Bug#1122231: sigstore-go: please make the build reproducible

[Chris Lamb]

Source: sigstore-go
Version: 0.7.1-2
Severity: wishlist
Tags: patch
User: reproducible-builds at lists.alioth.debian.org
Usertags: nocheck
X-Debbugs-Cc: reproducible-bugs at lists.alioth.debian.org

Hi,

Whilst working on the Reproducible Builds effort [0], we noticed that
sigstore-go could not be built reproducibly.

This is because the call to remove some tests were in the wrong
debian/rules target. Whilst it was in override_dh_auto_test, this target
is not called if the tests are skipped — meaning that if the tests
are *not* run, then the package contains those files.

Patch attached.

 [0] https://reproducible-builds.org/


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby at debian.org / chris-lamb.co.uk
       `-
-------------- next part --------------
--- a/debian/rules	2025-12-08 15:39:48.604788663 -0800
--- b/debian/rules	2025-12-08 15:44:16.576649601 -0800
@@ -11,7 +11,7 @@
 %:
 	dh $@ --builddirectory=_build --buildsystem=golang
 
-execute_before_dh_auto_test:
+execute_after_dh_auto_build:
 	rm -fv _build/src/github.com/sigstore/sigstore-go/pkg/verify/sct_test.go
 
 execute_after_dh_auto_install: