Hello community, here is the log from the commit of package vlc for openSUSE:Factory checked in at 2020-04-05 20:49:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vlc (Old) and /work/SRC/openSUSE:Factory/.vlc.new.3248 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "vlc" Sun Apr 5 20:49:58 2020 rev:104 rq:791216 version:3.0.8 Changes: -------- --- /work/SRC/openSUSE:Factory/vlc/vlc.changes 2020-03-31 17:32:08.576256890 +0200 +++ /work/SRC/openSUSE:Factory/.vlc.new.3248/vlc.changes 2020-04-05 20:49:59.068978223 +0200 @@ -1,0 +2,7 @@ +Tue Mar 31 08:58:04 UTC 2020 - Bernhard Wiedemann <[email protected]> + +- Make package build reproducible: + * Add reproducible.patch to normalize created tarballs + * Create %ghost file with fixed size + +------------------------------------------------------------------- New: ---- reproducible.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vlc.spec ++++++ --- /var/tmp/diff_new_pack.oBxks0/_old 2020-04-05 20:50:01.272980332 +0200 +++ /var/tmp/diff_new_pack.oBxks0/_new 2020-04-05 20:50:01.272980332 +0200 @@ -59,6 +59,8 @@ Patch103: 0001-Port-OpenCV-facedetect-example-to-C-API.patch # PATCH-FIX-UPSTREAM -- Fix building with Qt 5.15 by adding a missing include Patch104: fix-missing-includes-with-qt-5.15.patch +# PATCH-FIX-UPSTREAM reproducible.patch -- make tar reproducible -- 87ea3c0dfb7367b434f688d657f931c074bb34f4 +Patch105: reproducible.patch BuildRequires: Mesa-devel BuildRequires: aalib-devel BuildRequires: alsa-devel >= 1.0.24 @@ -407,6 +409,7 @@ %patch102 -p1 %patch103 -p1 %patch104 -p1 +%patch105 -p1 ### And LUA 5.3.1 has some more API changes if pkg-config --atleast-version 5.3.1 lua; then @@ -534,6 +537,9 @@ done %find_lang vlc +# ensure the ghost file has constant length for reproducibility +dd if=/dev/zero bs=1M count=1 of=%{buildroot}/%{_libdir}/vlc/plugins/plugins.dat + %post %{_libdir}/vlc/vlc-cache-gen %{_libdir}/vlc/plugins ++++++ reproducible.patch ++++++ https://mailman.videolan.org/pipermail/vlc-devel/2019-October/128188.html commit d5e7205f0a4c5dbd55b1b56487f3044a5b01be16 Author: Bernhard M. Wiedemann <[email protected]> Date: Fri Oct 4 12:55:46 2019 +0200 Sort tar file list if available (in GNU tar >= 1.28) and use ustar format to not have pax headers add nondetermistic bits to make skins2/default.vlt reproducible. See https://reproducible-builds.org/ for why this is good. This patch was done while working on reproducible builds for openSUSE. Signed-off-by: Bernhard M. Wiedemann <[email protected]> diff --git a/share/Makefile.am b/share/Makefile.am index e5b801a5be..327d36a64d 100644 --- a/share/Makefile.am +++ b/share/Makefile.am @@ -92,8 +92,11 @@ skins2_default_vlt_FILES = \ skins2/default.vlt: $(skins2_default_vlt_FILES) $(AM_V_at)mkdir -p skins2 $(AM_V_at)rm -f -- skins2/default.vlt.tmp - $(AM_V_GEN)GZIP=--no-name \ + $(AM_V_GEN)tarsort= ; \ + tar --help|grep -q sort=ORDER && tarsort=--sort=name ; \ + GZIP=--no-name \ tar cvvzf skins2/default.vlt.tmp \ + --format=ustar $$tarsort \ --owner=root --group=root --directory="$(srcdir)/skins2" \ default/ $(AM_V_at)mv -f -- skins2/default.vlt.tmp skins2/default.vlt
