Hi! On Mon, 2016-12-19 at 18:56:24 +0100, Ximin Luo wrote: > Package: dpkg-dev > Version: 1.18.15 > Severity: wishlist
> One of the purposes of buildinfo files is to aid in debugging, e.g. to be able > to see what particular build-environment variation (between two builds) may > have caused a failure to reproduce some binary hashes. This goal suggests that > we should increase or maximise the amount of information in a buildinfo file. > > However, on the other side there are privacy concerns; developers doing > uploads > may not want to reveal particular information about their own computer. > > This ticket proposes to have dpkg-genbuildinfo generate extra information when > DEB_BUILD_OPTIONS contains buildinfo=xxx flags. This would be the case for > e.g. > the Debian buildds which are semi-public machines that don't need to hide > their > system details, so increasing the amount of debugging information is useful. > > dpkg-genbuildinfo already has a --always-include-path flag, but this would > typically have to be included in d/rules, thereby changing the source code of > the package. Providing the equivalent functionality via DEB_BUILD_OPTIONS > would > allow different builders to reveal different pieces of information, whilst all > building the same source package (and hopefully the same binary packages). Ah, I like that! I also found that having a specific command-line option just for the path field was a bit annoying, interface-wise. I've quickly prepared this, which we could then extend: <https://git.hadrons.org/cgit/debian/dpkg/dpkg.git/log/?h=pu/buildinfo> > For example, the Debian buildds could set DEB_BUILD_OPTIONS=buildinfo=all, but > ordinary DDs doing manual builds and uploads could use the "default" set of > information which would be more privacy-respecting. > > For example, extra things that could be added are: > > - filesystem types > - CPU type and number > - kernel name, version > - hostname > - umask > - etc, see https://tests.reproducible-builds.org/debian/index_variations.html > for more Of course we'd need to go over any additional thing to add and define the field names its contents, etc, so that might take more time. :) Thanks, Guillem
