Daniel Kahn Gillmor: > hey reproducible-builds folks-- > > as an interested packager, but not one of the awesome people working > actively on improving debian toolchains, i wanted to know if there was > anything specific i could do as a packager now to ensure that my package > can be reproducibly built. > > If there were a section on the wiki page suggesting what a packager > could do to try to test their own packages, that would be useful, and > could maybe get more feedback about reproducible builds.
I think we are still missing small parts of the framework to write that documentation. We are getting close, but there's a few more steps. Also, we should soon be able to do another archive-wide build+rebuild. (maybe more focused on core packages this time, but gnupg is in the set). We'll make sure to make the log available to interested maintainers. > I'm particularly interested in this as part of the GnuPG packaging team > right now. In the meantime, you could experiment the build system. I wrote the following script which will allow to compare the output of a command repeatedly called with a variation: http://anonscm.debian.org/cgit/reproducible/misc.git/tree/test-reproducibility You coud try spotting anything that get captured by the build system that should not. Probably you should ignore variations due to build path variations. I'm not sure it's a good use of your time. As, hopefully, we should be able to have a better definition of what “reproducible builds” mean in the Debian context. -- Lunar .''`. lu...@debian.org : :Ⓐ : # apt-get install anarchism `. `'` `-
Description: Digital signature
_______________________________________________ Reproducible-builds mailing list Reproducibleemail@example.com http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds