[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Source only uploads?

On Wed, Oct 22, 2003 at 01:19:10PM -0400, Fabien Ninoles wrote:
> Andrew Suffield wrote:
> >>I understand your concern that a package must be able to built on
> >>any Debian environment as long as the architecture is support and the
> >>build-deps are respected, but I find that an additional request that
> >>the package be able to build in pbuilder add to the quality of the
> >>release.
> >
> >At no point have I suggested that it should not have to build in an
> >artificial environment. What are you talking about?
> I'm talking about ENSURING that the package is able to build in such
> REPRODUCTIBLE environment and give consistent results.  I remember
> some packages which are even able to give a consistent source package
> across rebuilds, which is pretty lame, IMHO.

So how is that at all relevant? In no sense does it require
source-only uploads; this is empirically demonstrated by the fact that
we pretty much ensure this already (more precisely, we pretty reliably
detect when it is not the case).

> >>I don't see how the current process help you on this?  Any maintainer
> >>can be lazy, and upload half-compiled package.  There is many way to
> >>make a package where even the debian/rules file doesn't run.  If the
> >>package is a binary-all, it will not even be notice!
> >
> >If the maintainer is an incompetent moron, sure. But we generally
> >assume maintainers don't do stupid things like this.
> Sorry, but I think error is human.
<snip description of arbitrary bug>

This would be detected by anybody that tries to build the package. No
problems here.

> >For binary-all packages, people do on occasion attempt to rebuild them
> >to trap this sort of problem. It hasn't yet been automated, but it
> >could be.
> It's the "people" and "on occasion" that tickle me here.  Why not 
> replace it with "Debian" and "always" instead?

There's no difference. That is the nature of Debian. Things get done
when somebody decides to do them.

> >With the current process, most packages are built in a real-world
> >environment and then used in that environment by a significant number
> >of people, over a significant period of time. This gives us a better
> >than average chance of noticing any problems. It's not perfect, but
> >it's probably the best we're going to get.
> I really fail to get your point:  you said that a good maintainer will
> always try to make it's package compile in a diversed environment and
> that allowing source only upload will discourage such practice?

No. I'm saying that's what happens. No "would/could/should". It *does*.

Most of the packages which are used by most users are built in
variable, real-world environments. Over an extended period of time, we
are very likely to run into any problems that may be present.

> Adding the capacity of source-only upload will just help him
> ensure that his package can also be built into a "artificial" but
> reproductible environment, which add to the QA of the package.

Entirely false. It would add nothing in this regard. Why on earth
would it? In no manner does a binary upload prevent you from testing
the package to see if it builds in some other environment.

  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

Reply to: