Missing sources, binaries and pre-built binaries in source packages effect reproducible builds security

[Emanuel Bronshtein]

There are lintian checks that look for missing source in source packages, such as:
    https://lintian.debian.org/tags/source-is-missing.html
    
also there are checks for prebuilt files in source, such as:
    https://lintian.debian.org/tags/source-contains-prebuilt-binary.html
    https://lintian.debian.org/tags/source-contains-prebuilt-ms-help-file.html
    https://lintian.debian.org/tags/source-contains-prebuilt-python-object.html
    https://lintian.debian.org/tags/source-contains-prebuilt-windows-binary.html
    https://lintian.debian.org/tags/source-contains-prebuilt-silverlight-object.html
    https://lintian.debian.org/tags/source-contains-prebuilt-javascript-object.html
    https://lintian.debian.org/tags/source-contains-prebuilt-java-object.html
    https://lintian.debian.org/tags/source-contains-prebuilt-flash-project.html
    https://lintian.debian.org/tags/source-contains-prebuilt-flash-object.html
    
Some of the pre-built checks are marked as pedantic, such as documentation related checks:
    https://lintian.debian.org/tags/source-contains-prebuilt-sphinx-documentation.html
    https://lintian.debian.org/tags/source-contains-prebuilt-pandoc-documentation.html
    https://lintian.debian.org/tags/source-contains-prebuilt-doxygen-documentation.html
    
which note "It is preferable to rebuild documentation directly from source."

To get more security benefits from reproducible builds effort, it's better to fix/disallow the pre-built binaries in source packages (to ensure that binaries come from known source & the compile/packaging operation is always done by builder)

related suggestions:
1. raise the level from pedantic in the future for related checks. (such when reproducible builds are mandatory)
2. add more source-contains-prebuilt-X checks (there probably missing checks for various tools/file-formats)