schierlm
commented
2 years ago Thanks for the feedback and thanks for writing botch. To be honest, I was not really sure if I can get botch to output what I want (i.e. treat alternative packages or virtual packages as alternatives and not as "all of them needed"), so I went for the slower route and ran the resolver.
The first link definitely looks great. And it mostly confirmes the "Big ball of mud" findings.
The background of my analyis was (completely unrelated to Debian) to find "evil" packages like GNAT which cannot be compiled without having that exact same package already compiled (possibly for a different architecture), or GNU Autogen (which is partially generating its pregenerated source code using itself). Therefore being a risk for Ken Thompson's Trusting Trust attack. I.e. more about theoretical bootstrappability than actual real-world implications (while fixing them would also be good).
Debian seemed to be a good choice for me, as it is a large distro with lots of tools, and there were already some tools to analyze its dependency graph. Yet the big ball of mud makes it hard to actually find those problematic packages (e.g. dependencies to cdbs or some debian helper tools are totally irrelevant for me).
From my understanding the debian-cross mailinglist focuses more on "real-world" implications when cross-compiling Debian for a new architecture, i.e. GNAT is no problem as you can build a cross-GNAT for the target architecture and then compile GNAT for it. GCC is no problem for us either, since there exist bootstrap paths from GNU Mes as well as from M2-Planet C-compiler to build gcc.
When you are interested in those goals as well, you are also welcome to join in #bootstrappable on Libera.Chat (logs at http://logs.guix.gnu.org/bootstrappable) or on the bootstrappable@freelists.org mailing list (https://www.freelists.org/list/bootstrappable).
josch
Hi, I was just made aware of this repo by Paul Wise. It seems that you came to the same conclusion as we did 10 years ago when I wrote botch. :)
A analysis of the dependency graph is also generated weekly here: https://bootstrap.debian.net/botch-native/amd64/stats.html
Since then, a lot has happened in Debian with respect to bootstrappability. Most notably we now have the rebootstrap tool by Helmut Grohne which is currently used to bootstrap Debian for new architectures and generally as a QA tool to find out when changes to packages introduce regressions.
Related, there is also efforts to reduce the set of Essential:yes packages: https://wiki.debian.org/Proposals/EssentialOnDiet https://salsa.debian.org/debian/grow-your-ideas/-/issues/20
The biggest blocker for cross-compilation is probably gcc-for-host: https://bugs.debian.org/666743
Feel free to drop by our IRC channel #debian-bootstrap on OFTC or our mailing list debian-cross@lists.debian.org -- whatever your interest in the realm of bootstrappability, we'd love to collaborate. :)