Sean Whitton <spwhitton@spwhitton.name> writes: > Hello, > > On Sun 17 Nov 2019 at 10:29AM -08, Russ Allbery wrote: > >> How about: >> >> [1] This field should only be used when there are license or DFSG >> requirements to retain the referenced source package. [2] It should not >> be added solely as a way to locate packages that need to be rebuilt >> against newer versions of their build dependencies. > > Thanks, I think this is good -- would be good to hear from Nicholas too > though. I agree this is clear for people who already understand what it signifies, but I don't think it's clear/accurate enough for a new contributor who is struggling to understand Policy, because "retain the referenced source package [singular]" seems to refer src:foo, if src:foo uses Built-Using, and this isn't the case. So: (3) The Built-Using field should exclusively be used to satisfy license or DFSG requirements, where those requirements stipulate that the specific versions of build-time dependencies must remain available in the Debian archive. With further consideration I think (2) should be cut and replaced, because it undercuts the clarity of this paragraph's premise. Eg: Clear (1||3) "should" premise, but if a tree falls in a forest and no one notices it fall then you can do this other thing (2) without anyone noticing. If a maintainer uses the field for (1), then it's a non-issue if they're also privately using it as a heuristic for (2). Thus I don't think we need to say anything about the (2), because it's confusing for people who don't already understand the discussed concepts. Rather than (2), I think it would be better to refer to the general case of how to use foo.buildinfo (or tooling that leverages buildinfo, or some other method) to identify packages that need to be rebuilt. Sorry for the delay replying! Regards, Nicholas
Attachment:
signature.asc
Description: PGP signature