But there's an upside to this kind of restriction. This ensures that the RPMs are truly reproducible, and that they didn't require some manual intervention to get them to build properly.
I wish you were right. The fact that an 'rpm -ba' produces both source and binaries rpm package does not at all guarantee that someone else can produce the same binaries package from that source. It is easy to make the rpm package (either on purpose or by accident) such that it picks up things it did not make. I was bitten by that seriously. If there's a way to have RPM hit me on my fingers in that case, then it would be very welcome. We're considering to set up some clean room build process to make sure all source packages are complete.
Actually, one distribution has made this style to an art. I have src packages that contain no source at all but depend on other packages to be installed in advance, have the build requirements as comments in the spec file and simply builds an incomplete package when you missed some of those.
Rob
