[buildd-tools-devel] Bug#774415: Bug#774415: From srebuild sbuild-wrapper to debrebuild

Holger Levsen holger at layer-acht.org
Wed Dec 21 09:58:39 UTC 2016 

Hi,

On Wed, Dec 21, 2016 at 10:52:54AM +0100, Johannes Schauer wrote:
> because somebody who *does* care about this and uses their own local mirror
> will have their setup subverted by this feature without any warning.

well, I (the user) feed it with a .buildinfo files, which needs old
versions. So I basically *ask* for snapshot.d.o to be used.

I'd *expect* that snapshot.d.o is being used!

> > why? If I call "sbuild foo.buildinfo" and that .buildinfo file has no
> > source hashes, then sbuild should fail. Easy. (?!?!)
> 
> Why should it then fail in your opinion?
 
because for rebuilding purposes, .buildinfo files without source hashes
are broken. (And as .buildinfo files are made for rebuilding, I'd say
.buildinfo files without source hashes are always broken.)

> Sure, it's easy to implement but I wonder if this restrictions makes sense. Why
> do you think it does?

Because I dont expect there are .buildinfo files without source hashes.

> > You seem to imply that the Debian autobuilders will generate .buildinfo files
> > without source hashes - I think *that* is a problem - how can we fix it?
> 
> Autobuilders only generate the arch:all and arch:any binary packages from the
> source package they are given. They do not regenerate the source package. Thus,
> they will call dpkg-buildpackage with --build=any or --build=all which in turn
> will create a .buildinfo that doesn't contain the source hash.

SIGH.

This is a *major* problem, I think.

> If one tries passing --buildinfo-option=--build=full to dpkg-buildpackage then
> this will lead to a build failure if dpkg-buildpackage was not also called with
> --build=full. This makes sense on the level of dpkg-buildpackage because it's
> possible to build binary packages without having the source package. But on the
> autobuilder level the source package always exists. It would thus probably have
> to be sbuilds job to mangle the buildinfo file and insert the source package
> hash in it. But if you do that then you get to disparities between people
> generating their buildinfo with sbuild/pbuilder and people who just use
> dpkg-buildpackage...

makes sense and sucks. Need to think more about this.


-- 
cheers,
	Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20161221/f5375128/attachment.sig>

More information about the Buildd-tools-devel mailing list