diff options
author | rh <rh> | 2004-01-14 06:57:45 +0000 |
---|---|---|
committer | rh <rh> | 2004-01-14 06:57:45 +0000 |
commit | 27c8bde806fe46b309179ae8ac5be9b2cc36dbd6 (patch) | |
tree | 5ffb1a61fc3d3a38564ae47c71fbbbe418ec26c2 /Packages.txt | |
parent | 725a8a22c5f470cbedcdb53e914702e1bbfe401f (diff) | |
download | pkgsrc-27c8bde806fe46b309179ae8ac5be9b2cc36dbd6.tar.gz |
Add *RECOMMENDED variables as discussed on tech-pkg@ to allow for a more
fine-grained distinction between required versions of pre-requisites
(DEPENDS) and versions that are recommended for security or library ABI
consistency reasons (RECOMMENDED).
The contents of ${RECOMMENDED} are added to DEPENDS unless
IGNORE_RECOMMENDED is set to YES, in which case a warning will be printed
and IGNORE_RECOMMENDED will be added to BUILD_DEFS.
Add a corresponding BUILDLINK_RECOMMENDED.<pkg> variable for use with
buildlink2 and buildlink3.
Diffstat (limited to 'Packages.txt')
-rw-r--r-- | Packages.txt | 35 |
1 files changed, 33 insertions, 2 deletions
diff --git a/Packages.txt b/Packages.txt index 8886733f3ba..cdcf608565e 100644 --- a/Packages.txt +++ b/Packages.txt @@ -1,4 +1,4 @@ -# $NetBSD: Packages.txt,v 1.320 2003/12/14 21:47:32 kristerw Exp $ +# $NetBSD: Packages.txt,v 1.321 2004/01/14 06:57:45 rh Exp $ ########################################################################### ========================== @@ -2053,6 +2053,34 @@ Wildcard dependencies should be used with care. The -[0-9]* should be used instead of -* to avoid potentially ambiguous matches such as tk-postgresql matching a tk-* DEPEND. +Wildcards can also be used to specify that a package will only build against +a certain minimum version of a pre-requisite: + + DEPENDS+= tiff>=3.5.4:../../graphics/tiff + +This means that the package will build against version 3.5.4 of the tiff library +or newer. Such a dependency may be warranted if, for example, the API of the +library has changed with version 3.5.4 and a package would not compile against +an earlier version of tiff. + +Please note that such dependencies should only be updated if a package requires +a newer pre-requisite, but not to denote recommendations such as security +updates or ABI changes that do not prevent a package from building correctly. +Such recommendations can be expressed using RECOMENDED: + + RECOMMENDED+= tiff>=3.6.1:../../graphics/tiff + +In addition to the above DEPENDS line, this denotes that while a package will +build against tiff>=3.5.4, at least version 3.6.1 is recommended. RECOMMENDED +entries will be turned into dependencies unless explicitly ignored (in which +case a warning will be printed). Packages that are built with recommendations +ignored may not be uploaded to ftp.netbsd.org by developers and should not be +used across different systems that may have different versions of binary +packages installed. + +For security fixes, please update the package vulnerabilities file as well as +setting RECOMMENDED (see section 10.21 for more information). + (c) If your package needs some executable to be able to run correctly, this is specified using the DEPENDS definition. The pkgsrc/print/lyx package needs to be able to execute the latex binary from the teTeX package when it runs, @@ -2286,7 +2314,10 @@ Note to package developers: When a vulnerability is found, this should be noted in localsrc/security/advisories/pkg-vulnerabilities, and after the commit of that file, it should be copied to both /pub/NetBSD/packages/distfiles/pkg-vulnerabilities and vulnerabilities -on ftp.netbsd.org by localsrc/security/advisories/Makefile. +on ftp.netbsd.org by localsrc/security/advisories/Makefile. In addition, if +a buildlink2.mk or buildlink3.mk file exists for an affected package, bumping +PKGREVISION and creating a corresponding BUILDLINK_RECOMMENDED.<pkg> entry +should be considered. 10.22 What's the proper way to create an account from a package? |