Is pkgng supposed to upgrade a dependency of a locked package?
paul at gromit.dlib.vt.edu
Thu Jul 18 12:42:33 UTC 2013
I am using pkgng 1.1.4_1 on RELENG_9 (r252725), operating on a local repo I maintain using poudriere 3.0.4.
Recently, I wanted to upgrade all packages on a client except two whose update I want to defer for now as they potentially impact locally-developed applications. I figured I would use the pkgng "lock" functionality on those two packages (apache-solr and py27-Jinja2) to prevent them from being updated. I ran "pkg upgrade" on the client and, as expected, the locked packages weren't upgraded. However, I was surprised to see that packages upon which the locked packages depended were upgraded. Unless I'm misunderstanding something, the man page for pkg-lock states this should not happen:
The impact of locking a package is wider than simply preventing modifica-
tions to the package itself. Any operation implying modification of the
locked package will be blocked. This includes:
o Deletion, up- or downgrade of any package the locked package depends
upon, either directly or as a consequence of installing or upgrading
some third package.
In my case, the following dependencies of apache-solr were updated, even though apache-solr is locked: java-zoneinfo: 2013.c -> 2013.d; libXi: 1.7.1_1,1 -> 1.7.2,1; libXrender: 0.9.7_1 -> 0.9.8; and openjdk: 7.21.11 -> 7.25.15. In the case of the locked py27-Jinja2, these dependencies were updated: gettext: 0.18.1.1_1 -> 0.18.3; and py27-MarkupSafe: 0.15 -> 0.18. Dependency information in the two locked packages was updated to reflect these new, upgraded dependencies.
Is this a bug, or am I misreading the man page?
More information about the freebsd-questions