Re: [gentoo-dev] Proposed future EAPI feature: FILES whitelist - gentoo-dev

From:	Kent Fredric <kentnl@g.o>
To:	gentoo-dev@l.g.o
Subject:	Re: [gentoo-dev] Proposed future EAPI feature: FILES whitelist
Date:	Fri, 16 Sep 2016 16:01:13
Message-Id:	`20160917040006.18f3dc37@katipo2.lan`
In Reply to:	[gentoo-dev] Proposed future EAPI feature: FILES whitelist by Ulrich Mueller

1

On Fri, 16 Sep 2016 17:20:28 +0200

2

Ulrich Mueller <ulm@g.o> wrote:

3

4

> > 3. Each entry in FILES dictates that the given file is "Used by" the

5

> > ebuild.

6

>

7

> Do you mean "file" in its Unix meaning here, i.e. including

8

> directories? Or only regular files?

9

10

I'd say regular files for now. Mostly because I think it should be explicit

11

if you want to include directory children.

12

13

/expressions/ could be expanded during MD5 generation against ${REPO}.../files/ 

14

path, which would probably work in the case of "${PV}/*" for instance.

15

16

But I'm undecided if I like that, only suggesting to get people thinking about 

17

it as a possibility.

18

19

>

20

> > 4. the FILES variable is expanded and interpreted during package

21

> > sourcing

22

>

23

> > 5. "repoman full" and "repoman ci" must ensure any entry listed in FILES

24

> > exists

25

>

26

> > 6. "repoman full" and "repoman ci" must ensure any use of ${FILESDIR}

27

> > without a declared FILES variable is a failure.

28

>

29

> > 7. Under this future EAPI, the location of where ${FILESDIR} expands to

30

> > changes to a location within

31

> > ${PORTAGE_TEMPDIR}/portage/${CATEGORY}/${PF}/files

32

>

33

> > 8. The contents of ${PORTAGE_TEMPDIR}/portage/${CATEGORY}/${PF}/files

34

> > is generated from the source-time $FILES entry by mapping entries from

35

> > ${repostory_location}, either by symlink or by copy (though copy is

36

> > preferred to avoid potential side effects), mapping their heirachy

37

> > exactly ( that is, preserving directory structure )

38

>

39

> > 9. Files not listed in/indicated by $FILES are thus unavailable to the

40

> > ebuild at runtime and will not be seen in ${FILESDIR}, even if they are

41

> > in ${repository_location}

42

>

43

> AFAICS that proposal goes into a direction which is somewhat opposite

44

> to what we have pursued in EAPI 6. There, we have allowed directories

45

> as arguments to eapply, in order to simplify application of patchsets.

46

> Now maintainers would have to list all single files contained in the

47

> directory again.

48

49

This wouldn't change the ability for eapply to do that when used with 

50

patch-tarballs in SRC_URI, and it wouldn't change the ability to call:

51

52

   eapply ${FILESDIR}

53

54

It would only change where ${FILESDIR} was and what it contained.

55

56

But the use of that against directories in $FILEDIR is slightly more

57

cause for concern at present, though mostly due to abuse where files/*

58

are all considered. Such abuses /could/ possibly be made more obvious

59

with this mechanism.

60

61

> Also I am not sure if I like the additional burden imposed on ebuild

62

> maintainers by requiring double bookkeeping. FILESDIR is already a

63

> well defined location for the support files needed by a package.

64

65

Agreed to an extent. Though I was of the opinion that to a greater extent

66

at least, such concern cases would simply be relocating the book-keeping

67

logic for defining the file-sets to be at the FILES location, which would

68

give you a canonical variable to consume elsewhere.

69

70

In theory under the expression system, you could have "FILES=*" which

71

would basically regress the feature to what it currently is, but then having

72

the feature at all wouldn't be very useful.

73

74

It could be an "opt-in" feature instead of a mandatory one mind, where it would

75

basically degrade to a default mechanic of "Like a PATCHES array, but repoman

76

can check it"

77

78

>

79

> > :: Benefits ::

80

>

81

> > [...]

82

>

83

> > 4. Due to referential integrity, it should be trivial to identify which

84

> > files are needed by a given ebuild, and which files are now redundant,

85

> > assisting with keeping the tree pruned.

86

>

87

> How does a file in FILESDIR get stale? The typical scenario is that a

88

> patch will no longer be needed after a version bump and pruning of old

89

> ebuild versions. I fear that with FILES the problem would simply be

90

> shifted: instead of forgetting to delete the stale file, people would

91

> forget removing the patch from the FILES list.

92

>

93

> Ulrich

94

95

I Know those seem like similar problems, but the subtle difference does stick out

96

for me.

97

98

With the existing scenario the basic assumption is that *every* ebuild

99

needs a given file, and you have to check every ebuild and make sure

100

you don't break one.

101

102

And this is true *even* if you're a maintainer who tries to keep things tight.

103

104

A good maintainer can prune the contents of an ebuilds FILES= list *at

105

the time they perform the bump*, where as by contrast, you *cant* prune

106

the files themselves at the time of the bump, because they are still

107

needed.

108

109

So in a sense, the use of a FILES= list allows you to keep things

110

contextualised, you can mark which you still need, and remove that

111

which you don't.

112

113

Which means when a second maintainer comes along and removes an ebuild,

114

they don't need to have the knowledge the first maintainer internalised

115

when they made the bump.

116

117

Removing the ebuild will immediately alert them of the presense of

118

unused files, because they will cease to be indicated by any ebuilds.

119

120

So you're keeping the knowledge of "I changed the ebuild" attached to

121

"I changed which files are needed", which will be known at the same

122

time.

123

124

And portage then communicates that knowledge through time to the person

125

who removes the old ebuilds, so they know which files are no longer

126

neeed, without having to check every existing ebuild.

127

128

Obviously my entire suggestion is not complete and there's probably a

129

few details that need to be sorted out before it approaches

130

properly-useful.

131

132

And maybe it will serve us better if it starts out as an elective

133

instead of a mandatory feature.

1	On Fri, 16 Sep 2016 17:20:28 +0200
2	Ulrich Mueller <ulm@g.o> wrote:
3
4	> > 3. Each entry in FILES dictates that the given file is "Used by" the
5	> > ebuild.
6	>
7	> Do you mean "file" in its Unix meaning here, i.e. including
8	> directories? Or only regular files?
9
10	I'd say regular files for now. Mostly because I think it should be explicit
11	if you want to include directory children.
12
13	/expressions/ could be expanded during MD5 generation against ${REPO}.../files/
14	path, which would probably work in the case of "${PV}/*" for instance.
15
16	But I'm undecided if I like that, only suggesting to get people thinking about
17	it as a possibility.
18
19	>
20	> > 4. the FILES variable is expanded and interpreted during package
21	> > sourcing
22	>
23	> > 5. "repoman full" and "repoman ci" must ensure any entry listed in FILES
24	> > exists
25	>
26	> > 6. "repoman full" and "repoman ci" must ensure any use of ${FILESDIR}
27	> > without a declared FILES variable is a failure.
28	>
29	> > 7. Under this future EAPI, the location of where ${FILESDIR} expands to
30	> > changes to a location within
31	> > ${PORTAGE_TEMPDIR}/portage/${CATEGORY}/${PF}/files
32	>
33	> > 8. The contents of ${PORTAGE_TEMPDIR}/portage/${CATEGORY}/${PF}/files
34	> > is generated from the source-time $FILES entry by mapping entries from
35	> > ${repostory_location}, either by symlink or by copy (though copy is
36	> > preferred to avoid potential side effects), mapping their heirachy
37	> > exactly ( that is, preserving directory structure )
38	>
39	> > 9. Files not listed in/indicated by $FILES are thus unavailable to the
40	> > ebuild at runtime and will not be seen in ${FILESDIR}, even if they are
41	> > in ${repository_location}
42	>
43	> AFAICS that proposal goes into a direction which is somewhat opposite
44	> to what we have pursued in EAPI 6. There, we have allowed directories
45	> as arguments to eapply, in order to simplify application of patchsets.
46	> Now maintainers would have to list all single files contained in the
47	> directory again.
48
49	This wouldn't change the ability for eapply to do that when used with
50	patch-tarballs in SRC_URI, and it wouldn't change the ability to call:
51
52	eapply ${FILESDIR}
53
54	It would only change where ${FILESDIR} was and what it contained.
55
56	But the use of that against directories in $FILEDIR is slightly more
57	cause for concern at present, though mostly due to abuse where files/*
58	are all considered. Such abuses /could/ possibly be made more obvious
59	with this mechanism.
60
61	> Also I am not sure if I like the additional burden imposed on ebuild
62	> maintainers by requiring double bookkeeping. FILESDIR is already a
63	> well defined location for the support files needed by a package.
64
65	Agreed to an extent. Though I was of the opinion that to a greater extent
66	at least, such concern cases would simply be relocating the book-keeping
67	logic for defining the file-sets to be at the FILES location, which would
68	give you a canonical variable to consume elsewhere.
69
70	In theory under the expression system, you could have "FILES=*" which
71	would basically regress the feature to what it currently is, but then having
72	the feature at all wouldn't be very useful.
73
74	It could be an "opt-in" feature instead of a mandatory one mind, where it would
75	basically degrade to a default mechanic of "Like a PATCHES array, but repoman
76	can check it"
77
78	>
79	> > :: Benefits ::
80	>
81	> > [...]
82	>
83	> > 4. Due to referential integrity, it should be trivial to identify which
84	> > files are needed by a given ebuild, and which files are now redundant,
85	> > assisting with keeping the tree pruned.
86	>
87	> How does a file in FILESDIR get stale? The typical scenario is that a
88	> patch will no longer be needed after a version bump and pruning of old
89	> ebuild versions. I fear that with FILES the problem would simply be
90	> shifted: instead of forgetting to delete the stale file, people would
91	> forget removing the patch from the FILES list.
92	>
93	> Ulrich
94
95	I Know those seem like similar problems, but the subtle difference does stick out
96	for me.
97
98	With the existing scenario the basic assumption is that every ebuild
99	needs a given file, and you have to check every ebuild and make sure
100	you don't break one.
101
102	And this is true even if you're a maintainer who tries to keep things tight.
103
104	A good maintainer can prune the contents of an ebuilds FILES= list *at
105	the time they perform the bump, where as by contrast, you cant* prune
106	the files themselves at the time of the bump, because they are still
107	needed.
108
109	So in a sense, the use of a FILES= list allows you to keep things
110	contextualised, you can mark which you still need, and remove that
111	which you don't.
112
113	Which means when a second maintainer comes along and removes an ebuild,
114	they don't need to have the knowledge the first maintainer internalised
115	when they made the bump.
116
117	Removing the ebuild will immediately alert them of the presense of
118	unused files, because they will cease to be indicated by any ebuilds.
119
120	So you're keeping the knowledge of "I changed the ebuild" attached to
121	"I changed which files are needed", which will be known at the same
122	time.
123
124	And portage then communicates that knowledge through time to the person
125	who removes the old ebuilds, so they know which files are no longer
126	neeed, without having to check every existing ebuild.
127
128	Obviously my entire suggestion is not complete and there's probably a
129	few details that need to be sorted out before it approaches
130	properly-useful.
131
132	And maybe it will serve us better if it starts out as an elective
133	instead of a mandatory feature.

Gentoo Archives: gentoo-dev