* Matthias Bussonnier <bussonniermatth...@gmail.com>, 2017-09-29, 11:16:
I'm interested in the reproducible build of an _sdist_.
That is to say the process of going from a given commit to the
corresponding TGZ file. It is my understanding that setting
SOURCE_DATE_EPOCH (SDE for short) should allow a reproducible building
of an Sdist;
It not enough to normalize timestamps. You need to normalize permissions
and ownership, too.
(I'm using https://pypi.python.org/pypi/distutils644 for normalizing
permissions/ownership in my own packages.)
I cannot seem to be able to do that without unpacking and repacking the
tgz myself;
Yeah, I don't believe distutils honors SOURCE_DATE_EPOCH at the
moment.
Second; is there a convention to store the SDE value ?
In the changelog.
--
Jakub Wilk
_______________________________________________
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig
