Bug 612563 - RFE: Let perl-CPAN Require: perl(Digest::SHA)
Summary: RFE: Let perl-CPAN Require: perl(Digest::SHA)
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: perl   
(Show other bugs)
Version: 13
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Petr Pisar
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 640716
TreeView+ depends on / blocked
 
Reported: 2010-07-08 14:25 UTC by Ralf Corsepius
Modified: 2010-10-06 16:59 UTC (History)
8 users (show)

Fixed In Version: perl-5.10.1-114.fc13
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 640716 (view as bug list)
Environment:
Last Closed: 2010-07-14 23:06:21 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Ralf Corsepius 2010-07-08 14:25:55 UTC
Description of problem:

/usr/bin/cpan strongly suggests to install "Digest::SHA".

Fedora's perl-CPAN, however doesn't depend on "perl(Digest::SHA)", 
i.e. users will be tempted to manually install Digest::SHA

Note: We are talking about Fedora+cpan users. It's this group of users, which at least I consider to be specially susceptible to using cpan instead of using rpm-packaged perl-modules.

Version-Release number of selected component (if applicable):
perl-5.10.1-112.fc13.x86_64

How reproducible:
Always

Steps to Reproduce:
1. yum install perl-CPAN
2. /usr/bin/cpan
3. get Test
  
Actual results:

cpan issues a "strong suggestion":
...
  CPAN: checksum security checks disabled because Digest::SHA not installed.
  Please consider installing the Digest::SHA module.



Expected results:
cpan not to issue such warning and to behave "safe by default".

Comment 1 Tom "spot" Callaway 2010-07-08 14:29:46 UTC
Seems sensible to me.

Comment 2 Petr Pisar 2010-07-08 14:41:42 UTC
As I'm usually against rich dependencies, however I can do that. I have prepared new perl releases because of bug #607687, thus I can postpone the update and include this wish too. I ask Marcela on her opinion.

Comment 3 Petr Pisar 2010-07-08 15:34:26 UTC
Marcela agrees, I will take care about it.

Affected: F12, F13, F14.

Comment 4 Petr Pisar 2010-07-09 08:34:27 UTC
perl-CPANPLUS subpackage has the same problem. I'll add the requirement too.

I'm thinking about F14 where we started upgrading bundled packages by adding dual-lived ones. Actually I'm not sure how to deal with this bug. New standalone package meant increasing epoch. I don't like it. I think modifying perl.spec with higher release number is more appropriate in this case. Any suggestions?

Comment 5 Fedora Update System 2010-07-09 11:30:30 UTC
perl-5.10.0-90.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/perl-5.10.0-90.fc12

Comment 6 Fedora Update System 2010-07-09 11:33:20 UTC
perl-5.10.1-114.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/perl-5.10.1-114.fc13

Comment 7 Petr Pisar 2010-07-09 13:46:03 UTC
F14 fixed in perl-5.12.1-126.fc14 by bumping new perl release.

Comment 8 Fedora Update System 2010-07-13 07:28:12 UTC
perl-5.10.0-90.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update perl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/perl-5.10.0-90.fc12

Comment 9 Fedora Update System 2010-07-13 07:33:00 UTC
perl-5.10.1-114.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update perl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/perl-5.10.1-114.fc13

Comment 10 Fedora Update System 2010-07-14 23:06:11 UTC
perl-5.10.1-114.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.