On Tue, Jun 18, 2019 at 06:29:12PM +0200, Ansgar Burchardt wrote: > The .buildinfo files are referred to in the .changes files; renaming > them would require updating the .changes file. The .changes files are > used to upload the security updates to ftp-master.
With .changes being ephemeral, it feels to me that using them to cross
the archive is not really a good solution, and whatever is used to copy
packages from one archive to another (is it dak itself?) should instead
re-create the upload and re-sign it. Also because that way it would be
perfectly able to "upload" all of the sources+binaries from sec-master
to ftp-master in a single go, which can't be bad.
> ftp-master also has the same problem when uploads end up in policy
> queues (the renaming to .buildinfo.N is only done when dak is "done"
> with the file and will never touch it again).
Also here, it feels to me that once something is accepted into a policy
queue, dak should already consider it something controlled by itself,
store checksums in the database and be done, not keep the .changes
around as a "source of truth" for additional processing, imho.
Sure, I understand that things works like that, I'm just showing a few
design points that could potentially be done differently.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
