Keywording and Stabilization
app-editors/vim— it does not refer to a specific version. The terms 'ebuild' or 'package version' are used when this meaning is intended. This distinction is important.
Most ebuilds specify a
KEYWORDS variable. This variable is used to
indicate the suitability and stability of both the package and the ebuild on
each given arch (
KEYWORDS entry might look like:
KEYWORDS="-ia64 ~mips ~ppc sparc x86 ~ppc-macos"
The different levels of keyword are:
- Both the package version and the ebuild are widely tested, known to work and not have any serious issues on the indicated platform.
The package version and the ebuild are believed to work and do not have any
known serious bugs, but more testing is required before the package version
is considered suitable for
- No keyword
If a package has no keyword for a given arch, it means it is not known
whether the package will work, or that insufficient testing has occurred for
- The package version will not work on the arch. This could be caused by badly written code (for example, non-64-bit or endian clean code), relying upon particular hardware (for example, a BIOS querying tool would not work on non-BIOS architectures) or binary only packages.
-* keyword is special. It is used to indicate package versions which are
not worth trying to test on unlisted archs. For example, a binary-only package
which is only supported upstream on
x86 might use:
KEYWORDS="-* ppc x86"
This is different in implication from
"ppc x86" — the former implies that
it will not work on other archs, whereas the latter implies that it has not been
Do not use the
~* special keywords in ebuilds.
KEYWORDSvariable, or assign the empty string to it.
Equal Visibility Requirement
An ebuild must not depend upon any package that is of a lower keyword level
than itself. For example, if
foo-1.2 depends upon
foo-1.2 must not be marked stable on
bar-1.2 is also stabilised.
You may assume that if a user accepts
~arch for a given arch then they also
For optional dependencies, all possible dependencies must satisfy the above.
Note that certain
USE flags can be forcibly disabled on a per-profile basis
— talk to the arch teams if you require this. For either-or dependencies, at
least one of the options must be of equal or better visibility than the
package in question.
package.mask file can be used to 'hard mask' individual or groups of
ebuilds. This should be used for testing ebuilds or beta releases of software,
and may also be used if a package has serious compatibility problems. Packages
which are not hard masked must not have a dependency upon hard masked
The only time it is acceptable for a user to see the
Possibly a DEPEND
problem error message is if they have manually changed visibility levels for a
package (for example, through
/etc/portage/) and have missed a dependency.
You should never commit a change which could cause this error to appear on a
Keywording New Packages
~archonly upon architectures for which the committing developer has tested.
Do not assume that your package works on all architectures. Do not
assume that user submitted ebuilds will have correct
KEYWORDS — chances are
they just copied from somewhere else. Do not assume that upstream's
'supported architectures' list is correct. Do not assume that because your
code is written in Perl / Python / Java / whatever that it will run on other
archs (there is at least one case of a
vim script which only worked on
Note that most (non-x86) archs expect you to be on the arch team and bugzilla
alias if you are committing packages with keywords for that arch, and may have
additional requirements of which you should be aware (on
mips, for example,
there are multiple ABIs and byte orders to consider — a package working on your
o32 box may not work on
n32). Contact the individual arch
teams for details.
It's important to note that alternative arches (like alpha, ia64, s390, sparc, hppa, ppc*) are mainly undermanned arches, some of them are slow, they have more basic problems and have a small userbase. Just file bugs for these architectures when a package is going to be a dependency of a package already keyworded.
Do not commit straight to
Keywording on Upgrades
When upgrading, drop all existing keywords from
~arch, and leave
~arch keywords intact. This must be done even if you think
you're just making a trivial fix — there have been several examples of the
stable tree getting broken this way.
This also applies to revision bumps, not just to upstream version changes.
If a new version introduces new dependencies which are not available on some
architectures, then you should file a bug or ask on IRC before you upgrade the
ebuild. If you really need to get the ebuild added in a hurry, for example,
for a security fix, then you should drop any
KEYWORDS which are causing
problems and CC the relevant architectures on the bug — you must file
a new bug to the architecture in question regarding this if no bug is already
If there are no new dependencies, do not remove keywords if your commit fails
with repoman — please try a full
git pull and if you still have
problems, then commit with
repoman -I and file a bug to the broken
architecture, noting it in your git commit message.
Stabilization, i.e., moving an ebuild from
arch, is done
by the relevant architecture teams. If you have access to exotic hardware but
are not on the arch teams, you may wish to make individual arrangements —
the arch teams are happy for help, so long as they know what is going on.
In order to request stabilization of an ebuild, file a bug to the package's maintainer (which may be yourself), and list all secondary maintainers in the bug's CC. When the maintainers consider the ebuild to be ready for stabilization, they will add the relevant architecture teams to the CC list. That way teams can remove themselves from the list when they are done, giving a clear indication of which teams still have to stabilize a package.
For an ebuild to move to stable, the following guidelines must be met (see GLEP 40 for further details):
The ebuild has spent a reasonable amount of time in
~archfirst. Thirty days is the usual figure, although this is clearly only a guideline. For critical packages, a much longer duration is expected. For small packages that have only minor changes between versions, a shorter period is sometimes appropriate.
The ebuild must not have any non-
- The package version (and the ebuild) must not have any severe outstanding bugs or issues.
- The package version must be widely tested.
- If the package is a library, it should be known not to break any package which depends upon it.
For security fixes, the "reasonable amount of time" guideline may be relaxed. See the Vulnerability Treatment Policy
AMD64, X86: If you are the maintainer of a package that currently has open bugs for amd64 or x86 stabilization and own the respectively amd64 or x86 hardware, you can do your own testing and keywording of your packages; as long as it is not a core system set dependency.
SPARC: You must have prior permission from the arch lead. Usually we expect you to be on the sparc alias for QA reasons, although other arrangements can be made if you will only be working with a small group of packages.
ALPHA: Maintainers may keyword their own packages but are reminded to inform the Alpha team if they can help out with testing and keywording packages so the team can keep an eye out for possible keywording mistakes.
Exotic architectures (like hppa, ia64, ppc*, sparc) are short on manpower, so it's best if you avoid opening bugs for stabilization of new packages for them, unless it is absolutely necessary (e.g., a reverse dependency for your package).
Some architectures (like mips, riscv) do not maintain a stable keyword. So packages are not to be marked stable for one of these architectures.
Simultaneous stabilization on all architectures
If you maintain an architecture-independent package (data files,
icons, pure Perl,...) then you may request that your
package be stabilized on all arches at once. To do this — when
you are filing the stabilization bug — please add the keyword
ALLARCHES in addition to
STABLEREQ and CC the
arches that you would like to stabilize.
The arch teams, when encountering the
should perform their usual set of tests on a single convenient
architecture. Then, if everything works, stabilize not only the
arch that was used during testing, but also all of the other
arches in CC on the bug. Afterwards, the CC field can be cleared
and the bug closed if appropriate.
Removing Package Versions
When removing ebuild, ensure that you do not remove the most recent version at any given keyword level on any profile. The aim here is:
Never to force a downgrade. (Exception: occasionally you really do want to
force a downgrade, for example if the newly committed
foo-1.3turns out to be badly broken and that making everyone downgrade to
foo-1.2is the better option. This is rare.)
- Do not break any existing dependencies.
If you would like a particular package version moved to stable on certain archs so that you can tidy up, file a bug.