Hi everyone, On Tue, Jan 07, 2025 at 11:36:16PM +0100, Aurelien Jarno wrote: > > But that's much longer than --include=ca-certificates, so not a good option > > for > > interactive use. > > Yes, I fully agree that this is not really an issue for scripts, they > can be adjusted, but it is more problematic for interactive users, > either directly or probably through sbuild when adding extra chroots.
In light of todays discussion about build tarballs, a simpler solution for ca-certificates struck me: why not raise the Priority: of ca-certificates to important or higher? I see two good reasons to do this: 1) the (non-)presence of ca-certificates in a build environment should not depend on the used mirror to create the chroot. It's (non-)presence can cause other packages to FTBFS or otherwise differ in their builds. Having it always be present would give us a more consistent build environment. 2) I'd argue an OS install that cannot practically speak TLS to anything is not very useful. What do people think? Should we approach the ca-certificates maintainers and ftpmasters? Chris

