dh-perl6 vs. dh-raku: reproducibility issues with vendor/precompiled
Chris Lamb
lamby at debian.org
Thu Jan 20 20:30:06 GMT 2022
[adding 1002496 at bugs.debian.org to CC]
Hi all,
>> I just noticed a reproducibility issue in a package that transitioned
>> from dh-perl6 to dh-raku, and it introduced some reproducibility issues
>> in the raku-tap-harness in precomp files, e.g.:
>
> I think this was already briefly discussed in #1002496
Yes, indeed. As I mentioned in that bug, I initially thought they were
accidentally-distributed temporary/build files; something that's
actually quite common in Debian and comes up quite a lot when doing
Reproducible Builds stuff.
If I had realised they were the result of deliberate pre-compilation
efforts, I would probably not have filed that bug. Or, rather: I
wouldn't have done without a patch to fix the issue! In other words,
sorry for the essentially unactionable bug, although it *is* serving as
a useful place to dump information as we inch towards a solution.
(I have included #1002496 on the CC of this thread, perhaps to avoid any
potential duplication in the future.)
>> But there aren't many [tagged] packages there (yay?), and the
>> description is a bit terse suggesting that these files should not
>> be shipped at all...
>
> Well …
Oh, don't read into that description, Vagrant! That's likely my
description based on my jejune understanding of the problem at the
time (see above). Please feel free to update it — I have nothing
against precompilation as a general rule.
>> They appear to be hashed filenames, what goes into the hash that
>> produces them (file path? timestamp? etc.), and could that be made
>> reproducible?
>
> That would be nice indeed.
>
> I once experimented by comparing the "old"
> precompiled-at-instalation-time and the precompiled-at-build-time
> files on my laptop, and interesetingly they were the same. Or I
> missed something. But yeah, rebuilding with reprepo shows that paths
> are embedded which ist Not Good™.
Thanks for confirming in reprepro. This is also confirmed by me at the
end of #1002496. I haven't done any other investigating yet.
For completeness, another related bug in this area is:
https://bugs.debian.org/1003159
... although that is related to the contents of foo.dh-raku.list
files. It is, I think, pretty uncontroversial.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby at debian.org 🍥 chris-lamb.co.uk
`-
More information about the Reproducible-builds
mailing list