[LaGrange]

> goals and motivations seem 100% in line with google,

It's been a long time since I've believed in their idealism, yes, but I still think accusing Debian of being in the advertising and surveillance business is a bit harsh.

[ramses0]

> Google are better package maintainers than Debian

My intent was to challenge your statement that google are better package maintainers than Debian, specifically w.r.t. reproducibility of builds.

It's disrespectful to Debian to think that they haven't been pushing for secure, auditable, trusted software running on trusted computers.

It's practically their reason for existing: taking open, auditable software, packaging it in reproducible fashion for use by anyone who wants it.

https://www.debian.org/social_contract.html#guidelines

Imagine if Debian had similar financial support available compared to Google/RedHat? The best info I could find is here: https://www.spi-inc.org/corporate/annual-reports/2017.pdf

`This covers the Period January 1, 2017 – December 31, 2017`

`Gross Income -------- 635,311.59`

...and in that way, yes: google can afford more package maintainers, more scrutiny, but if they are "better package maintainers" it's at those margins and due to economics rather than ability or desire.

[LaGrange]

> My intent was to challenge your statement that google are better package maintainers than Debian, specifically w.r.t. reproducibility of builds.

Ah, I believe there's a misunderstanding coming from misreading of my statement: what I wrote is that the _reason to upgrade_ would be the _belief_ that they are better, and that if you restrict yourself to _certain measures_, they probably can, by throwing more money at the problem. I hoped that he latter part of my comment probably makes it rather clear that Google wouldn't actually be better as far as I'm concerned. Even from purely technical perspective, I'm fairly sure Debian is willing to support many architectures Google will ignore.