What Is Depcheck?

Depcheck was created to detect package builds with broken dependencies. As the test matures, it will eventually be a part of the rel-eng process to prevent broken builds from being pushed to the testing or stable package repositories.

How Does Depcheck Work?

Depcheck uses libsolv to compute package dependencies of proposed updates and evaluates whether these dependencies are satisfied. Always the whole set of builds submitted to a certain repository (fedora, updates or updates-testing) is considered together -- even though Bodhi update should be completely standalone, depcheck will be able to find and resolve dependencies between individual updates, as long as they are submitted together (request to be pushed to the same repository at the same time).

Known deficiencies

At the moment, depcheck only decides whether each of the submitted builds is installable. This is equivalent to trying to install that build into a completely empty environment (no RPM packages pre-installed). If some other package build (that is already present in the target repository) gets broken as a result of this, that's not currently detected by depcheck.

Understanding Failures

Missing requirements

Looking at an example log, we see the following highlight:

not ok - $CHECKNAME for Bodhi update octomap-1.6.6-3.fc20	# FAIL 
  ---
  arch: x86_64
  details:
    output: |-
      Build octomap-1.6.6-3.fc20 failed depcheck
      package octomap-octovis-devel-1.6.6-3.fc20.x86_64 requires liboctovis.so.1.6()(64bit), but none of the providers can be installed

<snip>

package dynamic-edt-3d-devel-1.6.6-3.fc20.i686 requires dynamic-edt-3d(x86-32) = 1.6.6-3.fc20, but none of the providers can be installed
      nothing provides /usr/sbin/ldconfig needed by dynamic-edt-3d-1.6.6-3.fc20.i686
  item: octomap-1.6.6-3.fc20
  outcome: FAILED
  type: bodhi_update

In this case, octomap requires the shared library liboctovis.so.1.6. At the time the test ran, the shared library liboctovis.so.1.6.so was not provided by any available package.

"Not Found" errors

Look at the following excerpt:

SKIPBROKEN:  --> Package: erlang-js-0.5.0-2.fc15.x86_64 (f15)
  -->     Requires: libjs.so.1()(64bit)
  -->     Removing: js-1.70-13.fc15.x86_64 (f15)
  -->         libjs.so.1()(64bit)
  -->     Updated By: 1:js-1.8.5-6.fc15.x86_64 (pending)
  -->         Not found

Build erlang-js-0.5.0-2.fc15.x86_64 has broken dependencies. It requires libjs.so.1()(64bit) which is provided by js-1.70-13.fc15.x86_64. But the js package is about to be updated (as part of this or some other update request) to 1:js-1.8.5-6.fc15.x86_64. And the latter build does not provide libjs.so.1()(64bit), thus it is marked as Not found.

Let's confirm:

$ repoquery -q --provides js-1.70-13.fc15.x86_64  | grep libjs
libjs = 1.70-13.fc15
libjs.so.1()(64bit)
$ repoquery -q --provides js-1.8.5-6.fc15.x86_64  | grep libjs
libjs = 1.8.5-6.fc15

As you can see, by updating the js package the dependencies of erlang-js would be broken and that it the reason why depcheck rejected this update.

Conflicts

Errors caused by packages conflicting each other should be ignored at the moment. The problem lies in the current implementation of depcheck, in which we 'bend' yum into believing that all the packages are installed at once, and then let it run its depsolver. This means, that if two (or more) packages conflict each other, then yum refuses to install them, and so they get rejected.

SKIPBROKEN: 1:grub-0.97-77.fc16.x86_64 from pending has depsolving problems
SKIPBROKEN:  --> grub conflicts with 1:grub2-1.99-2.fc16.x86_64

Fixing Failures

Fortunately, the fixes for depcheck errors tend to be relatively straight-forward and tend to fall into one of two categories listed below.

1. Problems caused by your package
   Examine any changes to Provides, Requires or BuildRequires in the spec file. Ensure correct spelling of all dependencies and confirm that any changed requirements do resolve for the appropriate release. If the dependencies of your package have not changed, it's possible that other packages no longer satisfy the dependencies as expected. Read below for further guidance.
   The command repoquery is helpful to track dependencies.
2. Problems caused by other package(s)
   If your package failed because the dependencies of other packages changed (features they were providing changed or were removed), update the requirements of your package or consult with maintainers of the corresponding packages.

Other

Ignored builds

Sometimes, you'll encounter list of "ignored builds" in the report. First of all - do not be alarmed, it is not a wrong state (and we don't mark updates as FAILED if ignored builds occur). The ignored status usually means, that the update was probably changed, and more builds were added, and since we do some 'weird magic' with yum's database of installed packages, these are not recognized as updates, because these were tested in previous runs of Depcheck.

Getting Help

If you still don't understand why your update failed the test, if you think there's something wrong in our test or its documentation or if you have any other suggestions, please contact us.

Additional Information

• Depcheck source code