On Wed, Feb 13, 2008 at 07:14:21PM +0100, Raphael Hertzog wrote: > That said, there are good reasons why one shouldn't do (massive) > binary-uploads (reproducibility of builds on official buildd => important > for the security team which will have to make builds of packages on the > official buildd during lifetime of the stable release, availability of > logs in buildd.debian.org).
The architecture for which a DD is initially uploading a package is already lacking a build log on buildd.debian.org and the corresponding build has no guarantee to be reproducible. So if these are good arguments for not doing (massive) binary uploads, they are also good arguments for not allowing binary-uploads at all (thousands DDs making binary uploads are hardly worst than 1 DD doing massive binary uploads). Or, if you prefer, they are good arguments for throwing away the .debs uploaded by DDs and rebuilding them from scratch. SCNR, really. -- Stefano Zacchiroli -*- PhD in Computer Science ............... now what? [EMAIL PROTECTED],cs.unibo.it,debian.org} -<%>- http://upsilon.cc/zack/ (15:56:48) Zack: e la demo dema ? /\ All one has to do is hit the (15:57:15) Bac: no, la demo scema \/ right keys at the right time
signature.asc
Description: Digital signature