But when doing this with apt-get install, a lot of the time I find that when a new version of a package is released, the old one gets removed and becomes no longer accessible, so locking versions actually ends up resulting in _more_ build flakiness than just using the latest of whatever package available at build-time, which is obviously not ideal.
I would maintain a local apt repository for that situation.
I would maintain a local apt repository for that situation.