Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy

To: Santiago Vila <sanvila@debian.org>, 1104643@bugs.debian.org
Subject: Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy
From: Pirate Praveen <praveen@debian.org>
Date: Tue, 6 May 2025 01:24:40 +0530
Message-id: <[🔎] 270fcc87-b22b-424a-81b5-dc6aed84b5c2@debian.org>
Reply-to: Pirate Praveen <praveen@debian.org>, 1104643@bugs.debian.org
In-reply-to: <[🔎] 73a4459c-8da3-44e5-8cff-5f55125a8439@debian.org>
References: <[🔎] 9babcbe3-191c-4065-970e-7b86c229bf36@debian.org> <[🔎] 73a4459c-8da3-44e5-8cff-5f55125a8439@debian.org> <[🔎] 9babcbe3-191c-4065-970e-7b86c229bf36@debian.org>


On 05/05/2025 4:28 pm, Santiago Vila wrote:

El 3/5/25 a las 17:41, Pirate Praveen escribió:
Package: debian-policy
Version: 4.7.2.0
Control: block 1104509 by -1
Note: I've just removed the block for the reasons stated by Bill.
I think it should be changed to,
> Except for packages in the non-free archive with the Autobuildcontrol field unset or set to no, > required targets must not require network access, except, via theloopback interface,
 > to services on the build host that have been started by the build.
I think enforcing there is no internet access is a better way toachieve the goal of actually ensuring there is no internet duringbuild rather than considering packages that can use internet whenavailable for tests as rc buggy.
I think the goal has never been "ensuring there is no internet duringbuild".
When I'm debugging a package, I usually work in a directory-based chroot
(created with debootstrap). If I had to drop internet access, I wouldhave
to use firewall rules or just unplug the cable, which would make other
tasks requiring internet in my computer not to work at the same time.

I would consider the real goal to be ensuring that the package
builds the same regardless of network being present or not,
and also regardless of the way you choose to build the package,
be it dpkg-buildpackage in a chroot, sbuild with unshare, sbuild
with schroot, pbuilder, etc. It's a requirement which helps
reproducibility.

at least in this specific instance, the final package remains the sameirrespective of whether you have internet access or not. So this doesnot affect reproducibility at all. You just test more functionality ifinternet is present, that is all.

This confusion comes because of treating test target in rules exactlysame way as build target, when in reality both has different effects onfinal binaries and reproducibility.


I did not want to be the first to reply to this policy bug,
but I also agree with the others participants that policy is
ok as it is, and I would also hope we keep enforcing it
even in cases like this one where the unshare backend hides
the network access and makes the package build not to fail.

Thanks.

Attachment: OpenPGP_0x8F53E0193B294B75.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy
  - From: Santiago Vila <sanvila@debian.org>

References:
- Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy
  - From: Pirate Praveen <praveen@debian.org>
- Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy
  - From: Santiago Vila <sanvila@debian.org>

Prev by Date: Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy
Next by Date: Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy
Previous by thread: Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy
Next by thread: Bug#1104643: Don't consider tests during build that can use internet if available as rc buggy
Index(es):
- Date
- Thread