Hi Ian-- On Tue 2017-06-20 18:10:49 +0100, Ian Jackson wrote: > A .buildinfo file is not useful for a source-only upload which is > veried to be identical to the intended source as present in the > uploader's version control (eg, by the use of dgit). > > Therefore, dgit should not include .buildinfos in source-only uploads > it performs. If dgit sees that a lower-layer tool like > dpkg-buildpackage provided a .buildinfo for a source-only upload, dgit > should strip it out of .changes.
I often do source-only uploads which include the .buildinfo. I do source-only uploads because i don't want the binaries built on my own personal infrastructure to reach the public. But i want to upload the .buildinfo because i want to provide a corroboration of what i *expect* the buildds to produce. why wouldn't dgit take the same approach? stripping the .buildinfo from the .changes seems like a wasted shot at a potential corroboration. or am i misunderstanding the question here? --dkg
signature.asc
Description: PGP signature
_______________________________________________ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds