From Fedora Project Wiki

In Fedora we want to ensure that there is always an upgrade path from Fedora release to Fedora release and from Fedora release to the packages in updates. To do that we need to make sure the packages in the newer Fedora releases have an equal or higher Epoch:Version-Release (EVR) than the ones in older releases. For example, Fedora-32 ships with foo-1.0-1.fc32 and Fedora-33 ships with foo-1.0-2.fc33. This example shows that the Fedora-33 package will properly upgrade the Fedora-32 package.

A more complex example. Fedora-32 ships with foo-1.0-1.fc32 and Fedora-33 ships with foo-1.0-2.fc33. Fedora-32 gets an updated foo package: foo-1.0.1-1.fc32. This update is EVR higher than the package Fedora-32 shipped with so that's good. However, it is also EVR higher than what Fedora-33 shipped with so we need to make a Fedora-33 update at the same time, likely: foo-1.0.1-1.fc33. making that update means that someone updating from Fedora-32 with updates enabled will get the correct package on Fedora-33 with updates enabled.

The one time where we temporarily break the upgrade path is from released Fedora to rawhide. It is allowable to temporarily have a higher EVR in a released Fedora vs rawhide in cases where we need to get a fix out to users of the Fedora releases quickly (for instance, for a security issue) but the fixed package does not currently build in rawhide (for instance, because of a change in a dependent library that requires porting effort). The changes should be checked into Fedora's SCM for rawhide although there is not yet a build and getting a rawhide build that restores the upgrade path should be a priority.

rpm's understanding of what package is newer comes from the values of the Epoch, Version, and Release tags. The next few sections explain what values to use in those tags to ensure that the EVR consistently increases.

Version Tag

The Version field in the spec is where the maintainer should put the current version of the software being packaged. If the version is non-numeric (contains tags that are not numbers), you may need to include the additional non-numeric characters in the release field.

There are three cases where the version contains non-numeric characters:

  • Snapshot packages: Packages built from version control snapshots. See Snapshot packages
  • Pre-release packages: Packages released as "pre-release" versions, prior to a "final" version. Example tags include "alpha", "beta", "rc", "cvs". Unfortunately, we cannot simply put these letters into the version tag, so we use the Release field for this. See Pre-release packages.
  • Post-release packages: Packages released after a "final" version. These packages contain the same numeric version as the "final" version, but have an additional non-numeric identifier. See Post-release packages.
Note.png
Non-use of tilde "~"
rpm-4.10 and above support the Debian-style tilde character which causes a piece of the version to sort before anything else. At the moment, using this is not permitted for these reasons:
  • it is not necessary when the following release tag guidelines are followed properly.
  • it introduces another special character to achieve something which can be handled in other ways.

Release Tag

The release tag of packages which are not pre- or post-release or snapshots must consist of a positive integer release number and a %{?dist} tag: 42%{?dist}. When a minor change (spec file changed, patch added/removed) occurs, or a package is rebuilt to use newer headers or libraries, the release number is incremented. If a major change (new version of the software being packaged) occurs, the version number is changed to reflect the new software version, and the release number is reset to 1. It is important to follow these guidelines because automated tools will occasionally be used to increment releases and rebuild packages.

Non-numeric package versions

There are three cases in which the package has a non-numeric version.

Snapshot packages

Snapshot packages are built from a version control system checkout. Information about the snapshot will be called %{snapshot} in this section and is included in the %{release} tag.

%{snapshot} consists of the date that the snapshot is made in YYYYMMDD format, a short (2-5 characters) string identifying the type of revision control system, and up to 13 characters (ASCII) alphanumeric characters identifying the revision in the revision control system.

For instance, if you create a snapshot from a git repository on January 2, 2011 with git hash 9e88d7e9efb1bcd5b41a408037bb7cfd47220a64, %{checkout} string should be:

20110102git9e88d7e

If the package has had no releases yet, use 0 or 0.0 or similar as the version field.

In case of version systems which do not provide a useful snapshot number, omit the revision identifier.

Example for a git package
%global gitcommit ea683512f9b82f2257770f0ed56d819eea230fc2
%global gitdate 20161016
%{?gitcommit:%global gitcommitshort %(c=%{gitcommit}; echo ${c:0:7})}

Version:        1.2.3
Release:        10%{?gitcommit:%{gitdate}.git%{gitcommitshort}}%{?dist}

The release number (10 above) should be bumped for repeated builds of the same version, and %{gitcommit} and %{gitdate} should be updated whenever a new shapshot is used (and the release number reset to 1).

Example for a cvs package
kismet-1.0-1%{?dist} (this is the formal release of kismet 1.0)
kismet-1.0-2%{?dist} (this is a bugfix build to the 1.0 release)
kismet-1.0-3.20050515cvs%{?dist} (move to a post-release cvs checkout)
kismet-1.0-4.20050515cvs%{?dist} (bugfix to the post-release cvs checkout)
kismet-1.0-5.20050517cvs%{?dist} (new cvs checkout, note the increment of %{X})

Pre-release packages

These are cases where the upstream issues a "pre-release" version which has some letters in a suffix to the version. Often this is tags like alpha, beta, rc, or letters like a and b denoting that it is a version before the "final" number. Unfortunately, we cannot simply put these letters into the version tag, so we'll use the Release field for this.

Release Tag for Pre-Release Packages: 0.%{X}.%{alphatag}%{?dist}

Where %{X} is the release number increment, and %{alphatag} is the string that came from the version. In this case, the period '.' is used as the delimiter between the release number increment, and the non-numeric version string. No other extra characters may appear in the Release field. This is to prevent Release values such as "3jpp_2fc.42-spotwashere%{?dist}".

Example (mozilla pre-release)
Source Archive Description
mozilla-1.4a.tar.gz (this is a pre-release, version 1.4a of mozilla)
mozilla-1.4.tar.gz (this is what the 1.4 release will actually look like)
Release Tag Explanation
mozilla-1.4-0.1.a%{?dist} (so, this is the acceptable Fedora %{name}-%{version}-%{release})
mozilla-1.4-1%{?dist} (and this is what the 1.4 release Fedora %{name}-%{version}-%{release} should be)
Example (alsa-lib pre-release)
Source Archive Description
alsa-lib-0.9.2beta1.tar.gz (this is a beta release of alsa-lib, version 0.9.2beta1)
Release Tag Explanation
alsa-lib-0.9.2-0.1.beta1%{?dist} (this is the correct Fedora %{name}-%{version}-%{release})
alsa-lib-0.9.2-0.2.beta1%{?dist} (this is an incremented Fedora %{name}-%{version}-%{release}. Note that the first 0 is not incremented.)
Upgrade Path Example (mozilla)
Release Tag Explanation
mozilla-1.4-0.1.a%{?dist} (this is the Fedora package for 1.4a, as above)
mozilla-1.4-0.2.a%{?dist} (this is the first patch on top of 1.4a)
mozilla-1.4-0.3.a%{?dist} (this is another new patch on top of 1.4a)
mozilla-1.4-0.4.b%{?dist} (this is the first build after upgrade to 1.4b)
mozilla-1.4-0.5.b%{?dist} (this is a new patch on top of 1.4b)
mozilla-1.4-1%{?dist} (this is after moving to 1.4 "final", and to a normal version)
mozilla-1.4-2%{?dist} (this is a new patch on top of 1.4 "final")
Upgrade Path Example (alsa-lib)
Release Tag Explanation
alsa-lib-0.9.2-0.1.beta1%{?dist} (this is the Fedora package for 0.9.2beta1, as above)
alsa-lib-0.9.2-0.2.beta1%{?dist} (this is a new patch on top of 0.9.2beta1)
alsa-lib-0.9.2-0.3.beta2%{?dist} (this is after upgrading to 0.9.2beta2)
alsa-lib-0.9.2-0.4.beta3%{?dist} (this is after upgrading to 0.9.2beta3)
alsa-lib-0.9.2-0.5.beta3%{?dist} (this is a new patch on top of 0.9.2beta3)
alsa-lib-0.9.2-0.6.rc1%{?dist} (this is after upgrading to 0.9.2rc1)
alsa-lib-0.9.2-0.7.rc2%{?dist} (this is after upgrading to 0.9.2rc2)
alsa-lib-0.9.2-1%{?dist} (this is after upgrading to 0.9.2 "final", version becomes normal)
alsa-lib-0.9.2-2%{?dist} (this is a new patch on top of 0.9.2 "final")

Post-Release packages

Like pre-release packages, non-numeric versioned "post-release" packages can be problematic and also must be treated with care. These fall under two generic categories:

  • Properly ordered simple versions. These are usually due to quick bugfix releases, such as openssl-0.9.6b or gkrellm-2.1.7a. As new versions come out, the non-numeric tag is properly incremented (e.g. openssl-0.9.6c) or the numeric version is increased and the non-numeric tag is dropped (openssl-0.9.7). In this case, the non-numeric characters are permitted in the Version: field.
  • When upstream uses versions that attempt to have meaning to humans instead of being easy for a computer to order. For example, GA1, CR2, PR3. In this case, the non-numeric string can be put in the Release: field using the following syntax: %{X}.%{posttag}

In this syntax, %{X} is the release number increment, and %{posttag} is the string that came from the version. Here, the period '.' is used as the delimiter between the release number increment and the non-numeric version string. No other extra characters may appear in the Release field.

Complicated post-release example
foo-1.1.0-0.1.BETA%{?dist}            (this is a prerelease, first beta)
foo-1.1.0-0.2.BETA1%{?dist}           (this is a prerelease, second beta)
foo-1.1.0-0.3.BETA2%{?dist}           (this is a prerelease, third beta)
foo-1.1.0-0.4.CR1%{?dist}             (this is a prerelease, candidate release 1)
foo-1.1.0-0.5.CR2%{?dist}             (this is a prerelease, candidate release 2)
foo-1.1.0-1%{?dist}                   (final release)
foo-1.1.0-2.GA1%{?dist}               (post release, GA1)
foo-1.1.0-3.CP1%{?dist}               (post release, CP1, after GA1)
foo-1.1.0-4.CP2%{?dist}               (post release, CP2, after CP1)
foo-1.1.0-5.SP1%{?dist}               (post release, SP1, after CP2)
foo-1.1.0-6.SP1_CP1%{?dist}           (post release, SP1_CP1, after SP1)

It is important to be careful with the post-release scheme, to ensure that package ordering is correct. When the post-release tag is included in %{dist}, this property will be satisfied.

The %{?dist} Tag

Use of the %{?dist} tag in the Release field is mandatory. Please refer to the Packaging:DistTag documentation for the details on the appropriate way to do this.

Minor release bumps for old branches

Sometimes, you may find yourself in a situation where an older branch needs a fix, but the newer branches are fine. For example, if foo = 1.0-1%{?dist} in F32 and F33, and only F32 needs a fix. Normally, you would need to bump the release in each of the branches to ensure that F32 < F33, but that is a waste of time and energy for the newer branches which do not need to be touched.

In this case, you can add an extra digit (prefixed by a period) to the very end of the release tag in the F32 branch, instead of bumping it the usual way.

Example
Release: 1%{?dist}                  (old)
Release: 1%{?dist}.1                (new)

This will make a foo-1.0-1.fc32.1 package, which is still less than the foo-1.0-1.fc33 package in the F33 branch.

As necessary, the last digit (the minor release bump) can be incremented on a per-branch basis as needed. However, this must never be used in rawhide, because it is always unnecessary there. Simply increment the appropriate portion of Release: in rawhide.


BE CAREFUL WITH THIS! You always want to make sure that packages in branches can be upgraded to packages in more recent branches. Or to put it simply, F32 < FC33 < F34. There is a tool in the rpmdevtools package called rpmdev-vercmp. This tool will prompt you for two sets of Epoch, Version, and Release, then tell you which is considered newer by rpm.