RPM 4.20.0 Release Notes (DRAFT)

Last update: 2024-05-20


  • Source: rpm-4.19.91.tar.bz2
  • SHA256SUM: 8c3831ceacf8270060e2f8fffd128856755086eb3c9e8c9d1be75dd1ce508512


UI & Performance

  • New --list and --delete commands to rpmkeys(8)
  • New --json query format, as a more readable alternative to --xml
  • A new low-level package dump utility, installed as /usr/lib/rpm/rpmdump
  • The rpm2archive(8) utility now supports cpio file format, replacing the implementation of rpm2cpio(8) which is now installed as a symlink to the former
  • The ${XDG_CONFIG_HOME}/rpm directory is now the preferred location when loading per-user macro configuration (#2153)
  • A new plugin rpm-plugin-unshare(8) that allows for using various Linux-specific namespace-related technologies inside transactions, such as to harden and limit scriptlet access to resources (#2632, #2665)
  • brp-strip no longer attempts to process Ruby, Python or Javascript files, making it more efficient and faster, especially where I/O is expensive (such as in container builds)
  • The plugin API is now public (#1536)

SPEC & Package Building

  • Support for declarative buildsystems (#1087)
  • A per-package build directory that’s fully RPM-controlled is now used and exposed as the new %builddir macro at build time (#2078)
  • Support for SPEC-local file attributes and generators (#782)
  • Build scriptlets (such as %build, %install or %check) can now be augmented arbitrary number of times by appending or prepending to them with the new -a and -p options
  • A new -C option in %autosetup which ensures that the sources will be extracted in the root of the build directory (#2664)
  • File trigger scripts now receive package count arguments, much like regular triggers (#2755)
  • Comments (starting with a #) after SPEC conditionals are now legal syntax. These were previously allowed due to a SPEC parser bug but would still trigger a build warning. (#829)
  • Indentation is now allowed for SPEC tags (#2927)
  • Group membership lines are now supported in sysusers.d(5) files
  • Distributions can now override build conditionals (%bcond) system-wide with the new %{bcond_override_default NAME VALUE} macro
  • A new multi-file protocol allowing for much faster dependency generation
  • Better support for reproducible builds. It’s now possible to set a timestamp handling policy via the new macro %build_mtime_policy. Two policies are currently available; one for clamping the timestamps to $SOURCE_DATE_EPOCH (which deprecates and replaces the %clamp_mtime_to_source_date_epoch macro) and one for clamping them to the build time (this is a new feature). Set the macro to clamp_to_source_date_epoch or clamp_to_buildtime to use the respective policy. Additionally, build time is now exposed to build scriptlets via the new $RPM_BUILD_TIME environment variable and can also be overridden manually via the new %_buildtime macro.
  • Proper distribution-agnostic debuginfo enablement logic (#2204). Distributions no longer need to override the %install section with a macro in order to inject the %debug_package boilerplate themselves. Debuginfo generation is now handled automatically and properly using Dynamic Specs, and is enabled on Linux by default.

Bug & Regression Fixes

  • Regression: Packages with unsupported usage of the %config flag (e.g. with directories), such as those made with the gradle plugin, no longer fail to install (#2890)
  • Regression: Ensure binary and source headers are identified as such in rpmspec queries (#2819)
  • Regression: Never use current user info or file ownership during build (#2604)
  • Regression: Fix dependency generators sometimes dying with SIGPIPE (#2949)
  • Ignore non-scriptlet weak dependencies in ordering (#1346)
  • Ensure rpmbuild’s cleanup doesn’t fail due to permissions (#2519)
  • Let eBPF ELF files be packaged in noarch packages (#2875)
  • Really allow qualifiers like pre/post/meta for weak dependencies (#624)
  • Set git commit dates in %autosetup -S git based on $SOURCE_DATE_EPOCH (#9)
  • Issue a warning when passing arguments to non-parametric macros (#2932)
  • Make %dirname and %basename behave like dirname(3) and basename(3) (#2928)
  • Run build scriptlets with closed stdin to enforce unattended builds
  • Fix possible build configuration inconsistency when both BuildArch and --target are used (#3049)
  • Always create %specpartsdir on build (#3063)

Internal Cleanup

  • The internal OpenPGP parser has been removed. RPM can now also be built completely without OpenPGP support (i.e. without Sequoia) to allow for easier bootstrapping, see the INSTALL file for details. (#2414)
  • The Python bindings have been ported to the stable Python ABI (#2345)
  • The Perl dependency generators have been split out of the main repository (#2873)

Compatibility Notes

  • The %patchN macro syntax (where N is a patch number) is now obsolete and will produce a build error. Use %patch N (or %patch -P N) instead.
  • In order to enable debuginfo generation during package builds, distributions have historically been using a hack that overrides the %install section with a macro that injects the %debug_package boilerplate into it. With RPM now gaining native support for debuginfo enablement, this hack is no longer supported (see #2204 for details). Distributions carrying such a macro are now kindly asked to remove it. As an example of what the (now obsoleted) macro might look like, here’s a definition shipped by the redhat-rpm-config package in Fedora 40:

    %install %{?_enable_debug_packages:%{?buildsubdir:%{debug_package}}}\

    Note that the %__debug_package macro continues to be automatically set to 1 when debuginfo generation is enabled and thus can be relied upon without any changes.

  • The %clamp_mtime_to_source_date_epoch macro is now deprecated in favor of %build_mtime_policy set to clamp_to_source_date_epoch.
  • Non-comment text (i.e. not starting with a #) after SPEC conditionals is now a build error.
  • Python 3.7 (when enabled) is now the minimum build requirement.