From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id VXyxIi8N0F8eMwAA0tVLHw (envelope-from ) for ; Tue, 08 Dec 2020 23:33:03 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id yEpCHi8N0F91OwAA1q6Kng (envelope-from ) for ; Tue, 08 Dec 2020 23:33:03 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 2643A940366 for ; Tue, 8 Dec 2020 23:33:03 +0000 (UTC) Received: from localhost ([::1]:39854 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kmmTd-000442-Tt for larch@yhetil.org; Tue, 08 Dec 2020 18:33:01 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48644) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kmmMY-0008VA-2L for guix-devel@gnu.org; Tue, 08 Dec 2020 18:25:42 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:34404) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kmmMW-0005gS-HV; Tue, 08 Dec 2020 18:25:40 -0500 Received: from host-37-191-236-253.lynet.no ([37.191.236.253]:41148 helo=localhost) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1kmmMC-0008SZ-J8; Tue, 08 Dec 2020 18:25:35 -0500 From: Marius Bakke To: Tanguy LE CARROUR , Ludovic =?utf-8?Q?Court?= =?utf-8?Q?=C3=A8s?= Subject: Re: Poetry upgrade and related packages In-Reply-To: <1607422279.q306mwrdai.astroid@melmoth.none> References: <87sg8oo2bq.fsf@eauchat.org> <1607003488.tc0yc76x5m.astroid@melmoth.none> <87wnxw45rr.fsf@gnu.org> <1607331131.vwxmd3587f.astroid@rafflesia.none> <87v9dd43zz.fsf@gnu.org> <1607422279.q306mwrdai.astroid@melmoth.none> Date: Wed, 09 Dec 2020 00:25:17 +0100 Message-ID: <87czzj519e.fsf@gnu.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Guix-devel Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -4.91 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Migadu-Queue-Id: 2643A940366 X-Spam-Score: -4.91 X-Migadu-Scanner: ns3122888.ip-94-23-21.eu X-TUID: w6T3B8xnjMdr --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Tanguy LE CARROUR skriver: > Hi Marius, > > > Excerpts from Marius Bakke's message of December 7, 2020 11:59 pm: >> Tanguy LE CARROUR skriver: >>> Excerpts from Ludovic Court=C3=A8s's message of December 5, 2020 4:44 p= m: >>>> Tanguy LE CARROUR skribis: >>>>=20 >>>>> It's not yet clear to me how to handle (python) package updates: >>>>> - when to update; >>>>> - when not to update; >>>>> - when to introduce "versionned" (`-x.y` suffix) package definitions; >>>>> - when to introduce "next" (`/next` suffix) package definitions; >>>>> - when to remove the two above suffixes; >>>>> - =E2=80=A6 >>>>> >>>>> So I'm looking forward to reading the answers to this thread! :-) >>>>=20 >>>> When a change introduces too many rebuilds, the convention is to make >>>> that change on a branch that will be merged =E2=80=9Clater=E2=80=9D ra= ther than on >>>> =E2=80=98master=E2=80=99; this is bullet 8 here: >>>>=20 >>>> https://guix.gnu.org/manual/devel/en/html_node/Submitting-Patches.ht= ml >>> >>> Thanks for pointing at, but this "just" tells me on which branch to put >>> the changeset, not which of the above options should be used when a >>> package needs to be updated. >>=20 >> There is no "one size fits all" rule. With rare exceptions, Guix >> "wants" to have only have a single version of each package (mainly to >> ease maintenance). As you found, that's not always feasible. >>=20 >> If a package depends on a newer version of something "deep in the graph" >> such as Pytest, it's always OK to add a "/next" or "-x.y" variant >> (though a convention about which to use would probably be a good idea). >> >> If something depends on a *specific* (older) version of Pytest, it's >> better to try and make it work with the newer version; but failing that, >> adding a "-x.y" is fine too. > > `-x.y` packages are here to stay. > `/next` are temporary packages. In most cases, yes. :-) > Is it safe to remove all `-x.y` packages that are not used as inputs? > Is there a (programmatic) way to find those packages? Good questions. It should be safe to remove unused and versioned "leaf" packages. I don't have good answers on how to discover them though. > When `/next` become "current|default|latest", who is in charge of patching > all the package definitions that were using it?! Typically those occur in the same or (closely related) commits. But it happens that a "/latest" has been removed on 'core-updates', yet keeps gaining uses on 'master'. In those cases deprecating (instead of removing) the variable on the 'core-updates' branch is the best option, so that merging master->core-updates won't break the branch. There is no one "in charge" though, just "someone" has to do it. :-) >>>> Yet, sometimes we want to introduce new versions that people can get in >>>> their profile, even if the =E2=80=9Cdefault=E2=80=9D one remains the o= lder version to >>>> avoid world rebuilds. >>> >>> That's exactly my point! If the default one lags behind, then after some >>> time, nobody will use it any more and we will have introduced one or mo= re >>> `-x.y` package definitions! >>> I would consider it to be a "saner" approach to have the default always >>> "point" to the latest version, but then we would have to "fix" package >>> depending on older versions by introducing `-x.y` package definitions >>> for them. >>> >>> Or am I missing something?! >>=20 >> You got it right. It might be saner to make the unversioned variable >> refer to the newest version, but it would often require "pinning" >> hundreds of packages to the old version to avoid rebuilds. Thus, it's >> typically more practical to use the "/next" variant until the next >> rebuild cycle. > > Then, during the rebuild cycle those hundreds of packages get rebuilt > and=E2=80=A6 some of them fail because they depend on the older version, = right?! > But I'm pretty sure it's a problem all distributions have to face. Yes, often you'll get an "upgrading cascade", which may bring new problems such as circular dependencies, etc (looking at you, Python ecosystem). The only remedy I know for that is copious amounts of coffee. > Wasn't it discussed somewhere else that one should get notified (by email) > when their favourite packages were broken? I think cbaines is working on something along those lines. >> Again there is no hard rule here, I did such a change for 'libcap' in >> 9e1f5a263e4f6df4d075901c9b58a56f80c8b452 because only two packages >> needed to pin the old version. > >> Hope this clears things up a little more. :-) > > Yes, thanks! But I guess I need to go through more of those situations > to make sure I understand everything. For some practical experience, you can try updating to Python 3.9.1 and the latest Pytest (+ dependencies). This needs to be done soon for the 'core-updates' branch anyway. ;-) --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFDBAEBCgAtFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAl/QC10PHG1hcml1c0Bn bnUub3JnAAoJEKKgbfKjOlT6F6UH/1lCTiMfuO/pCkwjV6BCMr8OUAgsA+fEtWPe wobQtLLlm5WCbq9FsdQ17rLDqTN/ZKHb99rF3YoKIIxLCDKFnoPJjhUlqK0vTm2C Pa0BSf4NEJ3bK4JiD4vqu1frmGXcb6Z7ONbpIIS+EVrBjkhFy/pu18bnz7hXeOHN B3KF9ASyxdwFAmWMkQblnOcz1KSRRWGCitWXrNTO0X2j4NVDC+VDLqwYPdWvrOu7 Ljtyd9MMEkZIX0T/zKPxQnL1TAPh84/0lf3k6HuHD7rSyGIFtydOQS5A2u2k3xOZ ng5ZDT5bd5Z+vOeYMXuNZqLYacAH7Sk6/sH/O7xsAQE0vpSvbwI= =7DPq -----END PGP SIGNATURE----- --=-=-=--