Extras/3rd Party Package Policy

The problem
The official System Software Updates (SSU) need to work flawlessly, no matter what 3rd party packages the user has installed from any kind of sources. Conflicts between packages need to be avoided since most users will not undertand what is happening and how to solve it. The Application Manager could just act blindly imposing an official SSU and removing anything else conflicting, but this situation would also confuse and upset not only users but the affected developers too.

A solution
Create a new Maemo Policy requirement: No package must block an OS update.

Develop specific rules that can be automatically checked. For example:
 * Packages outside of the OS must either not depend on a OS package at all, or be happy with all versions greater than a certain minimum (of their own choice).
 * A OS update must not force the removal of a package that used to be part of a previous OS release.

These rules are used to check all Maemo packages and the OS releases.

Include every package in the Maemo Extras repositories and elsewhere in the OS update testing and fix packages that break the requirement before releasing the OS update.

SSU meta package has a very strong depends/conflicts policy. So all packages have to not break it, which will cause SSU fails. So basic policy check could based on:
 * 3rd party packages can not: (foo is the one of system update packages defines in SSU meta package)

Depends:   foo ( =  version A) Depends:    foo ( << version A) Conflicts:  foo ( >= version A)


 * Instead, following scenario are allowed:

Depends:   foo ( >= version A) Depends:    foo ( >> version A) Conflicts:  foo ( << version A) Conflicts:  foo ( <= version A) Conflicts:  foo ( =  version A)

The Package Policy check needs to be applied to any package before it is uploaded to the Extras (extras-devel?) repository. This decreases the chances of leaving all the work to the Application Manager.

Automated checks will also be implemented in the Application Manager against other 3rd party repositories added by the user. If a package fails this check, it will not be allowed to be installed, then leads to an understandable error message to instruct the end user. These cheks are implemented in the apt-worker.cc file.

Impact

 * Application Manager: Dependency/conflicts check will be enabled as well as relevant error message & UI flow update.
 * Infrastructure: Needs to appliy the policy check tool to "Nokia SW", "Nokia certified SW". The Maemo community needs to be put in the loop and helped to use the check in the Extras repositories.
 * The policy is also applied in internal integration processing, not only targetting 3rd party packages.

Implementation
http://gitorious.org/hildon-application-manager

Testing
How can we test that all 3rd party SW available doesn't break the SSU installation? Before SSU goes public to a repository, rebuilding all 3rd party SW is the best way. This is a huge work and can not be controlled easily, but at least it should be feasible within the maemo.org Extras scope.

Discussion
See app manager: breaks the 3rd party package policy