On Mon, Jan 08, 2018 at 08:36:50PM -0500, Michael Stone wrote: > On Mon, Jan 08, 2018 at 12:09:09PM -0800, Steve Langasek wrote: > > Top-posting to just say +1, and that I was going to reply with much the > > same. > > I don't even think the requirement for the bootstrap profiles to not > > functionally change the packages is necessary, but it's the way the folks > > working on bootstrappability have chosen to do it, so it's their call. But > > that's definitely not a binding precedent on other build profiles that might > > be implemented. > How, then, would you tell by looking at the package name+version which kind > of package you have? If you're going to change the name or version string > anyway, why use some complicated profile system instead of just applying a > patch? This seems overly complicated for simple cases and overly fragile for > complex cases. The fact that this information is no longer exposed in the binary control file is news to me, and very disappointing. It seems clear to me that one *should* be able to determine what profile(s) a package was built with by looking at the package itself. As a policy, I think it's clear that packages built with non-default profiles should never be included in the Debian archive; and segregating packages into archives by stage is a sensible way to do this for bootstrapping. I don't know /what/ one should expect in a world where profiles are used for other purposes but aren't documented in the binary control; I guess it just reinforces the fact that you can't trust third-party deb packages... In any case, I think the value actually accrues primarily to the simple cases; because if you want to maintain a package over time, setting a flag and rebuilding requires much less human involvement than having to repeatedly merge changes into a package. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek@ubuntu.com vorlon@debian.org
Attachment:
signature.asc
Description: PGP signature