Inputs from the network—even if it doesn’t seem like it—are volatile. It’s best to make a build system not rely on remote data.
If it must be the case, then:
- ensure integrity using cryptographic checksums,
- keep backups.
Ideally, a fallback location should be available with the backups.
A good example is how the FreeBSD ports
work. Port descriptions
contain a list of
a list of files to be retrieved in
DISTFILES, and a
with cryptographic checksums for each of these files. The FreeBSD
infrastructure ensures that a copy of all distfiles are kept available
on a mirror network. When building a port, the files will be downloaded
from there if the original master site is unreachable.