* Chow Loong Jin <hyper...@debian.org> [121020 18:10]: > The only argument I have seen for binary uploads is to ensure that DDs have > built the package prior to uploading it. But as someone else pointed out > earlier > in the thread, we seem to be trusting DDs a lot in other aspects, so why not > trust that they test-build packages prior to uploading them as well?
Because trusting someone in one thing is not the same as trusting someone in another. Trust works best when there is accountablity. Having the binary file around, even if it is not easily accessible on some remote archive, noone can claim "I tested this, it just did work here, something must be different on the buildds" and hope to get away with it. Given that source only uploads where tried in another project and the results are scary, this accountability might make the difference to make it work. And to also name another argument: having the files actually uploaded means it is easy to add additional checks. (Like starting with making sure the list of files does not differ between the two versions, or some check to see only versions of generated dependencies differ but not the packages depended and so on). Bernhard R. Link -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121020162948.gb14...@client.brlink.eu