[Reproducible-builds] anything a packager can do for their packages?
lunar at debian.org
Wed Sep 3 16:56:24 UTC 2014
Daniel Kahn Gillmor:
> hey reproducible-builds folks--
> as an interested packager, but not one of the awesome people working
> actively on improving debian toolchains, i wanted to know if there was
> anything specific i could do as a packager now to ensure that my package
> can be reproducibly built.
> If there were a section on the wiki page suggesting what a packager
> could do to try to test their own packages, that would be useful, and
> could maybe get more feedback about reproducible builds.
I think we are still missing small parts of the framework to write that
documentation. We are getting close, but there's a few more steps.
Also, we should soon be able to do another archive-wide build+rebuild.
(maybe more focused on core packages this time, but gnupg is in the
set). We'll make sure to make the log available to interested
> I'm particularly interested in this as part of the GnuPG packaging team
> right now.
In the meantime, you could experiment the build system. I wrote the
following script which will allow to compare the output of a command
repeatedly called with a variation:
You coud try spotting anything that get captured by the build system
that should not. Probably you should ignore variations due to build
I'm not sure it's a good use of your time. As, hopefully, we should be
able to have a better definition of what “reproducible builds” mean in
the Debian context.
lunar at debian.org : :Ⓐ : # apt-get install anarchism
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: Digital signature
More information about the Reproducible-builds