[Bug 1794589] Re: libssl1.0-dev conflicts libssl-dev

Mon Feb 25 01:04:11 UTC 2019

I think the advice is harder to follow than it looks.  Many node packages require libssl-1.0-dev,
and you can't install them on a system used to develop c/c++ apps that require libssl-dev.
To wit:

$ sudo apt install -s node-websocket libssl-dev
...
 node-websocket : Depends: nodejs-dev (>= 8.9.3~dfsg-11ubuntu1~) but it is not going to be installed
                  Depends: libjs-websocket but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

So it's more like "you can't count on being able to use xenial's nodejs on any system that 
has to build stuff against libssl-dev", which is pretty traumatic.

The situation's better on cosmic.  Backporting cosmic's nodejs to xenial isn't a great fix,
though, because it has a different soname, so any packages that need node's shared library
have to be rebuilt.  And that breaks our user apps.  As a workaround I'm using upstream's nodejs 8 on xenial, that seems to sidestep the openssl problem without causing the major version number problem.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl1.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1794589

Title:
  libssl1.0-dev conflicts libssl-dev

Status in nodejs package in Ubuntu:
  Confirmed
Status in openssl1.0 package in Ubuntu:
  Won't Fix
Status in nodejs source package in Bionic:
  Invalid
Status in openssl1.0 source package in Bionic:
  Won't Fix
Status in nodejs source package in Cosmic:
  Invalid
Status in openssl1.0 source package in Cosmic:
  Won't Fix

Bug description:
  [impact]

  The libssl1.0-dev package conflicts with the libssl-dev package, so
  this leads to all packages that depend on libssl1.0-dev to conflict
  with all packages that depend on libssl-dev; as well as all packages
  that depend on those packages (and so on).

  [test case]

  On a Bionic system (or Cosmic), install libssl-dev, and/or any package that depends on it:
  http://qa.ubuntuwire.org/rdepends/v1/bionic/any/libssl-dev

  Then, try to install libssl1.0-dev, or any package that depends on it:
  http://qa.ubuntuwire.org/rdepends/v1/bionic/any/libssl1.0-dev

  see comment 15 for an example of some packages that are force-removed
  when installing libssl1.0-dev, due to conflict.

  [regression potential]

  TBD after fix is determined

  [other info]

  Original description:

  ---

  The fix for https://bugs.launchpad.net/ubuntu/+source/nodejs/+bug/1779863
  is, not surprisingly, somewhat traumatic for some users.

  In my case, installing libssl1.0-dev causes libcurl4-openssl-dev,
  libssh-dev, and libssl-dev to be uninstalled, which makes some of our
  internal packages fail to build.

  Commenting out universe from bionic-updates in /etc/apt/sources.list
  would work around this, but that's not going to fly for everybody.

  nodejs appears to be the tail wagging the dog now, and that's rather
  uncomfortable.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: nodejs-dev (not installed)
  ProcVersionSignature: Ubuntu 4.15.0-34.37-generic 4.15.18
  Uname: Linux 4.15.0-34-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7.3
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Sep 26 11:03:51 2018
  SourcePackage: nodejs
  UpgradeStatus: Upgraded to bionic on 2018-04-30 (148 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nodejs/+bug/1794589/+subscriptions