Welcome to rpmdeplint’s documentation!

Rpmdeplint is a tool to find errors in RPM packages in the context of their dependency graph.

rpmdeplint

Synopsis

rpmdeplint COMMAND [--repo NAME,URL] [RPMPATH]

Description

The rpmdeplint command will test dependency satisfiability of given RPM packages against given repositories.

Options

--repo NAME,URL, -r NAME,URL

Load yum repo from the given URL. You can also specify a local filesystem path instead of a URL.

The NAME is for descriptive purposes only. It has no impact on dependency resolution. If rpmdeplint finds a dependency problem relating to a package in this repo, the NAME will appear in the error message.

Note that the URL should point at a directory containing repodata/repomd.xml. For example:

--repo=fedora,https://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/

--repos-from-system, -R

Use yum repos from the system-wide configuration in /etc/yum.conf and /etc/yum.repos.d/*.repo. Repos which are disabled in the configuration (enabled=0) are ignored.

This option can be combined with one or more --repo options.

--arch ARCH, -a ARCH

Only consider packages for ARCH when solving dependencies. If a repo contains packages for any other arches, they will be ignored.

Note that the traditional RPM arch compatibility rules are applied, which means that noarch packages and “inferior” arch packages are also included (for example, i686 implicitly includes i386).

This option is normally not required, because distribution repos are normally split by arch (including the various special cases for multilib).

Arguments

RPMPATH

Path to an RPM package. This can be a relative or absolute filesystem path.

Commands

check

Performs each of the checks listed below.

check-sat

Checks for unmet dependencies with the given RPM packages against the given repositories. Each unmet dependency is listed.

check-repoclosure

Checks for unmet dependencies in the given repositories, when considered together with the given packages. This check is similar to check-sat, except it checks only packages in the repositories, not the packages under test.

Packages are only considered to be available for dependency resolution if they are the latest version and not obsoleted by any other package. Therefore this check can detect problems where a package under test is updating an existing package in the repositories, but it no longer provides a requirement needed by some other package in the repositories.

In case a pre-existing repoclosure problem is found (that is, the same problem exists when considering only the repositories without the packages under test) a warning is printed to stderr, but the check is not considered to have failed.

check-conflicts

Checks for undeclared file conflicts in the given RPM packages: that is, when one of the given package contains a file which is also contained in some other package.

This command will not report a file as conflicting between two packages if:

• there is an explicit RPM Conflicts between the two packages; or
• the file’s checksum, permissions, owner, and group are identical in both packages (RPM allows both packages to own the file in this case); or
• the file’s color is different between the two packages (RPM will silently resolve the conflict in favour of the 64-bit file).

check-upgrade

Checks that there are no existing packages in the repositories which would upgrade or obsolete the given packages.

If this check fails, it means that the package under test will never be installed (since the package manager will always pick the newer or obsoleting package from the repositories instead) which is not desirable, assuming the package is intended as an update.

list-deps

All dependencies will be listed for each given RPM package.

Exit status

0

Checks ran successfully, and no problems were found

1

Error occurred while running checks (including network errors downloading repodata)

2

Command-line usage error

3

Problems were found with the packages under test

Examples

Imagine you have produced a new pre-release build of your package, and you want to check if it will cause dependency errors in Fedora:

rpmdeplint check \
    --repo=fedora,https://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/ \
    greenwave-0.6.1-0.git.2.2529bfb.fc29.noarch.rpm

You can also use a local filesystem path instead of an absolute URL for the repos to test against. For example, if you are offline you could re-use your local dnf cache. (Note that rpmdeplint may need to fetch packages for file conflict checking and this step will fail if you use an incomplete repo such as the dnf cache.)

rpmdeplint check \
    --repo=rawhide,/var/cache/dnf/rawhide-2d95c80a1fa0a67d/
    greenwave-0.6.1-0.git.2.2529bfb.fc29.noarch.rpm

Bugs

Bug reports can be submitted to https://bugzilla.redhat.com/.

API

Changelog

2.0

• Added yum repository caching which performs regular cleans for files more than one week old. This expiry period can be modified with the environment variable RPMDEPLINT_EXPIRY_SECONDS.
• The rpmdeplint.DependencyAnalyzer class no longer needs to be “entered” as a context manager. The class still supports the context manager protocol as a no-op for backwards compatibility.

1.4

• Fixed handling of the xml:base attribute in repodata. Previously, if a repo used xml:base to refer to packages stored at a different URL, rpmdeplint would fail to download them when it performed conflict checking (RHBZ#1448768).
• If a package fails to download, a clean error message is now reported. Previously this would result in an unhandled exception, which triggered abrt handling (RHBZ#1423678).
• Fixed usage message when no subcommand is given on Python 3.3+ (RHBZ#1445990).

1.3

• If you are testing only noarch packages, you must now explicitly pass the --arch option to specify the target architecture you are testing against. Previously the checks would run but produce nonsensical results (RHBZ#1392635).
• The check for undeclared file conflicts has been improved:
  • File conflicts are not reported if the two conflicting packages cannot be installed together due to Requires relationships (RHBZ#1412910).
  • It no longer downloads every potentially conflicting package to check. Only the first potential conflict is checked, to avoid downloading a very large number of packages for commonly shared paths such as /usr/lib/debug (RHBZ#1400722).
• A more informative exception is now raised when downloading repodata fails.
• Added a --version option to print the installed version of rpmdeplint.

1.2

• Added a new option --repos-from-system for testing against repositories from the system-wide Yum/DNF configuration.
• Conflict checking now works correctly with RPM 4.11 (as found on Red Hat Enterprise Linux 7 and derivatives). Previously it was relying on an API only present in RPM 4.12+.
• Fixed spurious errors/warnings from check-repoclosure when the arch of the packages being tested did not match the host architecture where rpmdeplint was run (RHBZ#1378253).

1.1

• Added check-upgrade command, to ensure that the given packages are not upgraded or obsoleted by an existing package in the repository.
• Added check-repoclosure command, to check whether repository dependencies can still be satisfied with the given packages.
• Added check command which performs all the different checks.
• The command-line interface now uses a specific exit status (3) to indicate that a check has failed, so that it can be distinguished from other error conditions.

1.0

• Initial release. Supports checking dependency satisfiability and undeclared file conflicts.