Packaging linutil for fedora

[solomoncyj]

Describe the bug

Tracker issue for packaging of linutil for fedora

i am packing for fedora. currently we are in dependency hell. the seial-* crates are so old that the packages in the fedora repo are too new and have to repackage everting, the tree sitter packages are of date in the repos. staging copr: https://copr.fedorainfracloud.org/coprs/solomoncyj/rust buglist: https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&columnlist=product%2Ccomponent%2Cassigned_to%2Cstatus%2Csummary%2Clast_change_time%2Cseverity%2Cpriority&email1=solomoncyj%40gmail.com&emailreporter1=1&emailtype1=substring&list_id=13517944&order=status%2C%20priority%2C%20assigned_to%2C%20id%2C%20&query_format=advanced&short_desc=rust&short_desc_type=anywordssubstr

[lj3954]

the seial-* crates are so old

Do you absolutely need to package these subdependencies? That seems rather unnecessary and unreasonable; 158 total dependencies exist within the tree.

[solomoncyj]

the seial-* crates are so old

Do you absolutely need to package these subdependencies? That seems rather unnecessary and unreasonable; 158 total dependencies exist within the tree.

i have pretty much managed to make everyting to build accept for portable-pty , and by proxy, rust-tui-term du to them using outdated dependencies. in fedora, we are required to pacakge all dependencies https://docs.fedoraproject.org/en-US/packaging-guidelines/Rust/

[LecrisUT]

the seial-* crates are so old

Do you absolutely need to package these subdependencies? That seems rather unnecessary and unreasonable; 158 total dependencies exist within the tree.

Fedora packager here. Yes, this is the packaging model used in Fedora right now, i.e. de-vendoring the dependencies. As distributors we need to track and patch CVEs in a timely manner across multiple packages, do some downstream-only changes like using the openssl library managed by Fedora packagers, and other such changes.

Regarding the dependency hell, this is primarily a burden on us the packagers and we will investigate this between us, and we will come back when there are more specific issues that would need to be investigated.

[cartercanedy]

@LecrisUT I understand the point about vuln patching, but there's just no way that we're going to be able to dynamically link all of the C apis that are used. Libraries like git2-rs have the ability to forgo the vendored libgit2 with a feature flag, but others like treesitter are statically linked with no alternative. We don't use libgit2, though, so that is given purely as an example

[cartercanedy]

@solomoncyj if you'd like to comb through all of the wrapper deps and investigate dynamic linking in the current set of dependencies, you're welcome to open a PR with reasonable changes. Please take a look at the contribution guide for further guidelines on drafting your PR

[solomoncyj]

@cartercanedy all dependencies are ready to be packaged, just waiting for the merge train to get started

[Nicky-M]

Hi, I am running Fedora 41 and when I try to install linutil, I do get this error. Thanks a lot.

[lj3954]

Hi, I am running Fedora 41 and when I try to install linutil, I do get this error. Thanks a lot.

Please open a separate issue for that, it has no relation to this tracking issue.

[Nicky-M]

Ok I will. Sorry.