[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Is subversion safe to use?

From: Ben Reser <ben_at_reser.org>
Date: 2004-12-01 04:28:04 CET

On Fri, Nov 26, 2004 at 09:51:12PM -0600, Ben Collins-Sussman wrote:
> Okay, so maxb's analysis is that David Summers' svn 1.1 RPMS were
> statically linking against BDB 4.0, but the user's previous 1.0.9 RPMs
> (whereever they came from) were statically linking against BDB 4.2...
> This makes me ponder two different things:
> 1. Maybe package maintainers should clearly label (or even warn) which
> version of of BDB they're using, since changing BDB versions can so
> easily wreak havoc on unsuspecting users?

I've tried to explain innumerable times why we shouldn't be shipping
subversion packages using libdb's that are different from the platform
for which they are built. E.G. all of my Mandrake packages to date
using BDB 4.1 because that's what the Mandrake Apache packages are built
with and what ships standard with Mandrake.

Whenever this comes up various developers scream bloody murder about how
BDB 4.1 isn't safe to use with Subversion. Yet they ignore these issues
entirely. Interestingly enough I have yet to ever hear of a Mandrake
user having repo problems with BDB 4.1. But I've heard about David's
RPM users having this issue innumerable times.

99% of the times it's because they've replaced David's Apache RPMs with
something from Redhat due to a security udpate.

> 2. a separate question -- and this is nothing against David or any
> other packager -- I wonder if our downloads page shouldn't make it
> really, really clear that
> A. the Subversion project only "officially" tests and releases
> sourceballs
> B. every link we provide is to volunteer-produced packages.
> This is on my mind lately, because whenever someone has a problem with
> a binary package (for any OS) the first thing they say is, "but I'm
> using the official package from the Subversion site!" There's this
> common misunderstanding that keeps coming up. A lot of users think
> that if they follow and install those links, then nothing can possibly
> go wrong because they've all been thoroughly tested and blessed. We
> need to make it clear that we're providing those links merely as a
> convenience, don't you think?

I don't see why anything needs to be changed. I think all the packagers
are doing the best that they can to package. There will be bugs in
their packaging. But that shouldn't be surprising. We have bugs in
Subversion. I don't have any problems supporting my packages and
neither does David. When a problem pops up we point people in the right

Ben Reser <ben@reser.org>
"Conscience is the inner voice which warns us somebody may be looking."
- H.L. Mencken
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Dec 1 04:29:14 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.