On Sun, Dec 02, 2018 at 04:28:46PM -0800, Russ Allbery wrote:
Guillem Jover <guil...@debian.org> writes:
Whether a package is being built within a chroot or not, has nothing
to do with how that installation is being managed IMO. It feels a bit
like recording what's the form factor of the machine being run on? :)
I think what people are trying to get at here is "was the package built on
a system with packages other than build dependencies plus build-essential
plus essential/required packages installed."
I do think this would be very useful to track, but it's a bit complicated
to work out, and there are probably a few other exceptions that would need
to be in place.
And you'd still have cases like "someone installed something in
/usr/local/bin" and such. Might be easier to just track whether it was
built in a dsa-maintained autobuilder, so a human can identify potential
local build environment issues as a possible explanation for unexpected
behavior because that's really the objective. Might also not be worth
trying to do that vs existing ways to find out where the package was
built.
