Package: librust-const-random-dev
Version: 0.1.17-2
Severity: important
User: [email protected]
Usertags: randomness
X-Debbugs-CC:
pkg-rust-maintainers.alioth-lists.debian.net,[email protected]
hi!
I noticed the `compile-time-rng` feature on the ahash crate and investigated how
this is implemented. I traced it back to the const-random crate, which uses a
macro to read from a random number generator during the build.
We could make this deterministic by hashing SOURCE_DATE_EPOCH, but this still
means you can't reliably diff binaries that use a different S_D_E. Ideally we
would set it to some random value: https://xkcd.com/221/
Since our binaries are public, people can likely figure out the random number
anyway.
cheers,
kpcyrd
