There is a specific naming scheme in how dependencies are acquired from the S3 repository, and it's not always the same (example: gtest, or the Python modules like Jinja). Also, it doesn't seem like there is a way to disable the automatic procedure that pulls in the packages.
What would be the correct approach, in your opinion, to replace a dependency in case something breaks and we have to rebuild it on our own?