Roadmap
-
Milestone: Hard flag day changes for Fedora 11
4 months late (03/01/09)
Stuff that requires an .sqlite schema change:
List full filelists as single entries (faster), also include file checksums
Yum API breakage?
rpm bindings change
remove some deprecated stuff.
-
Stuff that is going to be turned on for Fedora 11, but basically complete:
Turn repo. gpgkey checking on by default
-
Milestone: James' random stuff
No date set
This is the main stuff to do for Fed-11, just so I don't forget in my old age
- help deal with the pycurl joyness
- move yum-security APIs into yum, so you can easily get that data
- history DB
- client/server x509
- https proxy joy for metalinks
-
Milestone: Locking / sharing
No date set
We have a couple of usecases we want to fix, in decending order:
1. Download new packages in the background (while other commands can run).
2.
Don't have "yum provides /blah" fail for normal users, when filelists doesn't exist (etc.)3.
Don't download data multiple times, when running repoquery as the user vs. root.4. Be able to run two commands at once, for a single user.
...the obvious conclusion people see is that we need to go straight for #4 which thus. requires no locking, or "fine grained locking" which is hard (think two runs trying to use different repomd.xml on a repo, dito different sets of repos ... and always remembering --repofrompath).
However I have a "let's cheat and fake it proposal":
. 2 is just use misc.getCacheDir() for non-root instead of it implying -C, this fixes 2 but makes 3 worse.
. 3 means we have to do some work so we sync. between the "master" cachedir and getCacheDir() cachedirs better, the biggest problem/reward here is foo.sqlite existing in the master when we are looking for foo.sqlite.bz2 ... but there are other edge cases.
. 1 after we have 3, the easiest way to do this is to allow the code to do the sync in the other direction. Then we download packages to a local getCacheDir() type place and sync. back to the "master". rename is atomic, and we are just adding packages ... syncing back metadata is more problematic, but we could have a "/tmp" cache type thing.
. 4 could then be done by having the yum run from a getCacheDir() when the lock exists.
-
- rpmlib - We have two "interesting" problems here:
- If we put the rpmlib data into in the repomd.xml, then you can't use the "common" usecase of "release new rpm supporting, but not using, feature X. Also release new rpms using feature X". Here you can just update rpm, and then work as normal.
- If we put the rpmlib data into primary (or some addon that's per. package), then we waste a lot of space for no reason (we already filter it for this reason).
- I have a patch at http://james.fedorapeople.org/yum/patches/rpmlib-first-hack.patch ... which "works" for localinstall rpms. One possible solution is to have a list of rpmlib deps. that all pkgs in the repo. require, and then let in anything not in that set into the primary. This is not trivial.
- i18n search (probably == per. locale primary?)
- rpmlib - We have two "interesting" problems here:
-
Milestone: More than one machine
No date set
Work out some way to deal with more than one machine at once:
ssh/func/blah?
query UI, which machines have security updates, which need updates for BZ 123?
operate UI, make group X like box Y, fix group Y for BZ 123?
yum-debug-dump integration?
-
Milestone: Network code
No date set
Finish metalinks and use them by default in yum, this way we'll get the checksuma and lengths of repomd.xml
Start git repo. for urlgrabber replacement (objgrabber?)
Move backend urlgrabber like code to use libcurl.
Pass in name/url/checksum/len/etc. Have backend fail early if we go over our given length.
Make sure presto still works (and doesn't eat CPU).
Add APIs to allow async downloads of multiple objects.
Ability to share downloaded data over local network, avahi etc.
Dynamic fastest mirror instead of basing everything on one connect().
Make sure spacewalk works.
Deal with 503s.
-
Move from having one global list of package keys to having per. repo. package keys, using the same set of keys as the repo. signing.
-
NSS/FIPS checksums for packages (ie. sha256 instead-of/as-well-as sha1). Hack this in via. sha256:... in checksum column.CA cert checking integrated (both ways).
