RPM 4.20.0 Beta Release Notes (DRAFT)
Last update: 2024-06-24
Download
- Source: rpm-4.19.92.tar.bz2
- SHA256SUM: 3574f88f952e0c16c87a87692ad987b785a923148237e1e75e015a9c4e7d694e
Enhancements
UI & Performance
- New
--list
and--delete
commands torpmkeys(8)
- New
--json
query format, as a more readable alternative to--xml
- A new low-level package dump utility, installed as
/usr/lib/rpm/rpmdump
- The
rpm2archive(8)
utility now supports cpio file format, replacing the implementation ofrpm2cpio(8)
which is now installed as a symlink to the former - The
${XDG_CONFIG_HOME}/rpm
directory is now the preferred location when loading per-user macro configuration (#2153) - Support package signing with ECDSA keys
- Improved error messages on URL helper failures (#2683)
- A new plugin
rpm-plugin-unshare(8)
that allows for using various Linux-specific namespace-related technologies inside transactions, such as to harden and limit scriptlet access to resources (#2632, #2665) - The plugin API is now public (#1536)
SPEC & Package Building
- Support for declarative buildsystems (#1087)
- A per-package build directory that’s fully RPM-controlled is now used and exposed as the new
%builddir
macro at build time (#2078) - Support for SPEC-local file attributes and generators (#782)
- The
%prep
section is now implemented as a regular build scriptlet (instead of being treated specially by the spec parser). This fixes #1870 as well as makes the behavior consistent with the other spec sections. - Build scriptlets (such as
%build
,%install
or%check
) can now be augmented arbitrary number of times by appending or prepending to them with the new-a
and-p
options - A new
-C
option in%autosetup
which ensures that the sources will be extracted in the root of the build directory (#2664) - File trigger scripts now receive package count arguments, much like regular triggers (#2755)
- Comments (starting with a
#
) after SPEC conditionals are now legal syntax. These were originally allowed due to a SPEC parser bug but in recent versions triggered a build warning. (#829) - Indentation is now allowed for SPEC tags (#2927)
- Group membership lines are now supported in
sysusers.d(5)
files - Distributions can now override build conditionals (
%bcond
) system-wide with the new%{bcond_override_default NAME VALUE}
macro - A new multi-file protocol allowing for much faster dependency generation
- Better support for reproducible builds. It’s now possible to set a timestamp handling policy via the new macro
%build_mtime_policy
. Two policies are currently available; one for clamping the timestamps to$SOURCE_DATE_EPOCH
(which deprecates and replaces the%clamp_mtime_to_source_date_epoch
macro) and one for clamping them to the build time (this is a new feature). Set the macro toclamp_to_source_date_epoch
orclamp_to_buildtime
to use the respective policy. Additionally, build time is now exposed to build scriptlets via the new$RPM_BUILD_TIME
environment variable and can also be overridden manually via the new%_buildtime
macro. - Proper distribution-agnostic debuginfo enablement logic (#2204). Distributions no longer need to override the
%install
section with a macro in order to inject the%debug_package
boilerplate themselves. Debuginfo generation is now handled automatically and properly using Dynamic Specs, and is enabled on Linux by default. brp-strip
no longer attempts to process Ruby, Python or Javascript files, making it more efficient and faster, especially where I/O is expensive (such as in container builds)
Bug & Regression Fixes
- Regression: Packages with unsupported usage of the
%config
flag (e.g. with directories), such as those made with the gradle plugin, no longer fail to install (#2890) - Regression: Ensure binary and source headers are identified as such in rpmspec queries (#2819)
- Regression: Fix dependency generators sometimes dying with
SIGPIPE
(#2949) - Never use current user info or file ownership during build (#2604)
- Ignore non-scriptlet weak dependencies in ordering (#1346)
- Ensure rpmbuild’s cleanup doesn’t fail due to permissions (#2519)
- Let eBPF ELF files be packaged in noarch packages (#2875)
- Really allow qualifiers like pre/post/meta for weak dependencies (#624)
- Set git commit dates in
%autosetup -S git
based on$SOURCE_DATE_EPOCH
(#9) - Use UTC timezone when uncompressing zip archives for consistency (#2955)
- Issue a warning when passing arguments to non-parametric macros (#2932)
- Fix multiply defined local macros escaping scope (#3056)
- Fix %quote macro special characters leaking to the outside
- Fix %shescape macro to escape all arguments
- Make
%dirname
and%basename
behave likedirname(3)
andbasename(3)
(#2928) - Run build scriptlets with closed stdin to enforce unattended builds
- Automatically load proper platform configuration on
BuildArch
when--target
is not used (#3049) - Always create
%specpartsdir
on build (#3063) - Multiple fixes to the archives created by
rpm2archive
.
Internal Cleanup
- The internal OpenPGP parser has been removed. RPM can now also be built completely without OpenPGP support (i.e. without Sequoia) to allow for easier bootstrapping, see the INSTALL file for details. (#2414)
- The Python bindings have been ported to the stable Python ABI (#2345)
- The Perl dependency generators have been split out of the main repository (#2873)
Compatibility Notes
- The
%patchN
macro syntax (whereN
is a patch number) is now obsolete and will produce a build error. Use%patch N
(or for maximum compatibility,%patch -P N
) instead. -
Since
%prep
is now a regular build scriptlet,%setup
and%patch
are now real macros as well, and are therefore expanded even inside comments. This can lead to unexpected build failures for specs that have these macros commented out but not escaped, for example:#%setup -n foobar
This will result in the following error:
cd: foobar: No such file or directory
To fix this, you must escape the macro properly as documented here, for example:
%dnl %setup -n foobar
-
In order to enable debuginfo generation during package builds, distributions have historically been using a hack that overrides the
%install
section with a macro that injects the%debug_package
boilerplate into it. With RPM now gaining native support for debuginfo enablement, this hack is no longer supported (see #2204 for details). Distributions carrying such a macro are now kindly asked to remove it. As an example of what the (now obsoleted) macro might look like, here’s a definition shipped by the redhat-rpm-config package in Fedora 40:%install %{?_enable_debug_packages:%{?buildsubdir:%{debug_package}}}\ %%install\ %{nil}
Note that the
%__debug_package
macro continues to be automatically set to1
when debuginfo generation is enabled and thus can be relied upon without any changes. - The
%clamp_mtime_to_source_date_epoch
macro is now deprecated in favor of%build_mtime_policy
set toclamp_to_source_date_epoch
. - Non-comment text (i.e. not starting with a
#
) after SPEC conditionals is now a build error. - Lua functions posix.fork(), posix.exec(), posix.wait() and rpm.redirect2null() are deprecated. Use rpm.execute() instead.
- Python 3.7 (when enabled) is now the minimum build requirement.