RE: New field proposed, UUID
> Sorry, I'm not a Debian developer so honestly don't know all the policies or
> processes behind making debs. But, it seems clear to me that if you use the
> pkg+version+arch as your UUID then a change in the md5sum caused by adding a
> signature would not effect the "UUID" and therefore be moot. When I say any
> change in the "binary package" I mean any change in the binary files that
> get installed when the package is installed. I'm not talking about a change
> in the deb file itself.
> Or am I totally confused?
you are not confused, just not seeing everything (-:
$ apt-get source
$ cd source
$ dpkg-buildpackage # this builds the deb
this will build a deb with the exact same name+arch+version as the one he
downloaded. However the tool that built it will add a different UUID because
these are generated at build time. So NEW UUID does not equal release UUID and
we know something happened.
Bumping the version of a kernel makes sense, but what if i comipile a package
because I did not like the maintainer's choice of compile options? The current
build tools do not make too much differentiation between a user compiling a deb
and the actual maintainer -- so when would the version get bumped?