On Wed, Nov 28, 2018 at 07:02:07PM +0100, Bastian Blank wrote: > On Wed, Nov 28, 2018 at 02:48:32PM -0200, Antonio Terceiro wrote: > > Would you be willing to also implement > > Tainted-By: not-built-in-a-chroot > > ? > > What do you want to do with that? Even our own stuff not always uses > chroot, why should it? The idea here is to record facts about the system where a package was built. Building in a merged-/usr system does not necessarily produce a broken package. Not building in a chroot is also not necessarily a problem, but still, we want to know that. Now, as Andrey points out, nowdays a chroot is not the only type of minimal system where one can build packages, so maybe a more sophisticated check would be required.
Attachment:
signature.asc
Description: PGP signature