Retire Orphaned Packages

Description

Every release prior to the Feature Freeze/Branching Release Engineering retires orphaned packages. This keeps out unowned software and prevents future problems down the road.

Action

The orphan process takes place in stages:

  1. Detecting a list of orphans and the dependencies that will be broken if the orphans are removed.

  2. Sending the list of potential orphans to [email protected] for community review and removal from the orphan list.

  3. Retriring packages nobody wants to adopt.

Detecting Orphans

A script called find_unblocked_orphans.py assists in the detection process. It should be run on a machine that has koji and python-fedora installed. It runs without options and takes a while to complete.

find_unblocked_orphans.py is available in the Release Engineering git repository

Announcing Packages to be retired

find_unblocked_orphans.py outputs text to stdout on the command line in a form suitable for the body of an email message.

$ ./find-unblocked-orphans.py > email-message

Email the output to the development list ([email protected]) at least a month before the feature freeze, send mails with updated lists as necessary. This gives maintainers an opportunity to pick up orphans that are important to them or are required by other packages.

Retiring Orphans

Once maintainers have been given an opportunity to pick up orphaned packages, the remaining packages are retired

Bugs

This procedure probably leaves open bugs for the retired packages behind. It is not within the scope of release engineering to take care of these. If bugs are closed, only bugs targeted at Rawhide should be affected, since other branches might still be maintained.

Verification

To verify that the packages were blocked correctly we can use the latest-pkg koji action.

$ koji latest-pkg dist-f41 wdm

This should return nothing, as the wdm package is blocked.

Consider Before Running

Generally we retire anything that doesn’t leave broken dependencies. If there are orphans whose removal would result in broken dependencies a second warning should be sent to [email protected] and to <package>-[email protected] for each dependent package.

Allow another couple of days for maintainers to take notice and fix these package so the package repository can be maintained without broken dependencies or needing to the package. It is not good to have broken package dependencies in our package repositories so every effort should be made to find owners or to fix the broken dependencies.