[jira] [Commented] (TIKA-4591) Implement Reproducible Builds for tika-server

Jira Sun, 04 Jan 2026 18:03:07 -0800


    [ 
https://issues.apache.org/jira/browse/TIKA-4591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18049054#comment-18049054
 ]


Hervé Boutemy commented on TIKA-4591:
-------------------------------------

exactly

> Implement Reproducible Builds for tika-server
> ---------------------------------------------
>
>                 Key: TIKA-4591
>                 URL: https://issues.apache.org/jira/browse/TIKA-4591
>             Project: Tika
>          Issue Type: Sub-task
>            Reporter: Nicholas DiPiazza
>            Priority: Major
>              Labels: build, reproducible-builds, security, tika-server
>
> h2. Objective
> Implement reproducible builds for the tika-server module to ensure 
> bit-for-bit identical outputs across different build environments.
> h2. Tasks
> * Configure Maven properties for reproducible builds in tika-server/pom.xml
> * Set project.build.outputTimestamp property
> * Configure maven-jar-plugin for reproducible archive creation
> * Configure maven-source-plugin for reproducible source archives
> * Configure maven-assembly-plugin if used for distribution packaging
> h2. Verification
> * Build tika-server multiple times and verify checksums match
> * Build on different machines/environments and verify reproducibility
> * Generate and verify .buildinfo file
> * Document verification steps
> h2. Acceptance Criteria
> # tika-server JAR builds are reproducible
> # Source archives are reproducible
> # All timestamps are normalized
> # buildinfo file is generated and validates successfully



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (TIKA-4591) Implement Reproducible Builds for tika-server

Reply via email to