Hello Ian, On Tue, Jun 20, 2017 at 06:10:49PM +0100, Ian Jackson wrote: > In the absence of objections to my analysis, I suggest we proceed on > the following basis: > > A .buildinfo file is not useful for a source-only upload which is > veried to be identical to the intended source as present in the > uploader's version control (eg, by the use of dgit). > > Therefore, dgit should not include .buildinfos in source-only uploads > it performs. If dgit sees that a lower-layer tool like > dpkg-buildpackage provided a .buildinfo for a source-only upload, dgit > should strip it out of .changes.
Thank you for this text. I think that dgit should strip the .buildinfo when it built the source package itself, as part of a build-source or push-source run, but what about when the user supplies a .changes, with -C, to push-source? I don't think that dgit should modify the .changes in that case, because it is counterintuitive when the user has provided a particular .changes they want dgit to verify and then upload. Maybe it should refuse to push if the .buildinfo is present, though? Possibly with a --deliberately-include-buildinfo to override. W.r.t. building source packages, do you still think that we should be using dpkg-source to build it, or just continue invoking `dpkg-buildpackage -S -us`? This is relevant for both build-source and push-source. -- Sean Whitton
signature.asc
Description: PGP signature
