MZ8Jf0hqfMTGgmlFqTyCbnqI1VzBn5Atiw/PN8Or9UCTgcITGtcL mwcGbgl26+0MPGi9y2Q+7XHmh8XwB/u4maxEtu2dHeND69wdw7NgnEsXOzAdStrq jMQi7+haxkG0Rn5ck3kVrFHxpyK11t4BrOYNKAcUeeiJqfD4d4CijHpJ1v2FbUFC saHUquEa7Nc05zZJXdAb9N2Lqqe2KTWy4wZ7OXozVWjfXNNn0wDCm2bIyfsrT5Ld RLS8RCsOeBcZnGkvJadMX6sumGIWv9NS3HrqxLZdZcZofgUtoXVyLmpi446eTNG6 Lu1re744Ev01K7EecsxKoouZR4SZmSOCQm3Z3MI5X+0YJRwH+ruf2udrGlEnMvoZ P9F/N780haHkCd58vvT6u2Jzu7c/g6AByK7de2wDBb7qKR/exnxTLaOp32bD1YWg jD58bH/w8n5qAGKvsD8xJAGjwqFMR6Pq7hoxRG2mD/S+iYXitQ/Xgsu28oVuFhQ7 kMCDM+v5Ed3va2wCFNgY =9sIA -----END PGP SIGNATURE----- --fg8RNFR6D425slmq2644tJ2iO8uX4PaL1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?db82e62a-b828-5dba-ec81-58e214873b78>