Package: release.debian.org
Severity: wishlist
X-Debbugs-Cc: ni...@thykier.net,debian-boot@lists.debian.org
Hi,
Historically, we have had a major opt-out for non-free in regards to
Policy. One of these opt-outs are that the package does not have to be
auto-built on Debian buildds.
Since the non-free is entirely opt-in and you had to be very active
about opt'ing in as a admin, this seem fine. With the change to
non-free-firmware now being enabled by d-i by default, we now have
non-free-firmware packages installed by default that can use this
opt-out and for me, that changes the game a bit.
In my book, ideally, we would require all non-free-firmware to be build
on buildds to have it be closer aligned with main since it is now
installable by default, where we do not want to trust maintainer build
packages (which also makes our contributors less of a target for
build-time backdoors).
Though, license requirements might prevent that (I have not checked
whether all non-free-firmware is auto-buildable), so a second runner up
for me would be to have Britney enforce non-free(-firmware) was built on
a buildd if the source has `Autobuild` set to `yes`. This would at least
close the gap as much as possible.
Best regards,
Niels
