From srebuild sbuild-wrapper to debrebuild
HW42
hw42 at ipsumj.de
Thu Nov 10 15:23:00 UTC 2016
Johannes Schauer:
> Hi,
>
> On Thu, 10 Nov 2016 05:54:13 -0200 Johannes Schauer <josch at debian.org> wrote:
>> On Tue, 02 Aug 2016 22:49:00 +0200 Johannes Schauer <josch at debian.org> wrote:
>>> But then on IRC, HW42 suggested to approach this problem differently.
>>> Instead of integrating the functionality of figuring out the right
>>> repositories to reproduce the contents of a buildinfo file into sbuild,
>>> write a tool that can drive any package builder (like pbuilder).
>
> there seems to be a conceptual problem with such an approach.
>
> For binNMUs, the full changelog entry has to be passed to sbuild or pbuilder.
> How does one best pass such a multi-line value via command line options?
What's your problem with passing multi-line value via command line
options?
> Would the best way to pass the changelog entry via the .buildinfo
> file?
Not sure about that. If you dislike passing the value via a command line
option, just use a plain file?
> And if pbuilder and sbuild then already are parsing the .buildinfo
> file, would it not be better for the debrebuild machinery to be
> implemented by either in the first place?
My point for an independent debrebuild was that
a) Every builder needs nearly the same functionaly for this.
b) It's security relevant since it parses semi-trusted (the .buildinfo)
and untrusted (http response from snapshot.d.o) data.
So I still think that having this separate of the builder is useful. If
sbuild, pbuilder, etc. coordinate this, some kind of library might also be
an option.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 825 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20161110/4ec1df50/attachment.sig>
More information about the Reproducible-builds
mailing list