Debian "sid" users beware of the dpkg 1.16.2 upload
Posted Mar 15, 2012 6:54 UTC (Thu) by geofft
In reply to: Debian "sid" users beware of the dpkg 1.16.2 upload
Parent article: Debian "sid" users beware of the dpkg 1.16.2 upload
> Analysing his announcement, Guillem has pinpointed the CAUSES of 3 possible problems and suggests 3 CHECKS to take before upgrading:
If you read closely, Guillem pinpointed the cause of 3 possible problems out of quite possibly many more, and suggests 3 checks to take before upgrading, without guaranteeing that those checks are sufficient to make everything safe. In other words, if you ever ran the current common multiarch dpkg, you have no idea what may have possibly gone wrong. (He also explicitly does not want to have dpkg itself do these checks when being upgraded, on the grounds that the previously-widely-used multiarch implementation was unofficial, and is not interested in reports of what else breaks besides the issues he noticed.)
Perhaps, as he claims, the code has not been reviewed enough, and there are in fact more subtle bugs lurking. But perhaps this is FUD, and the fact that I haven't seen Ubuntu in two-and-a-half releases of this code find massive breakage on their users' systems makes me wonder whether they've been lucky or the code is actually quite fine. In the literal sense, there is fear about the so-called unreviewed code, uncertainty about its effects, and doubt as to whether your system is even recoverable.
As also mentioned by another commenter, the other active dpkg maintainer, Raphael, posted a script to debian-devel to check for the issues Guillem mentioned, along with a gentle complaint that Guillem sent this email to debian-devel-announce without coordinating with the rest of the dpkg team. Given that Raphael is also active in Ubuntu, I would expect that we'll find that a more polished version of his script gets run on Ubuntu upgrades to this dpkg version.
to post comments)