On 21/04/17 at 14:15 +0200, Paul Gevers wrote: > Hi, > > On 21-04-17 14:10, Holger Levsen wrote: > > On Fri, Apr 21, 2017 at 01:44:40PM +0200, Paul Gevers wrote: > >> I don't think this number is bad per-se (assuming this extra_source_only > >> just meant it has "Build-Using"). The bad thing in my opinion is when > >> multiple version are kept around for a long time. > > > > I consider the life time of stretch to be long, you don't? > > Oh, sure, but what I meant is during preparation of a release. If during > the freeze rebuilds are done, you only have the version that you ship > anyways. > > > Are security updates supposed to be build using the most current source > > package in stretch or the one specified in "Build-Using"? > > The version in Build-Using is added during building. So this field is > updated during security builds to the latest version. The Build-Depends > field determines (as always) which packages (potentially with version) > to use for building. Nothing new here.
Note that it's "Built-Using", not "Build-Using", so it's really a statement about the produced binary package, not an alternative way to specify build-dependencies. Lucas
