Re: Bits from the FTPMaster meeting
Luk Claes <firstname.lastname@example.org> writes:
> Goswin von Brederlow wrote:
>> Philipp Kern <email@example.com> writes:
>>> On 2009-11-19, Luk Claes <firstname.lastname@example.org> wrote:
>>>> This could only work if the built package is needed on the same buildd
>>>> it was built.
>>> That depends on the assumptions. If the assumption is that the buildds are
>>> trusted (the same as for autosigning) it would also be easy to argue that
>>> setting up some kind of collective protected repository for sharing among
>>> the buildd would not be totally insane. But then, just implement autosigning,
>>> get rid of that step and reuse autobuilding accepted, or however it's called
>>> Kind regards,
>>> Philipp Kern
>> When autosigning came up in the past the argument given against was
>> that buildd admins do some quality control on the packages. They
>> notice when the buildds goes haywire and screws up builds. With
>> autosigning you can easily get 200 totaly broken debs into the archive
>> because the buildd had a broken debhelper or something.
> With autosigning these 200 could as easily get fixed.
Only if they can all be binNMUed. And meanwhile users have broken
But I'm just saying that was the argument in the past. Maybe history
has simply shown that it doesn't happen often enough to be a concern
(or buildd admins miss such screwups too often anyway). So no need to