[Reproducible-builds] Bug#807876: strip-nondeterminism: should ignore signed JARs

[Andrew Ayer]

Package: strip-nondeterminism
Severity: wishlist

It would be nice for strip-nondeterminism to ignore signed JARs (but
print a warning), since its modifications will break the signature.

According to the jarsigner(1) man page, a signed JAR will have .DSA
and .SF files in the META-INF, so we can look for those.

An example of a signed JAR can be found in
git://git.kali.org/packages/dirbuster.git