Package: debian-policy Version: 4.2.0.1 Tags: patch Apropos of discussion in #813471:
Paul writes: > In addition, d-i relies on access to the apt repo for the system. > I can imagine other uses of that, so I added a carve-out for that. In general I think this should be done by saying that packages may access the apt repository. Binaries, and sources, because packages cannot depend on each others' sources and implementing that is a lot of work. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813471#126 for a more extended rationale for permitting access to sources as well as binaries. diff --git a/policy/ch-source.rst b/policy/ch-source.rst index d6a21b8..2d6f9ea 100644 --- a/policy/ch-source.rst +++ b/policy/ch-source.rst @@ -288,6 +288,13 @@ For packages in the main archive, no required targets may attempt network access, except, via the loopback interface, to services on the build host that have been started by the build. +Nevertheless, required targets may use ``apt`` to access the apt +repositories provided by the build environment (which are those which +were used to resolve the package's build-dependencies). If +appropriate, :ref:`Built-Using <s-built-using>`` must then be +declared. It is permitted to download both binaries and/or sources. +However, this facility should not normally be used. + The targets are as follows: ``build`` (required) -- Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own. If I emailed you from an address @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.
