Bug#844431: Revised patch: seeking seconds

Russ Allbery rra at debian.org
Wed Aug 16 16:36:04 UTC 2017

Bill Allombert <ballombe at debian.org> writes:

> I am still concerned that there will be no reliable way for maintainers
> to check whether a package is reproducible according to policy before
> uploading it to the archive.

Ximin answered this, but I also wanted to note that while having such a
tool would be ideal, we don't have such tools for every aspect of Policy,
and I'm generally comfortable with that.  There are a lot of elements in
building a distribution where we can't proactively test exhaustively and
maintainers have to be reactive.  Obviously, full testing in advance is
best, but we can live with some reactive bug fixing.

There is an infrastructure that will test your package for reproducibility
after upload and let you know if that fails, which is better than some
other aspects of Policy.

Note that, for most developers, this is pretty much equivalent to the
current situation with FTBFS on, say, s390 architectures.  Or even issues
with running under whichever init system is not the one the maintainer
personally uses.  Maintainers generally do not proactively test such
things; they follow best practices, use standard tools, and then
reactively respond to bugs filed or by failures detected by other parts of
the infrastructure when those tools fail for some reason.  And generally
that's fine; lots of proactive testing for the maintainer would often be a
waste of their time.

Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>

More information about the Reproducible-builds mailing list