Deleted from PPA packages are not really fully deleted.

Asked by vbooh on 2011-09-27

Hello.

I deleted packages from my PPA 'myownrepo' more, than 24 hours ago. But if I try to upload packages to my PPA via dput, I receive email with this message:
"Rejected: File snownews_1.5.12.orig.tar.gz already exists in myownrepo, but uploaded version has different contents."
How I can fully clean my PPA?

Sorry for my English.
Thanks for your help.

Question information

Language:
English Edit question
Status:
Answered
For:
Launchpad itself Edit question
Assignee:
No assignee Edit question
Last query:
2011-10-06
Last reply:
2011-10-07
Aaron Bentley (abentley) said : #1

You must make your package versions unique, because everything that uses them (dpkg, apt, etc.) assumes that they are unique and would break if the contents could change.

vbooh (vbooh-vbooh) said : #2

Thanks for your reply.
I think, this is not correct solution in this case, because I just want to clear my PPA and it does not happens.

William Grant (wgrant) said : #3

You can't ever upload the same filename with different contents. That confuses packaging tools and people.

vbooh (vbooh-vbooh) said : #4

Thanks.
Yes, I understand, but in this case I made mistake, so I want to clear my PPA anyway. According to earlier replies in FAQ, files, deleted from repository, will be really deleted from repository 24 hours later. 24 hours are gone, but file still is in repository.

Unfortunately, the fact that you made a mistake doesn't mean that somebody couldn't have used the file you uploaded before you corrected it. Launchpad makes a promise to all its users that what was ever public will remain as is. The "right" way (from LP perspective) for you to correct your mistake is to increase the version number on your tarball.

Packages are removed from the system, but source files are always kept because they are re-used for different source packages, and by different users. If we ever deviated from this norm, Launchpad would lose trust with its users.

I am sorry that there is no "nicer" solution that I can offer for you here, and I hope you can learn to live with this and appreciate the extra safety this gives you when you are downloading others' code (eg. you know that you can always get exactly the source code that was used to build a certain binary package: if we didn't do this, somebody could upload a fake source tarball with the same name after their package was built so people couldn't get access to the code).

Can you help with this problem?

Provide an answer of your own, or ask vbooh for more information if necessary.

To post a message you must log in.