As there is some discussion of whether the ELF dependency generator
should
use the full version string presented by the library file name's suffix, or
should assume a SemVer-style major.minor and truncate the requirement to the
first two dot-separated numbers, questions about rpminspect come to mind:
I see that rpminspect is run in Fedora CI for updates. For example,
libnghttp2:
https://bodhi.fedoraproject.org/updates/FEDORA-2022-888dfc8170
https://artifacts.dev.testing-farm.io/627326f9-7f83-4d0b-aca0-68c50c5e9b09/
Looking at this result, I think I see one bug and one RFE.
First, the bug. From these results, it looks like rpminspect is only
comparing the primary package to the old build. I do see a result for the
package "nghttp2", but I don't see an rpminspect result for
"libnghttp2".
Are sub-packages not tested, or are the results simply not exposed? (Or am
I simply missing the path to find them?)
Second, the RFE: I am assuming that this test raises an error if abidiff
reports a breaking change between two packages (either a bumped soname, or a
removed or changed symbol without an soname bump.) In order to make the ELF
dependency generator reliable if it truncates versions to a major.minor
style version, would it be possible for the tooling to detect a
backward-compatible change (a new symbol) that didn't also increment the
major.minor version?
Should I report those in bugzilla, and if so, against what component?