Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)

To: debian-devel@lists.debian.org
Subject: Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
From: Paul Wise <pabs@debian.org>
Date: Thu, 13 Oct 2016 11:36:06 +0800
Message-id: <[🔎] CAKTje6FUJKhES=sWim8YSLqavV4qgJDfx43CJFyCmWnRBBbTkw@mail.gmail.com>
In-reply-to: <[🔎] 85y41tkyb3.fsf@benfinney.id.au>
References: <[🔎] 20161011123313.Horde.f1B8rLKTV-7AXNIt3PD2RKP@webmail.in-berlin.de> <[🔎] 1476189020.2027283.752320617.2C4B0FA5@webmail.messagingengine.com> <[🔎] CAKTje6HtmyWhQSFE8-g0PhZ4WOmvwzJcYPkWi4sy_GEtYs3N4w@mail.gmail.com> <[🔎] 1476190564.2034804.752348473.72C83B59@webmail.messagingengine.com> <[🔎] CAKTje6HHK7kyYjSLX9-qM-CzrKvdQgwUxPargQ=3PQnRviq0eg@mail.gmail.com> <[🔎] 878ttvj9qm.fsf@zoro.exoscale.ch> <[🔎] 20161011210423.epsfwjsbtmyqtuvi@fama> <[🔎] ba36bb1b-2da4-89ae-8640-ccdd6c1a8e66@tincho.org> <[🔎] 87h98hiccm.fsf@zoro.exoscale.ch> <[🔎] 20161012212735.wugvjuoqipijvm2l@fama> <[🔎] 85y41tkyb3.fsf@benfinney.id.au>

On Thu, Oct 13, 2016 at 6:16 AM, Ben Finney wrote:

> How will we know that those are the corresponding source for the work
> Debian installs?

The maintainer could have verified it before uploading.

> One way is to actually use that exact source, to build the package.

That is the only realistic way to know.

> Do you know of another way which provides that level of confidence that
> we in fact have the complete corresponding source for a work, and that
> this remains true as the source package changes over time?

(Reproducible) builds from source (with continuous rechecking) is the
only way to have enough confidence that a Debian user has the freedoms
promised to them by the Debian social contract.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Reply to:

References:
- "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: "W. Martin Borgert" <debacle@debian.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: Ondřej Surý <ondrej@sury.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: Paul Wise <pabs@debian.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: Ondřej Surý <ondrej@sury.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: Paul Wise <pabs@debian.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: Vincent Bernat <bernat@debian.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: "W. Martin Borgert" <debacle@debian.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: Martín Ferrari <tincho@tincho.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: Vincent Bernat <bernat@debian.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: "W. Martin Borgert" <debacle@debian.org>
- Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
  - From: Ben Finney <bignose@debian.org>

Prev by Date: Bug#840588: ITP: golang-github-lunny-log -- A compatible log extension
Next by Date: Bug#840597: ITP: pyflame -- CPU profiler and flame graph tool for Python
Previous by thread: Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
Next by thread: Re: [Pkg-dns-devel] Bug#833309: "Browserified" stuff (knot-resolver-module-http: please package embedded epoch.js separately)
Index(es):
- Date
- Thread