1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1109682: golang-github-mitchellh-hashstructure is duplicated

    From Mathias Gibbens@21:1/5 to Andrea Pappacoda on Thu Jul 31 21:00:01 2025
    On Mon, 2025-07-28 at 16:01 +0200, Andrea Pappacoda wrote:
    On Mon Jul 28, 2025 at 3:39 PM CEST, Mathias Gibbens wrote:
      Hmm, yes this is less than ideal. There appear to be no actual
    reverse dependencies on golang-github-mitchellh-hashstructure-v2-dev, while golang-github-mitchellh-hashstructure-dev has 47.

    Oh, that's higher than I though. Are you counting direct dependencies,
    or transitive ones too?

    I ran `build-rdeps golang-github-mitchellh-hashstructure-dev` in a
    sid container, which includes both direct and transitive dependencies.

      I'd suggest modifying this bug into a RM request for
      golang-github-mitchellh-hashstructure-v2-dev; CC'ing Arthur who had
      originally uploaded the v2 package for an ACK from him first.

    When hashstructure-v2 was uploaded, hashstructure was still at v1. So
    maybe it made sense to have two packages back then?

    Still, hashstructure declares an unversioned import path, while it is incompatible with packages depending on v1 (such as a package which
    a friend of mine is trying to work on as his first package -- no ITP
    yet, I haven't yet introduced him to the concept). Shouldn't then hashstructure declare a /v2 import path, and hence be renamed too? This
    was my reasoning when asking to drop the unversioned (v1) package.

    Most of the golang packages in Debian have unversioned import paths,
    which does mean that all dependencies in the archive need to use the
    same major version of the library. Individual golang libraries vary
    widely in how well they follow semantic versioning. Given that all
    packages in the archive currently use v2 from the unversioned package,
    I think that RM'ing golang-github-mitchellh-hashstructure-v2-dev is the
    correct path forward.

    Mathias

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmiLvAEACgkQKe7i1uz0 QvmxeRAAuuCvQNKjUWA1tDvotOOD5ckazs3J62pUHXRbWeaCnN6/FBA3VeLp4o14 5Hq7vR/kASVU8QtTXJlLofpvh3PZPwPXpVw3NxpafW85Ztkmdx+w9RYwdI75sQAD 9OxX09nHZPp3FY+c+mrX41fIXUixkRA+RsXsv5DDyRlVsuY3WGgfraBDdSktgWwD mXFPkizp3fdgGK/vrPSlcT7k30KUJ6J//1KiG1DmhUV+8BJBJn2bA73tfQr4TSeJ mbEJppCFkDICfpPtP8mGj/LRc1yK05e9gY/sAtzusSo+/5xN7280FqFcb9Ln9CbC fpHngAgA5UPYn04JFRCrakfGNYueyXxcfTq/uIe1NMsIgPbkLmUnF/gPdNH/YEK5 4EJ+CHiAqvfnqpt9U3fRpYJ4I0YbwQGzsIS9X02QQ7QeHSi+A9+ZaYGpz6mIG3yv RZIBYl7oO5wQm9AY0ws1+SgDG7R5RHmKHSZ+IivqfZb2aq9Qcx5NZmAE2CqO/RqH ctoWDSSwX67dl7OhKc8cFaRqC+21IGOehW+9lbQ7O2quEWkN5/VBEyzeK/lZMw7w iq0X9qscAcppGjdoacVMaun/1MWbxyKMXjXBhLxOcdbhMSc70xRINQkbP+4rc3WF ABK+35utb+MJpqySPZlxH59v9FXmhUHYiJS3AF4LDINQEpInBVE=
    =fAvp
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andrea Pappacoda@21:1/5 to Mathias Gibbens on Thu Jul 31 21:20:01 2025
    On Thu Jul 31, 2025 at 8:54 PM CEST, Mathias Gibbens wrote:
    I ran `build-rdeps golang-github-mitchellh-hashstructure-dev` in a
    sid container, which includes both direct and transitive dependencies.

    Ack.

    Most of the golang packages in Debian have unversioned import paths,
    which does mean that all dependencies in the archive need to use the
    same major version of the library. Individual golang libraries vary
    widely in how well they follow semantic versioning. Given that all
    packages in the archive currently use v2 from the unversioned package,
    I think that RM'ing golang-github-mitchellh-hashstructure-v2-dev is
    the correct path forward.

    Got it. I'm still quite new to Go packaging, and coming from C libraries
    these kinds of unversioned dependencies are a bit odd for me. But: agree
    that the RM of the unused package makes sense now!

    Thanks for the explanation, bye :)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)