--no-check-gpg option; we're not going to support debootstrap versions
so old that they don't support this flag, *and* the dpkg-query call
doesn't give us the right version anyway - we're using an extracted
copy from the archive, not the one that (might be) installed on our
build machine.
Use ARCHIVE_KEYRING_PACKAGE and ARCHIVE_KEYRING_FILE parameters
and always use the unpacked keyring instead of the system-wide one.
Thanks to Robert Spencer <rspencer@lbsd.net> for the patch.
better safety when extracting boot loader files.
* Update all the relevant boot-* scripts to do the right thing when
extracting packages and sources, depending on
$ARCHIVE_EXTRACTED_SOURCES as above
Steve pointed out that this lookup is only here so that helper scripts
can grab those sources and make them available in a public location
such as http://cdimage.debian.org/cdimage/cd-sources/. The sources are
not embedded in the generated ISO and are thus not strictly needed
for building the ISO image.
This should happen even when we're not building source ISOs but it's
not needed if we don't have any similar policy in place. Thus CONF.sh
is now leaving $ARCHIVE_EXTRACTED_SOURCES unset by default and the
source will only be looked up if that value is set.
+ tools/sort_deps: parse out Built-Using from Packages files too and
pass any such data on to tools/merge_package_lists
+ tools/merge_package_lists: if we have any built-using source
packages listed when doing a combined binary/source set, add them in
the same way as existing listed sources.
* Other bug fixes in tools/merge_package_lists:
+ Fix handling of multi-line Binary: fields
+ Print out the accumulated size of source packages in output also
(fix to printf format string)
versions of a source package:
+ make_disc_trees.pl now tracks arrays of packages when parsing
apt-cache output
+ We'll now pull in all the extra packages included in Sources.gz
because of Built-Using.