Hello,
On Mon, Dec 25 2017, Russ Allbery wrote:
> Seconded the above change and with or without the wording change
> discussed in the other part of this thread.
Thank you for your review.
Here is the current diff awaiting a final second:
diff --git a/policy/ch-relationships.rst b/policy/ch-relationships.rst
index 3a73f7b..d2d1064 100644
--- a/policy/ch-relationships.rst
+++ b/policy/ch-relationships.rst @@ -598,17 +598,26 @@ earlier for
binary packages) in order to invoke the targets in
Additional source packages used to build the binary - ``Built-Using``
---------------------------------------------------------------------
-Some binary packages incorporate parts of other packages when built but
-do not have to depend on those packages. Examples include linking with
-static libraries or incorporating source code from another package
-during the build. In this case, the source packages of those other
-packages are a required part of the complete source (the binary package
-is not reproducible without them).
-
-A ``Built-Using`` field must list the corresponding source package for
-any such binary package incorporated during the build, [#]_ including
-an "exactly equal" ("=") version relation on the version that was used
-to build that binary package. [#]_
+Some binary packages incorporate parts of other packages when built
+but do not have to depend on those packages. Examples include linking
+with static libraries or incorporating source code from another
+package during the build. In this case, the source packages of those
+other packages are part of the complete source (the binary package is
+not reproducible without them).
+
+When the license of either the incorporated parts or the incorporating
+binary package requires that the full source code of the incorporating
+binary package be made available, the ``Built-Using`` field must list
+the corresponding source package for any affected binary package
+incorporated during the build, [#]_ including an "exactly equal" ("=")
+version relation on the version that was used to build that version of
+the incorporating binary package. [#]_
+
+This causes the Debian archive to retain the versions of the source
+packages that were actually incorporated. In particular, if the
+versions of the incorporated parts are updated but the incorporating
+binary package is not rebuilt, the older versions of the incorporated
+parts will remain in the archive in order to satisfy the license.
A package using the source code from the gcc-4.6-source binary package
built from the gcc-4.6 source package would have this field in its
@@ -625,6 +634,11 @@ field in its control file:
Built-Using: grub2 (= 1.99-9), loadlin (= 1.6e-1)
+This field should not be used for purposes other than satisfying
+license or DFSG requirements to provide full source code. In
+particular, it should not be used to enable finding packages that
+should be rebuilt against newer versions of their build dependencies.
+
.. [#]
The relations ``<`` and ``>`` were previously allowed, but they were
confusingly defined to mean earlier/later or equal rather than
--
Sean Whitton
Attachment:
signature.asc
Description: PGP signature