[CentOS-devel] freetype package missed in repo

Fri Aug 20 16:50:21 UTC 2021
Johnny Hughes <johnny at centos.org>

On 8/4/21 5:21 PM, Nico Kadel-Garcia wrote:
> On Wed, Aug 4, 2021 at 8:01 AM Josh Boyer <jwboyer at redhat.com> wrote:
>> On Wed, Aug 4, 2021 at 6:14 AM Leon Fauster via CentOS-devel
>> <centos-devel at centos.org> wrote:
>>> On 04.08.21 03:33, Nico Kadel-Garcia wrote:
>>>> On Tue, Aug 3, 2021 at 7:49 PM Leon Fauster via CentOS-devel
>>>> <centos-devel at centos.org> wrote:
>>>>> I wonder why this package not available anymore?
>>>>> # LANG=C yum reinstall freetype
>>>>> Last metadata expiration check: 1:04:59 ago on Wed Aug  4 00:38:21 2021.
>>>>> Installed package freetype-2.9.1-5.el8.x86_64 (from baseos) not available.
>>>>> Error: No packages marked for reinstall.
>>>>> Any clues?
>>>> Because the CentOS 8.4 package is freetype-2.9.1-4, according to the
>>>> local mirrors. Did you perhaps install that from a CentOS 8 Stream
>>>> repo?
>>> Here my context: I am comparing two nodes
>>> based on CS8 (Centos 8 Stream ). One have
>>> freetype-2.9.1-5.el8.x86_64
>>> and the other have
>>> freetype-2.9.1-4.el8_3.1.x86_64
>> At one point in time during RHEL 8.4 development, freetype-2.9.1-5.el8
>> was set to be shipped.  However, it only fixed a CVE and that CVE was
>> already fixed by the freetype-2.9.1-4.el8_3.1 that as shipped as part
>> of a batch update.  There was no reason to ship a build that didn't do
>> anything, so it was dropped on the RHEL side.
> This  kind of behavior is a powerful reminder of one of the problems
> of CentOS 8 Stream. Has there *ever* been a CentOS package published
> and then yanked back from the public repos before? I can't think of
> any, and I'm afraid it's likely to recur as other beta packages are
> tested and dropped without notice.
> The "simple" solution is the same as that for the frequently ephemeral
> packages in EPEL: maintain, and deploy only from, designated internal
> snapshots for continuing access to discarded packages used in your
> clusters or consistently deployed working environments. It's a pain in
> the keister, and not even addressable by spacewalk unless spacewalk is
> set to maintain its own, purely aggregated and never pruned internal
> mirrors.
You don't think doing CentOS Stream 8 is a pain in the keister?

I just want to point out that there a lot people doing a lot of hard
work and a bunch of fighting to make the pieces of stream that are still
available publicly available.

We have put ourselves and our careers on the line to get every possible
concession we can for the community in CentOS Stream 8. We fight for
this at every opportunity.

An example was making the koji system available publicly so you can get
ANYTHING we have ever built.  You can get this package (or anything else
ever built) there.

I get it .. you don't like Stream.  OK, then don't use it.  But the
people who are maintaining Stream 8 are doing the best that we can.  It
might not be enough for you to want to continue to use Stream.  It is
what we can do, however.