Bug#905401: permit access to apt repositories during builds
Ian Jackson wrote:
> Jonathan Nieder writes ("Re: permit access to apt repositories during builds"):
>> My feeling is that this should be an outside-policy carveout, since it
>> makes many applications (e.g., analyzing the build graph, especially
>> when needed for bootstrapping) no longer possible.
>
> I don't really agree with the basic concept of an "outside-policy
> carveout".
That's reasonable. Tool authors may want to know what they can count
on, and using policy to document what we need to support, even when it is
for a small number of special-case packages, can be useful for that
purpose.
One way to limit the harm is to be more explicit about this being a
discouraged practice, for example by naming the limited set of use
cases where we permit it.
> Also, this is the only way to implement many important and
> useful things.
Can you list some of them?
You mentioned the Xen package not wanting to bother package
maintainers to introduce -source packages to build-depend on, and I
don't find this particularly compelling --- most package maintainers
don't feel bothered when a feature request comes with a patch. ;-) On
the other hand, I do agree with a related reason: a -source package
that is only useful for satisfying build-depends clutters up the
package list and makes it harder for a system administrator to find
the packages they need.
So I'd be very happy to see a way to declare a Build-Depends on a
source package.
The udeb case seems similar --- it's working around a lack of support
for declaring a Build-Depends on a udeb.
Am I understanding correctly? Can we handle the full set of use cases
with some improvements in what Build-Depends supports?
> But I think you do have a legitimate concern. I think we probably
> want to add a mechanism for a package to declare (eg in its buildinfo
> or changes maybe?) what it got from apt. What do you think ?
If we're going that far, I think we might as well do a before-the-fact
declaration in Build-Depends.
>> Seconded.
>
> Thanks.
Thank you for writing the patch. Even despite what I've written
above, having the existing practice documented seems preferable over
leaving it undocumented.
Sincerely,
Jonathan
Reply to: