Ubuntu
apt package

Version control system warnings intrusive and unclear

Bug #129575 reported by Scott Kitterman on 2007-08-01

Affects		Status	Importance	Assigned to	Milestone
	apt (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Binary package hint: apt

Currently in Gutsy with apt version 0.7.4ubuntu1 when I try to download packages with apt-get source I now get warnings that get in the way and are wrong:

WARNING: 'pyspf' is maintained in the 'Svn' version control system at:
svn://svn.debian.org/python-modules/packages/pyspf/trunk/
Are you sure you want to continue [yN]?

WARNING: 'hal' is maintained in the 'Bzr' version control system at:
http://bazaar.launchpad.net/~ubuntu-core-dev/hal/ubuntu
Please use:
bzr get http://bazaar.launchpad.net/~ubuntu-core-dev/hal/ubuntu
to modify the package.
Are you sure you want to continue [yN]?

Now I don't know about hal, but for pyspf all that's in the svn is the debian dir. Apt-get source retrieves the entire package for a specific release. In this case I was trying to get the released source for hal from Feisty. So in the two cases I tested it was at the very least misleading and in some cases points the user in the wrong direction. Apt-get source gets a source package from a particular release. It's use is not limited to getting the latest and greatest debian packaging directories.

I would suggest changing it to:

NOTICE: 'PACKAGE' Debian packaging is maintained in the VCS_TYPE' version control system at:
PATH_TO_VCS
Please use:
VCS_TYPE VCS_COMMAND PATH_TO_VCS
to retrieve the latest (unreleased) updates to the package.

And then lose the question entirely.

See original description

Related branches

lp:ubuntu/lucid/apt

Revision history for this message

Michael Vogt (mvo) wrote on 2007-08-03:

Thanks for your bugreport.

I'm happy to change the wording to make it clearer what this is all about. But the warning should stay there as a warning so that people who modify packages that are maintained in bzr (or svn) know that direct modifications will get archive and version control system out of sync.

Alternatively we can change this to a whishlist item so that you can get a apt option to overwrite the warning (also -y should already do the trick).

Cheers,
Michael

Changed in apt:
status:	New → Won't Fix

Revision history for this message

Scott Kitterman (kitterman) wrote on 2007-08-03:

Well there are several problems with this....

apt-get source gets the source of a released debian package. The point of apt-get source is to get the source package for a certain release.

What's in the repository is generally a subset of that, so for most use cases the warning is irrelevant because, as with one of my examples:

WARNING: 'pyspf' is maintained in the 'Svn' version control system at:
svn://svn.debian.org/python-modules/packages/pyspf/trunk/

pyspf is NOT maintained at svn.debian.org. Only the debian dir is. Additionally, what's in the Debian svn is not relevant to what I would do for Ubuntu.

So what the warning states is incorrect.

Additionally, now there's an added step I have to take so this "improvement" provides incorrect information and makes more work for me.

If the warning were made accurate, I see no harm in providing the information, but I think asking for the confirmation because of a fact that's at best tangentially related to what I'm trying to do is overly intrusive.

Scott Kitterman (kitterman) on 2007-08-03

description:	updated
Changed in apt:
status:	Won't Fix → Confirmed

Revision history for this message

Scott Kitterman (kitterman) wrote on 2007-08-04:

I'd suggest changing the notification to:

NOTICE: The packaging information for PACKAGE is maintained in VCS version control system at:
...

Revision history for this message

Emmet Hikory (persia) wrote on 2007-08-04:

I'm really not sure that changing the warning alone is sufficient. Regardless of the -y option, I would prefer that apt not ask for confirmation before downloading the repository source. There are several use cases that are improved by using the repository source, as follows:

1) A Ubuntu developer wishes to work on source maintained in a VCS in Debian. In this case, the use of the VCS version may not be correct at all, as there may be many changes to the source in the repositories that are not reflected in the VCS. This issue is compounded for Ubuntu derivatives, where neither the Debian nor Ubuntu VCS may be correct.

2) The downloader is interested in understanding how a feature is implemented, or reviewing the code for some other purpose. In this case, the use of the VCS is likely irrelevant, unless the downloader has some reason why they would prefer the VCS, happens to have the appropriate VCS tools installed, and needs to see the very latest code for some reason.

3) A Debian developer wishes to download Ubuntu source to review the specific changes made in more detail than is obvious from patches.ubuntu.com, when the Debian developer uses a VCS to manage the package. In this case, the warning is definitely not correct, as the specific changes in which the downloader is interested are certainly not in the VCS.

4) A new developer is interested in preparing a patch to be sent upstream for their pet feature, and the repositories carry the latest upstream version. In this case, a pointer to the VCS for the packaging is largely unimportant, as the developer is interested only in the upstream code. It may be that this person should visit the upstream VCS, but this may be daunting for beginners.

5) A user is required to recompile to enable some compile-time option as indicated in the documentation. Such user may well be an LTS user, and so the VCS maintained version may not be appropriate (especially if the package maintainer does not branch at each upload).

6) A user has encountered a behavioral change in the package, and wishes to understand the differences between two versions. For such a user, redirection to the VCS may require review of significantly more output (which may be less obvious to generate) than using versioned apt-get (e.g. apt-get source myfavoritepackage=5.3.6-3ubuntu14) and debdiff.

Contrariwise, I believe the only use case improved by stopping to ask is that an Ubuntu developer working on a package maintained in an Ubuntu VCS is notified that changes should be committed to the VCS rather than uploaded blindly.

I'm really not sure that changing the warning alone is sufficient.  Regardless of the -y option, I would prefer that apt not ask for confirmation before downloading the repository source.  There are several use cases that are improved by using the repository source, as follows:

1) A Ubuntu developer wishes to work on source maintained in a VCS in Debian.  In this case, the use of the VCS version may not be correct at all, as there may be many changes to the source in the repositories that are not reflected in the VCS.  This issue is compounded for Ubuntu derivatives, where neither the Debian nor Ubuntu VCS may be correct.

2) The downloader is interested in understanding how a feature is implemented, or reviewing the code for some other purpose.  In this case, the use of the VCS is likely irrelevant, unless the downloader has some reason why they would prefer the VCS, happens to have the appropriate VCS tools installed, and needs to see the very latest code for some reason.

3) A Debian developer wishes to download Ubuntu source to review the specific changes made in more detail than is obvious from patches.ubuntu.com, when the Debian developer uses a VCS to manage the package.  In this case, the warning is definitely not correct, as the specific changes in which the downloader is interested are certainly not in the VCS.

4) A new developer is interested in preparing a patch to be sent upstream for their pet feature, and the repositories carry the latest upstream version.  In this case, a pointer to the VCS for the packaging is largely unimportant, as the developer is interested only in the upstream code.  It may be that this person should visit the upstream VCS, but this may be daunting for beginners.

5) A user is required to recompile to enable some compile-time option as indicated in the documentation.  Such user may well be an LTS user, and so the VCS maintained version may not be appropriate (especially if the package maintainer does not branch at each upload).

6) A user has encountered a behavioral change in the package, and wishes to understand the differences between two versions.  For such a user, redirection to the VCS may require review of significantly more output (which may be less obvious to generate) than using versioned apt-get (e.g. apt-get source myfavoritepackage=5.3.6-3ubuntu14) and debdiff.

Revision history for this message

Michael Vogt (mvo) wrote on 2007-08-08:

apt (0.7.6ubuntu4) gutsy; urgency=low

  * cmdline/apt-get.cc:
    - remove YnPrompt when a XS-Vcs- tag is found, improve the
      notice (LP: #129575)
  * methods/copy.cc:
    - take hashes here too
  * apt-pkg/acquire-worker.cc:
    - only pass on computed hash if we recived one from the method

-- Michael Vogt <email address hidden> Wed, 08 Aug 2007 19:30:29 +0200

Changed in apt:
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuapt package

Version control system warnings intrusive and unclear

Bug Description

Related branches

Other bug subscribers

Remote bug watches

Ubuntu
apt package