Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 612563 - RFE: Let perl-CPAN Require: perl(Digest::SHA)
RFE: Let perl-CPAN Require: perl(Digest::SHA)
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: perl (Show other bugs)
13
All Linux
low Severity medium
: ---
: ---
Assigned To: Petr Pisar
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 640716
  Show dependency treegraph
 
Reported: 2010-07-08 10:25 EDT by Ralf Corsepius
Modified: 2010-10-06 12:59 EDT (History)
8 users (show)

See Also:
Fixed In Version: perl-5.10.1-114.fc13
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 640716 (view as bug list)
Environment:
Last Closed: 2010-07-14 19:06:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ralf Corsepius 2010-07-08 10:25:55 EDT
Description of problem:

/usr/bin/cpan strongly suggests to install "Digest::SHA".

Fedora's perl-CPAN, however doesn't depend on "perl(Digest::SHA)", 
i.e. users will be tempted to manually install Digest::SHA

Note: We are talking about Fedora+cpan users. It's this group of users, which at least I consider to be specially susceptible to using cpan instead of using rpm-packaged perl-modules.

Version-Release number of selected component (if applicable):
perl-5.10.1-112.fc13.x86_64

How reproducible:
Always

Steps to Reproduce:
1. yum install perl-CPAN
2. /usr/bin/cpan
3. get Test
  
Actual results:

cpan issues a "strong suggestion":
...
  CPAN: checksum security checks disabled because Digest::SHA not installed.
  Please consider installing the Digest::SHA module.



Expected results:
cpan not to issue such warning and to behave "safe by default".
Comment 1 Tom "spot" Callaway 2010-07-08 10:29:46 EDT
Seems sensible to me.
Comment 2 Petr Pisar 2010-07-08 10:41:42 EDT
As I'm usually against rich dependencies, however I can do that. I have prepared new perl releases because of bug #607687, thus I can postpone the update and include this wish too. I ask Marcela on her opinion.
Comment 3 Petr Pisar 2010-07-08 11:34:26 EDT
Marcela agrees, I will take care about it.

Affected: F12, F13, F14.
Comment 4 Petr Pisar 2010-07-09 04:34:27 EDT
perl-CPANPLUS subpackage has the same problem. I'll add the requirement too.

I'm thinking about F14 where we started upgrading bundled packages by adding dual-lived ones. Actually I'm not sure how to deal with this bug. New standalone package meant increasing epoch. I don't like it. I think modifying perl.spec with higher release number is more appropriate in this case. Any suggestions?
Comment 5 Fedora Update System 2010-07-09 07:30:30 EDT
perl-5.10.0-90.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/perl-5.10.0-90.fc12
Comment 6 Fedora Update System 2010-07-09 07:33:20 EDT
perl-5.10.1-114.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/perl-5.10.1-114.fc13
Comment 7 Petr Pisar 2010-07-09 09:46:03 EDT
F14 fixed in perl-5.12.1-126.fc14 by bumping new perl release.
Comment 8 Fedora Update System 2010-07-13 03:28:12 EDT
perl-5.10.0-90.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update perl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/perl-5.10.0-90.fc12
Comment 9 Fedora Update System 2010-07-13 03:33:00 EDT
perl-5.10.1-114.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update perl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/perl-5.10.1-114.fc13
Comment 10 Fedora Update System 2010-07-14 19:06:11 EDT
perl-5.10.1-114.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.