1

I've been learning about Linux package management recently (https://superuser.com/questions/393681/how-to-find-out-which-versions-of-a-package-can-i-install-on-apt, https://askubuntu.com/questions/340530/how-can-i-check-the-available-version-of-a-package-in-the-repositories, Why do different Linux distros have different package formats (and package managers)?, https://itsfoss.com/ubuntu-repository-mechanism/, https://itsfoss.com/sources-list-ubuntu/)

If I understand correctly, /etc/apt/sources.list (and .list/.sources files in /etc/apt/sources.list.d/) controls where apt-get (and related utilities) get packages/source code from.

Since my current release is jammy, I have entries in my sources.list such as the following:

deb http://archive.ubuntu.com/ubuntu/ jammy main restricted
deb-src http://archive.ubuntu.com/ubuntu/ jammy main restricted

...which I think means that (after running apt-file update) apt-cache policy libuv1 will look for all available versions of libuv1 at http://archive.ubuntu.com/ubuntu/dists/jammy/main/

$ apt-cache policy libuv1
libuv1:
  Installed: 1.43.0-1
  Candidate: 1.43.0-1
  Version table:
 *** 1.43.0-1 500
        500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages
        100 /var/lib/dpkg/status
$
$ apt-cache madison libuv1
    libuv1 |   1.43.0-1 | http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages
    libuv1 |   1.43.0-1 | http://archive.ubuntu.com/ubuntu jammy/main Sources
$

My question is: is there a way to query available versions of the libuv1 package for releases other than jammy without editing sources.list?

From the above apt-cache output, it appears that 1.43.0-1 is the only version available - both as a package and as source. But I know the libuv authors have newer versions. I'd like to learn whether I can query non-jammy package repositories for availability of newer libuv1 packages or source. Out of an excess of caution, I am nervous about adding entries like deb-src http://archive.ubuntu.com/ubuntu/ mantic main restricted to sources.list because I'm afraid I might forget, then later carelessly run apt-get upgrade -- wouldn't that then run the risk of creating a FrankenDebian?

I only want to find out -- if only for curiosity's sake -- whether newer versions of libuv1 source/packages exist in releases other than my current, without the risks incurred by editing sources.list -- is there a way? Put another way: is it necessary to edit sources.list both to query availability and install packages, or is it possible to query package availability without editing the file?

StoneThrow
  • 1,717

2 Answers2

2

Constantine A.B.’s answer alludes to it without going into detail; rmadison is the tool you’re looking for.

Install the devscripts package:

$ sudo apt install --no-install-recommends devscripts wget

(devscripts has a lot of optional dependencies, hence the explicit --no-install-recommends; rmadison needs wget, which is one of those optional dependencies), then run rmadison to query the online database:

$ rmadison libuv1
 libuv1 | 1.8.0-1           | xenial/universe | source, amd64, arm64, armhf, i386, powerpc, ppc64el, s390x
 libuv1 | 1.18.0-3          | bionic          | source, amd64, arm64, armhf, i386, ppc64el, s390x
 libuv1 | 1.34.2-1ubuntu1   | focal           | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 libuv1 | 1.34.2-1ubuntu1.3 | focal-security  | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 libuv1 | 1.34.2-1ubuntu1.3 | focal-updates   | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 libuv1 | 1.43.0-1          | jammy           | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 libuv1 | 1.44.2-1          | lunar           | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 libuv1 | 1.44.2-1          | mantic          | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 libuv1 | 1.46.0-2ubuntu1   | noble           | source, amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 libuv1 | 1.46.0-3          | noble-proposed  | source, amd64, arm64, i386, ppc64el, riscv64, s390x

The syntax is simple enough, rmadison followed by the name(s) of the binary and/or source packages you’re interested in.

Since libuv1 is imported directly from Debian, without changes most of the time, you might want to check there too:

$ rmadison -u debian libuv1
libuv1     | 1.24.1-1+deb10u1 | oldoldstable       | source, amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x
libuv1     | 1.24.1-1+deb10u1 | oldoldstable-debug | source
libuv1     | 1.40.0-2         | oldstable          | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libuv1     | 1.44.2-1         | stable             | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
libuv1     | 1.46.0-2         | testing            | source, amd64, arm64, armel, armhf, i386, mips64el, ppc64el, s390x
libuv1     | 1.46.0-3         | unstable           | source, amd64, arm64, armel, armhf, i386, mips64el, ppc64el, riscv64, s390x
libuv1     | 1.46.0-3         | unstable-debug     | source

So libuv 1.47.0 hasn’t been packaged yet, whether for Debian or Ubuntu.

(For readers using Debian, the defaults are the opposite: rmadison with no -u option queries Debian, rmadison -u ubuntu queries Ubuntu.)

Stephen Kitt
  • 434,908
  • Thank you for this answer. For my need, 1.45.0+ will work, and I see that noble has 1.46.0-2 available as source and package. I wonder if you could comment on something I alluded to in my question: since my current Linux distribution/release is jammy, if I were to twiddle anything (e.g. /etc/apt/sources.list) such that apt-get were to fetch packages (libuv1 or otherwise) from noble, I would be creating a FrankenDebian (https://wiki.debian.org/DontBreakDebian#Don.27t_make_a_FrankenDebian) -- is that correct? – StoneThrow Jan 05 '24 at 17:30
  • Well, a Frankenbuntu, but yes, you probably shouldn’t do that (especially with Noble which is currently in development). Would a container meet your needs? – Stephen Kitt Jan 06 '24 at 02:34
  • Frankenbuntu :) But yes: a container will do the job without messing up my host, but my question was (and are often) "academic": I really just wanted to probe the whys and the wherefores on the topic of Linux package management, because some of my recent work is in this area, and I'm trying to take the opportunity to learn about it as deeply and correctly as I can. Thank you, again, for your answer. – StoneThrow Jan 06 '24 at 04:46
1

Back in the day I used rmadison, from the devscripts package for that.

These days, I'm too lazy and do the overkill:

podman run -it --rm debian:$version sh -c "apt-get update > /dev/null; apt-get info $package"

(Easy to set $version, $package accordingly from $1, $2 in a three lines shell script).

Sure, that starts (and if not already present, downloads) a full Linux container to answer a simple question. But then I don't have to remember another tool's syntax, and can use the same trick to answer more complex questions like "on a Debian 13 with xfce, how much download Volume does installing clementine require?"...

really not Constantine A. B.
  • 493