subject:"Reproducible builds"

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 49258540a6 Allow reproducible builds of all JDBC JAR files
49258540a6 is described below

commit 49258540a674495965fabf474c33e72f46d681fb
Author: John Neffenger 
AuthorDate: Sat Nov 12 18:05:24 2022 -0800

Allow reproducible builds of all JDBC JAR files
---
 modules/jdbc-pool/build.xml | 12 +---
 webapps/docs/changelog.xml  |  8 
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index b66a306dd6..54207a4bd1 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -185,7 +185,9 @@
 
   
 
-
+
   
 
   
@@ -207,7 +209,9 @@
   
 
 
-
+
   
 
   
@@ -216,7 +220,9 @@
   
   
 
-
+
   
 
   
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 2cda700947..1c639c9772 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -206,6 +206,14 @@
   
 
   
+  
+
+  
+66346: Ensure all JDBC pool JARs are reproducible. Pull
+request 566 provided by John Neffenger. (markt)
+  
+
+  
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Allow reproducible builds of all JDBC JAR files

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 7b1b85b0ae Allow reproducible builds of all JDBC JAR files
7b1b85b0ae is described below

commit 7b1b85b0ae8c2d5ac9991b0942780f352b041ff8
Author: John Neffenger 
AuthorDate: Sat Nov 12 18:05:24 2022 -0800

Allow reproducible builds of all JDBC JAR files
---
 modules/jdbc-pool/build.xml | 12 +---
 webapps/docs/changelog.xml  |  8 
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index 8b387af62a..da4f801221 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -185,7 +185,9 @@
 
   
 
-
+
   
 
   
@@ -207,7 +209,9 @@
   
 
 
-
+
   
 
   
@@ -216,7 +220,9 @@
   
   
 
-
+
   
 
   
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 6cd523b13c..547340eab0 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -222,6 +222,14 @@
   
 
   
+  
+
+  
+66346: Ensure all JDBC pool JARs are reproducible. Pull
+request 566 provided by John Neffenger. (markt)
+  
+
+  
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.1.x updated: Allow reproducible builds of all JDBC JAR files

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.1.x by this push:
 new 40f0f7d571 Allow reproducible builds of all JDBC JAR files
40f0f7d571 is described below

commit 40f0f7d571b2dcdc815d3560f7138a11120e476a
Author: John Neffenger 
AuthorDate: Sat Nov 12 18:05:24 2022 -0800

Allow reproducible builds of all JDBC JAR files
---
 modules/jdbc-pool/build.xml | 12 +---
 webapps/docs/changelog.xml  |  8 
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index 8b387af62a..da4f801221 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -185,7 +185,9 @@
 
   
 
-
+
   
 
   
@@ -207,7 +209,9 @@
   
 
 
-
+
   
 
   
@@ -216,7 +220,9 @@
   
   
 
-
+
   
 
   
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index a1fe66e758..83a1958221 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -231,6 +231,14 @@
   
 
   
+  
+
+  
+66346: Ensure all JDBC pool JARs are reproducible. Pull
+request 566 provided by John Neffenger. (markt)
+  
+
+  
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Allow reproducible builds of all JDBC JAR files

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 8ae3c81f09 Allow reproducible builds of all JDBC JAR files
8ae3c81f09 is described below

commit 8ae3c81f091f8bc99b72d2b15ea5126ad6fb4988
Author: John Neffenger 
AuthorDate: Sat Nov 12 18:05:24 2022 -0800

Allow reproducible builds of all JDBC JAR files
---
 modules/jdbc-pool/build.xml | 12 +---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index 8b387af62a..da4f801221 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -185,7 +185,9 @@
 
   
 
-
+
   
 
   
@@ -207,7 +209,9 @@
   
 
 
-
+
   
 
   
@@ -216,7 +220,9 @@
   
   
 
-
+
   
 
   


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] markt-asf merged pull request #566: Allow reproducible builds of all JDBC JAR files

2022-11-21 Thread GitBox



markt-asf merged PR #566:
URL: https://github.com/apache/tomcat/pull/566


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] jgneff commented on pull request #566: Allow reproducible builds of all JDBC JAR files

2022-11-14 Thread GitBox



jgneff commented on PR #566:
URL: https://github.com/apache/tomcat/pull/566#issuecomment-1314042008

   After this fix, the only remaining difference that I have found between any 
two builds of Tomcat using the default Ant target is the build path that gets 
included in two XML files:
   
   ```console
   $ diff -qr lxd/output1 kvm/output1
   Files lxd/output1/jdbc-pool/doc/changelog.xml and 
kvm/output1/jdbc-pool/doc/changelog.xml differ
   Files lxd/output1/jdbc-pool/doc/jdbc-pool.xml and 
kvm/output1/jdbc-pool/doc/jdbc-pool.xml differ
   ```
   
   ```diff
   diff -r lxd/output1/jdbc-pool/doc/changelog.xml 
kvm/output1/jdbc-pool/doc/changelog.xml
   19c19
   <   
   ---
   >   
   diff -r lxd/output1/jdbc-pool/doc/jdbc-pool.xml 
kvm/output1/jdbc-pool/doc/jdbc-pool.xml
   19c19
   <   
   ---
   >   
   ```
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] jgneff commented on pull request #566: Allow reproducible builds of all JDBC JAR files

2022-11-13 Thread GitBox



jgneff commented on PR #566:
URL: https://github.com/apache/tomcat/pull/566#issuecomment-1312794140

   I found how to test the [Tomcat JDBC Connection 
Pool](https://tomcat.apache.org/tomcat-10.0-doc/jdbc-pool.html) test JAR files 
(`tomcat-jdbc-test.jar` and `tomcat-jdbc-test-src.jar`). I first had to copy 
the `build.properties.default` file to `build.properties` with the following 
changes:
   
   ```diff
   94c94
   < 
tomcat.project.loc=https://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/project.xml
   ---
   > 
tomcat.project.loc=https://github.com/apache/tomcat/tree/main/webapps/docs/project.xml
   97c97
   < 
tomcat.xsl.loc=https://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/tomcat-docs.xsl
   ---
   > 
tomcat.xsl.loc=https://github.com/apache/tomcat/tree/main/webapps/docs/tomcat-docs.xsl
   ```
   
   With those changes, I could run:
   
   ```console
   $ cd modules/jdbc-pool
   $ ant build-test
   $ mv output output1
   $ ant build-test
   $ mv output output2
   ```
   
   Before this pull request, two consecutive builds show the following 
differences:
   
   ```console
   $ diff -qr output1 output2 
   Files output1/tomcat-jdbc-src.jar and output2/tomcat-jdbc-src.jar differ
   Files output1/tomcat-jdbc-test-src.jar and output2/tomcat-jdbc-test-src.jar 
differ
   Files output1/tomcat-jdbc-test.jar and output2/tomcat-jdbc-test.jar differ
   ```
   
   After this pull request, the contents of the two output directories are 
identical.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66346] Allow reproducible builds of all JDBC JAR files

2022-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66346

--- Comment #1 from John Neffenger  ---
See GitHub pull request:

Allow reproducible builds of all JDBC JAR files
https://github.com/apache/tomcat/pull/566

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[GitHub] [tomcat] jgneff opened a new pull request, #566: Allow reproducible builds of all JDBC JAR files

2022-11-12 Thread GitBox



jgneff opened a new pull request, #566:
URL: https://github.com/apache/tomcat/pull/566

   Fixes [Bug 66346](https://bz.apache.org/bugzilla/show_bug.cgi?id=66346). 
Only the first change is required to fix the timestamps in 
`tomcat-jdbc-src.jar`, but this seemed a good time to fix the timestamps in the 
other two JAR files as well (`tomcat-jdbc-test.jar` and 
`tomcat-jdbc-test-src.jar`).
   
   Can someone let me know how I might test the building of those two test JAR 
files? I couldn't figure out which Ant target to use for building and comparing 
them. I did run the unit test cases, which were successful:
   
   ```console
   $ ant test
   ...
  [concat] Testsuites with failed tests:
   
   test:
   
   BUILD SUCCESSFUL
   Total time: 110 minutes 45 seconds
   ```
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66346] Allow reproducible builds of all JDBC JAR files

2022-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66346

John Neffenger  changed:

   What|Removed |Added

URL||https://lists.reproducible-
   ||builds.org/pipermail/rb-gen
   ||eral/2022-November/002745.h
   ||tml

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 66346] New: Allow reproducible builds of all JDBC JAR files

2022-11-12 Thread bugzilla

https://bz.apache.org/bugzilla/show_bug.cgi?id=66346

Bug ID: 66346
   Summary: Allow reproducible builds of all JDBC JAR files
   Product: Tomcat 10
   Version: unspecified
  Hardware: PC
OS: Linux
Status: NEW
  Severity: minor
  Priority: P2
 Component: Packaging
  Assignee: dev@tomcat.apache.org
  Reporter: j...@status6.com
  Target Milestone: --

Two successive builds of the Apache Tomcat 'main' branch using the default
target are not deterministic, showing a difference in just one file.

Reproduce the issue as follows:

  $ SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)
  $ export SOURCE_DATE_EPOCH
  $ ant
  $ mv output output1
  $ ant
  $ mv output output2

Below is the actual result when comparing the two builds:

  $ diff -qr output1 output2
  Files output1/jdbc-pool/tomcat-jdbc-src.jar and
output2/jdbc-pool/tomcat-jdbc-src.jar differ

The expected result is that the two builds are identical and there is no output
from the 'diff' command.

The archive files differ in the timestamps of three file entries:

  $ diff <(zipinfo output1/jdbc-pool/tomcat-jdbc-src.jar) \
<(zipinfo output2/jdbc-pool/tomcat-jdbc-src.jar)
  1c1
  < Archive:  output1/jdbc-pool/tomcat-jdbc-src.jar
  ---
  > Archive:  output2/jdbc-pool/tomcat-jdbc-src.jar
  3,4c3,4
  < drwxr-xr-x  2.0 unx0 bx stor 22-Nov-12 17:47 META-INF/
  < -rw-r--r--  2.0 unx  116 b- defN 22-Nov-12 17:47 META-INF/MANIFEST.MF
  ---
  > drwxr-xr-x  2.0 unx0 bx stor 22-Nov-12 17:48 META-INF/
  > -rw-r--r--  2.0 unx  116 b- defN 22-Nov-12 17:48 META-INF/MANIFEST.MF
  52,53c52,53
  < -rw-r--r--  2.0 unx11356 b- defN 22-Nov-12 17:47 LICENSE
  < -rw-r--r--  2.0 unx  178 b- defN 22-Nov-12 17:47 NOTICE
  ---
  > -rw-r--r--  2.0 unx11356 b- defN 22-Nov-12 17:48 LICENSE
  > -rw-r--r--  2.0 unx  178 b- defN 22-Nov-12 17:48 NOTICE

The OpenJDK and Apache Ant versions that I used are shown below:

  $ java --version
  openjdk 11.0.17 2022-10-18
  OpenJDK Runtime Environment (build 11.0.17+8-post-Ubuntu-1ubuntu222.04)
  OpenJDK 64-Bit Server VM (build 11.0.17+8-post-Ubuntu-1ubuntu222.04, mixed
mode, sharing)

  $ ant -version
  Apache Ant(TM) version 1.10.12 compiled on January 17 1970

I will follow up with a pull request on GitHub.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Sign reproducible builds by default. The detached signature is available

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new c6b50a54f2 Sign reproducible builds by default. The detached signature 
is available
c6b50a54f2 is described below

commit c6b50a54f2f09fca7356fde964315394e1a9bab6
Author: Mark Thomas 
AuthorDate: Thu Aug 11 16:21:25 2022 +0100

Sign reproducible builds by default. The detached signature is available
---
 build.xml | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/build.xml b/build.xml
index 44d8711eef..0776b38788 100644
--- a/build.xml
+++ b/build.xml
@@ -2308,12 +2308,18 @@ skip.installer property in build.properties" />
 
 # This file was auto-generated by the pre-release Ant target
 
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
 # Set the version-dev to "" (empty string) as this is not a development 
release.
 version.dev=
 
 # Ensure consistent timestamps for reproducible builds
 ant.tstamp.now.iso=${tstamp.iso.release}
 
+# Enable insertion of detatched signatures into the Windows installer.
+do.codesigning=true
+
 # Reproducible builds require the use of the build tools defined below. The
 # vendors (where appropriate) and versions must match exactly for a 
reproducible
 # build since this data is embedded in various files, particularly JAR file


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Sign reproducible builds by default. The detached signature is available

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 2ceef9aea7 Sign reproducible builds by default. The detached signature 
is available
2ceef9aea7 is described below

commit 2ceef9aea7cf26c964ecfa37addbc37e7abdbd3c
Author: Mark Thomas 
AuthorDate: Thu Aug 11 16:21:25 2022 +0100

Sign reproducible builds by default. The detached signature is available
---
 build.xml | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/build.xml b/build.xml
index f36bbcecf3..acc49b4b91 100644
--- a/build.xml
+++ b/build.xml
@@ -2609,12 +2609,18 @@ skip.installer property in build.properties" />
 
 # This file was auto-generated by the pre-release Ant target
 
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
 # Set the version-dev to "" (empty string) as this is not a development 
release.
 version.dev=
 
 # Ensure consistent timestamps for reproducible builds
 ant.tstamp.now.iso=${tstamp.iso.release}
 
+# Enable insertion of detatched signatures into the Windows installer.
+do.codesigning=true
+
 # Reproducible builds require the use of the build tools defined below. The
 # vendors (where appropriate) and versions must match exactly for a 
reproducible
 # build since this data is embedded in various files, particularly JAR file


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Sign reproducible builds by default. The detached signature is available

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 522c6b8d28 Sign reproducible builds by default. The detached signature 
is available
522c6b8d28 is described below

commit 522c6b8d2801087568ccb96107d242836b9b8715
Author: Mark Thomas 
AuthorDate: Thu Aug 11 16:21:25 2022 +0100

Sign reproducible builds by default. The detached signature is available
---
 build.xml | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/build.xml b/build.xml
index f4e80409c0..d11ca5e096 100644
--- a/build.xml
+++ b/build.xml
@@ -2627,12 +2627,18 @@ skip.installer property in build.properties" />
 
 # This file was auto-generated by the pre-release Ant target
 
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
 # Set the version-dev to "" (empty string) as this is not a development 
release.
 version.dev=
 
 # Ensure consistent timestamps for reproducible builds
 ant.tstamp.now.iso=${tstamp.iso.release}
 
+# Enable insertion of detatched signatures into the Windows installer.
+do.codesigning=true
+
 # Reproducible builds require the use of the build tools defined below. The
 # vendors (where appropriate) and versions must match exactly for a 
reproducible
 # build since this data is embedded in various files, particularly JAR file


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Sign reproducible builds by default. The detached signature is available

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 3faf0ce54c Sign reproducible builds by default. The detached signature 
is available
3faf0ce54c is described below

commit 3faf0ce54c497e5bbce027158338511757c887c1
Author: Mark Thomas 
AuthorDate: Thu Aug 11 16:21:25 2022 +0100

Sign reproducible builds by default. The detached signature is available
---
 build.xml | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/build.xml b/build.xml
index 0cc7099b0c..f0ed5714d9 100644
--- a/build.xml
+++ b/build.xml
@@ -2666,12 +2666,18 @@ skip.installer property in build.properties" />
 
 # This file was auto-generated by the pre-release Ant target
 
+# Any unwanted settings may be over-ridden in a build.properties file located
+# in the same directory as this file.
+
 # Set the version-dev to "" (empty string) as this is not a development 
release.
 version.dev=
 
 # Ensure consistent timestamps for reproducible builds
 ant.tstamp.now.iso=${tstamp.iso.release}
 
+# Enable insertion of detatched signatures into the Windows installer.
+do.codesigning=true
+
 # Reproducible builds require the use of the build tools defined below. The
 # vendors (where appropriate) and versions must match exactly for a 
reproducible
 # build since this data is embedded in various files, particularly JAR file


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Increase minimum Ant version to 1.10.2 for reproducible builds

2022-06-09 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 88ae96abbb Increase minimum Ant version to 1.10.2 for reproducible 
builds
88ae96abbb is described below

commit 88ae96abbb3fde0f40985d32c03a4f0a2d0e0fa2
Author: Mark Thomas 
AuthorDate: Thu Jun 9 08:34:22 2022 +0100

Increase minimum Ant version to 1.10.2 for reproducible builds

Ant 1.10.x requires Java 8 and Tomcat 10.0.x requires Java 8 so this
allows a simpler build script.
---
 build.properties.default   | 2 +-
 webapps/docs/changelog.xml | 4 
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/build.properties.default b/build.properties.default
index 1d6bc6e982..3eb47b1707 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -36,7 +36,7 @@ version.patch=0
 version.suffix=-dev
 
 # - Build tools -
-ant.version.required=1.9.10
+ant.version.required=1.10.2
 
 # - Reproducible builds -
 # Uncomment and set to current time for reproducible builds
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 12da00c824..3563cab9c4 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -130,6 +130,10 @@
   
 Update to bnd 6.3.1. (markt)
   
+  
+The minimum Ant version required to build Tomcat 9.0.x is now 1.10.2.
+(markt)
+  
 
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Increase minimum Ant version to 1.10.2 for reproducible builds

2022-06-09 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 9c0048ecc9 Increase minimum Ant version to 1.10.2 for reproducible 
builds
9c0048ecc9 is described below

commit 9c0048ecc983224f2eedc7f14bf6b06ef44fa606
Author: Mark Thomas 
AuthorDate: Thu Jun 9 08:34:22 2022 +0100

Increase minimum Ant version to 1.10.2 for reproducible builds

Ant 1.10.x requires Java 8 and Tomcat 10.0.x requires Java 8 so this
allows a simpler build script.
---
 build.properties.default   | 2 +-
 webapps/docs/changelog.xml | 4 
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/build.properties.default b/build.properties.default
index 90da707915..43ec60aa87 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -36,7 +36,7 @@ version.patch=0
 version.suffix=-dev
 
 # - Build tools -
-ant.version.required=1.9.10
+ant.version.required=1.10.2
 
 # - Reproducible builds -
 # Uncomment and set to current time for reproducible builds
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index be83a0a425..dd78f99bfd 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -130,6 +130,10 @@
   
 Update to bnd 6.3.1. (markt)
   
+  
+The minimum Ant version required to build Tomcat 10.1.x is now 1.10.2.
+(markt)
+  
 
   
 


-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Increase minimum Ant version to 1.10.2 for reproducible builds

2022-06-09 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new ff5d86fc3e Increase minimum Ant version to 1.10.2 for reproducible 
builds
ff5d86fc3e is described below

commit ff5d86fc3e14841562fa133bff958035ce2c2fc3
Author: Mark Thomas 
AuthorDate: Thu Jun 9 08:34:22 2022 +0100

Increase minimum Ant version to 1.10.2 for reproducible builds

Ant 1.10.x requires Java 8 and Tomcat 10.1.x requires Java 11 so this
allows a simpler build script.
---
 build.properties.default |  2 +-
 build.xml| 15 ++-
 2 files changed, 3 insertions(+), 14 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 9f6bd005ff..b514c3f845 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -36,7 +36,7 @@ version.patch=0
 version.suffix=-M17-dev
 
 # - Build tools -
-ant.version.required=1.9.10
+ant.version.required=1.10.2
 
 # - Reproducible builds -
 # Uncomment and set to current time for reproducible builds
diff --git a/build.xml b/build.xml
index 2885adb91f..b2141ccecc 100644
--- a/build.xml
+++ b/build.xml
@@ -2615,22 +2615,11 @@ skip.installer property in build.properties" />
 
   
 
-  
-
-
-  
-
-  
-
-  
-
-  
-
   
 
   
 
-  
+  
 
   
 
@@ -2657,7 +2646,7 @@ maven.asf.release.deploy.version=${version}

[tomcat] branch 8.5.x updated: Reproducible builds: Signing the uninstaller changes the timestamp

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 48683b7f92 Reproducible builds: Signing the uninstaller changes the 
timestamp
48683b7f92 is described below

commit 48683b7f929cfb51e3128de21a5050a0f8d361e0
Author: Mark Thomas 
AuthorDate: Thu May 5 17:15:52 2022 +0100

Reproducible builds: Signing the uninstaller changes the timestamp
---
 build.xml | 4 
 1 file changed, 4 insertions(+)

diff --git a/build.xml b/build.xml
index 483ab34b0e..60d419c606 100644
--- a/build.xml
+++ b/build.xml
@@ -2191,6 +2191,10 @@ skip.installer property in build.properties" />
 alias="${codesigning.alias}"
 alg="${codesigning.digest}"
 tsaurl="http://timestamp.digicert.com"/>
+
+
+  
+

[tomcat] branch 9.0.x updated: Reproducible builds: Signing the uninstaller changes the timestamp

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 5c30f08214 Reproducible builds: Signing the uninstaller changes the 
timestamp
5c30f08214 is described below

commit 5c30f0821446be810ce8368e27a0ad7a85ffdecc
Author: Mark Thomas 
AuthorDate: Thu May 5 17:15:52 2022 +0100

Reproducible builds: Signing the uninstaller changes the timestamp
---
 build.xml | 4 
 1 file changed, 4 insertions(+)

diff --git a/build.xml b/build.xml
index 5a0be1bcbd..d34f56bc74 100644
--- a/build.xml
+++ b/build.xml
@@ -2508,6 +2508,10 @@ skip.installer property in build.properties" />
 alias="${codesigning.alias}"
 alg="${codesigning.digest}"
 tsaurl="http://timestamp.digicert.com"/>
+
+
+  
+

[tomcat] branch 10.0.x updated: Reproducible builds: Signing the uninstaller changes the timestamp

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new 0be4e58765 Reproducible builds: Signing the uninstaller changes the 
timestamp
0be4e58765 is described below

commit 0be4e58765c6185667906c0da328a57e37fc36cd
Author: Mark Thomas 
AuthorDate: Thu May 5 17:15:52 2022 +0100

Reproducible builds: Signing the uninstaller changes the timestamp
---
 build.xml | 4 
 1 file changed, 4 insertions(+)

diff --git a/build.xml b/build.xml
index 72e49ad978..b638704cc8 100644
--- a/build.xml
+++ b/build.xml
@@ -2526,6 +2526,10 @@ skip.installer property in build.properties" />
 alias="${codesigning.alias}"
 alg="${codesigning.digest}"
 tsaurl="http://timestamp.digicert.com"/>
+
+
+  
+

[tomcat] branch main updated: Reproducible builds: Signing the uninstaller changes the timestamp

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 6e4d8876b9 Reproducible builds: Signing the uninstaller changes the 
timestamp
6e4d8876b9 is described below

commit 6e4d8876b9215b85c33661e1131689ec8652ccb9
Author: Mark Thomas 
AuthorDate: Thu May 5 17:15:52 2022 +0100

Reproducible builds: Signing the uninstaller changes the timestamp
---
 build.xml | 4 
 1 file changed, 4 insertions(+)

diff --git a/build.xml b/build.xml
index 8d3eaf7877..9ee5e0dd9a 100644
--- a/build.xml
+++ b/build.xml
@@ -2565,6 +2565,10 @@ skip.installer property in build.properties" />
 alias="${codesigning.alias}"
 alg="${codesigning.digest}"
 tsaurl="http://timestamp.digicert.com"/>
+
+
+  
+

[tomcat] 03/07: Reproducible builds: text files in JARs

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 25b07bd75c932907c8d011dd5afe244a0f8983d2
Author: Mark Thomas 
AuthorDate: Mon Jan 24 11:13:33 2022 +

Reproducible builds: text files in JARs
---
 build.xml | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/build.xml b/build.xml
index c4ffbcb..534daf0 100644
--- a/build.xml
+++ b/build.xml
@@ -719,6 +719,16 @@
 when loading the ResourceBundles -->
 
 
+
+
+
+  
+
+
+  
+

[tomcat] 01/07: Reproducible builds: Consistent line endings in text files in JAR manifests

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit a440261817a71cfccb6a914b852f257904df5726
Author: Mark Thomas 
AuthorDate: Mon Jan 24 10:23:14 2022 +

Reproducible builds: Consistent line endings in text files in JAR manifests
---
 build.xml | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/build.xml b/build.xml
index e356ed9..c4ffbcb 100644
--- a/build.xml
+++ b/build.xml
@@ -739,6 +739,13 @@
   
   
 
+
+
+
+  
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/08: Reproducible builds: Consistent line endings in text files in JAR manifests

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit b428e933959ed6450130d068e9847dd75b2037b9
Author: Mark Thomas 
AuthorDate: Mon Jan 24 10:23:14 2022 +

Reproducible builds: Consistent line endings in text files in JAR manifests
---
 build.xml | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/build.xml b/build.xml
index 5e69b11..ad10c64 100644
--- a/build.xml
+++ b/build.xml
@@ -990,6 +990,13 @@
   
   
 
+
+
+
+  
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 04/08: Reproducible builds: text files in JARs

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit a515f3a1ccd874a5d76e484f21bf5682a751dbcd
Author: Mark Thomas 
AuthorDate: Mon Jan 24 11:13:33 2022 +

Reproducible builds: text files in JARs
---
 build.xml | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/build.xml b/build.xml
index ad10c64..8d16c2a 100644
--- a/build.xml
+++ b/build.xml
@@ -970,6 +970,16 @@
 when loading the ResourceBundles -->
 
 
+
+
+
+  
+
+
+  
+

[tomcat] 06/08: Reproducible builds: consistent line endings for graal files

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 2065a1d027959648e3eaa4504a2eec164a7ef7dd
Author: Mark Thomas 
AuthorDate: Mon Jan 24 19:06:09 2022 +

Reproducible builds: consistent line endings for graal files
---
 build.xml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/build.xml b/build.xml
index 8d16c2a..8a7ac57 100644
--- a/build.xml
+++ b/build.xml
@@ -3757,6 +3757,9 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
 
+
+
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/08: Reproducible builds. Use the prefiltered files for consistency

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 09d7149e247d833fa32356ee71c77ad5fab3aac7
Author: Mark Thomas 
AuthorDate: Mon Jan 24 12:15:07 2022 +

Reproducible builds. Use the prefiltered files for consistency

The prefiltered files have the correct contents and consistent
line endings (LF) across all build platforms
Also removes the need to pre-process these files to perform filtering
---
 res/bnd/build-defaults.bnd | 4 ++--
 res/bnd/jasper-el.jar.tmp.bnd  | 2 +-
 res/bnd/jasper.jar.tmp.bnd | 2 +-
 res/bnd/servlet-api.jar.tmp.bnd| 4 ++--
 res/bnd/tomcat-embed-core.jar.tmp.bnd  | 4 ++--
 res/bnd/tomcat-embed-el.jar.tmp.bnd| 2 +-
 res/bnd/tomcat-embed-jasper.jar.tmp.bnd| 2 +-
 res/bnd/tomcat-embed-websocket.jar.tmp.bnd | 2 +-
 res/bnd/tomcat-websocket.jar.tmp.bnd   | 2 +-
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/res/bnd/build-defaults.bnd b/res/bnd/build-defaults.bnd
index d07caa5..753d08f 100644
--- a/res/bnd/build-defaults.bnd
+++ b/res/bnd/build-defaults.bnd
@@ -25,8 +25,8 @@ Implementation-Vendor: Apache Software Foundation
 X-Compile-Source-JDK: ${compile.release}
 X-Compile-Target-JDK: ${compile.release}
 
--includeresource.notice: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/default.notice};@YEAR@;${year}}\n"
--includeresource.license: {META-INF/LICENSE=../META-INF/default.license}
+-includeresource.notice: META-INF/NOTICE=../../output/manifests/default.notice
+-includeresource.license: 
META-INF/LICENSE=../../output/manifests/default.license
 
 -noclassforname: true
 
diff --git a/res/bnd/jasper-el.jar.tmp.bnd b/res/bnd/jasper-el.jar.tmp.bnd
index 67a2384..1b96a38 100644
--- a/res/bnd/jasper-el.jar.tmp.bnd
+++ b/res/bnd/jasper-el.jar.tmp.bnd
@@ -26,7 +26,7 @@ Export-Package: \
 org.apache.el.stream,\
 org.apache.el.util
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper-el.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper-el.jar/
 
 -jpms-module-info: \
 ${module.name};\
diff --git a/res/bnd/jasper.jar.tmp.bnd b/res/bnd/jasper.jar.tmp.bnd
index d235799..006c721 100644
--- a/res/bnd/jasper.jar.tmp.bnd
+++ b/res/bnd/jasper.jar.tmp.bnd
@@ -33,7 +33,7 @@ Export-Package: \
 -includepackage: \
 org.apache.jasper.resources
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper.jar/
 
 -jpms-module-info: \
 ${module.name};\
diff --git a/res/bnd/servlet-api.jar.tmp.bnd b/res/bnd/servlet-api.jar.tmp.bnd
index ace3872..c7a6a70 100644
--- a/res/bnd/servlet-api.jar.tmp.bnd
+++ b/res/bnd/servlet-api.jar.tmp.bnd
@@ -27,8 +27,8 @@ Provide-Capability: \
 version:List="4.0,3.1,3,2.5";\
 uses:='${packages;NAMED;javax.servlet.*;NAMED;!javax.servlet.jsp.*}'
 
--includeresource.notice2: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/servlet-api.jar.notice};@YEAR@;${year}}\n"
--includeresource.license2: 
{META-INF/LICENSE=../META-INF/servlet-api.jar.license}
+-includeresource.notice2: 
META-INF/NOTICE=../../output/manifests/servlet-api.jar.notice
+-includeresource.license2: 
META-INF/LICENSE=../../output/manifests/servlet-api.jar.license
 
 -namesection: javax/servlet*/;\
 Specification-Title='Java API for Servlets';\
diff --git a/res/bnd/tomcat-embed-core.jar.tmp.bnd 
b/res/bnd/tomcat-embed-core.jar.tmp.bnd
index d43c774..96def91 100644
--- a/res/bnd/tomcat-embed-core.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-core.jar.tmp.bnd
@@ -96,8 +96,8 @@ Export-Package: \
 org.apache.tomcat.util.net.jsse,\
 org.apache.tomcat.util.threads.res
 
--includeresource.notice2: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/servlet-api.jar.notice};@YEAR@;${year}}\n"
--includeresource.license2: 
{META-INF/LICENSE=../META-INF/servlet-api.jar.license}
+-includeresource.notice2: 
META-INF/NOTICE=../../output/manifests/servlet-api.jar.notice
+-includeresource.license2: 
META-INF/LICENSE=../../output/manifests/servlet-api.jar.license
 
 Provide-Capability: \
 osgi.contract;\
diff --git a/res/bnd/tomcat-embed-el.jar.tmp.bnd 
b/res/bnd/tomcat-embed-el.jar.tmp.bnd
index 6e38d0f..a2d63a2 100644
--- a/res/bnd/tomcat-embed-el.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-el.jar.tmp.bnd
@@ -27,7 +27,7 @@ Export-Package: \
 org.apache.el.stream,\
 org.apache.el.util
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper-el.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper-el.jar/
 
 Provide-Capability: \
 osgi.contract;\
diff --git a/res/bnd/tomcat-embed-jasper.jar.tmp.bnd 
b/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
index 1d17da1..a81d4b3 100644
--- a/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
@@ -35,7 +35

[tomcat] 06/08: Reproducible builds: consistent line endings for graal files

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 69163197d8aca7f48052c90ebfcb78289784882e
Author: Mark Thomas 
AuthorDate: Mon Jan 24 19:06:09 2022 +

Reproducible builds: consistent line endings for graal files
---
 build.xml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/build.xml b/build.xml
index 846ed21..44700f6 100644
--- a/build.xml
+++ b/build.xml
@@ -3785,6 +3785,9 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
 
+
+
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/08: Reproducible builds. Use the prefiltered files for consistency

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 3cf06a09978a8e309693337126bc43dcb18a9581
Author: Mark Thomas 
AuthorDate: Mon Jan 24 12:15:07 2022 +

Reproducible builds. Use the prefiltered files for consistency

The prefiltered files have the correct contents and consistent
line endings (LF) across all build platforms
Also removes the need to pre-process these files to perform filtering
---
 res/bnd/build-defaults.bnd | 4 ++--
 res/bnd/jasper-el.jar.tmp.bnd  | 2 +-
 res/bnd/jasper.jar.tmp.bnd | 2 +-
 res/bnd/servlet-api.jar.tmp.bnd| 4 ++--
 res/bnd/tomcat-embed-core.jar.tmp.bnd  | 4 ++--
 res/bnd/tomcat-embed-el.jar.tmp.bnd| 2 +-
 res/bnd/tomcat-embed-jasper.jar.tmp.bnd| 2 +-
 res/bnd/tomcat-embed-websocket.jar.tmp.bnd | 2 +-
 res/bnd/tomcat-websocket.jar.tmp.bnd   | 2 +-
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/res/bnd/build-defaults.bnd b/res/bnd/build-defaults.bnd
index d07caa5..753d08f 100644
--- a/res/bnd/build-defaults.bnd
+++ b/res/bnd/build-defaults.bnd
@@ -25,8 +25,8 @@ Implementation-Vendor: Apache Software Foundation
 X-Compile-Source-JDK: ${compile.release}
 X-Compile-Target-JDK: ${compile.release}
 
--includeresource.notice: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/default.notice};@YEAR@;${year}}\n"
--includeresource.license: {META-INF/LICENSE=../META-INF/default.license}
+-includeresource.notice: META-INF/NOTICE=../../output/manifests/default.notice
+-includeresource.license: 
META-INF/LICENSE=../../output/manifests/default.license
 
 -noclassforname: true
 
diff --git a/res/bnd/jasper-el.jar.tmp.bnd b/res/bnd/jasper-el.jar.tmp.bnd
index 67a2384..1b96a38 100644
--- a/res/bnd/jasper-el.jar.tmp.bnd
+++ b/res/bnd/jasper-el.jar.tmp.bnd
@@ -26,7 +26,7 @@ Export-Package: \
 org.apache.el.stream,\
 org.apache.el.util
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper-el.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper-el.jar/
 
 -jpms-module-info: \
 ${module.name};\
diff --git a/res/bnd/jasper.jar.tmp.bnd b/res/bnd/jasper.jar.tmp.bnd
index d235799..006c721 100644
--- a/res/bnd/jasper.jar.tmp.bnd
+++ b/res/bnd/jasper.jar.tmp.bnd
@@ -33,7 +33,7 @@ Export-Package: \
 -includepackage: \
 org.apache.jasper.resources
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper.jar/
 
 -jpms-module-info: \
 ${module.name};\
diff --git a/res/bnd/servlet-api.jar.tmp.bnd b/res/bnd/servlet-api.jar.tmp.bnd
index 6877d3f..d925761 100644
--- a/res/bnd/servlet-api.jar.tmp.bnd
+++ b/res/bnd/servlet-api.jar.tmp.bnd
@@ -27,8 +27,8 @@ Provide-Capability: \
 version:Version=${servlet.spec.version};\
 
uses:='${packages;NAMED;jakarta.servlet.*;NAMED;!jakarta.servlet.jsp.*}'
 
--includeresource.notice2: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/servlet-api.jar.notice};@YEAR@;${year}}\n"
--includeresource.license2: 
{META-INF/LICENSE=../META-INF/servlet-api.jar.license}
+-includeresource.notice2: 
META-INF/NOTICE=../../output/manifests/servlet-api.jar.notice
+-includeresource.license2: 
META-INF/LICENSE=../../output/manifests/servlet-api.jar.license
 
 -namesection: jakarta/servlet*/;\
 Specification-Title=Jakarta Servlet;\
diff --git a/res/bnd/tomcat-embed-core.jar.tmp.bnd 
b/res/bnd/tomcat-embed-core.jar.tmp.bnd
index 40e7f17..fa509b8 100644
--- a/res/bnd/tomcat-embed-core.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-core.jar.tmp.bnd
@@ -96,8 +96,8 @@ Export-Package: \
 org.apache.tomcat.util.net.jsse,\
 org.apache.tomcat.util.threads.res
 
--includeresource.notice2: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/servlet-api.jar.notice};@YEAR@;${year}}\n"
--includeresource.license2: 
{META-INF/LICENSE=../META-INF/servlet-api.jar.license}
+-includeresource.notice2: 
META-INF/NOTICE=../../output/manifests/servlet-api.jar.notice
+-includeresource.license2: 
META-INF/LICENSE=../../output/manifests/servlet-api.jar.license
 
 Provide-Capability: \
 osgi.contract;\
diff --git a/res/bnd/tomcat-embed-el.jar.tmp.bnd 
b/res/bnd/tomcat-embed-el.jar.tmp.bnd
index 1567ec9..03d75a5 100644
--- a/res/bnd/tomcat-embed-el.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-el.jar.tmp.bnd
@@ -27,7 +27,7 @@ Export-Package: \
 org.apache.el.stream,\
 org.apache.el.util
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper-el.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper-el.jar/
 
 Provide-Capability: \
 osgi.contract;\
diff --git a/res/bnd/tomcat-embed-jasper.jar.tmp.bnd 
b/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
index 4ae7954..3987ceb 100644
--- a/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
@@

[tomcat] 04/08: Reproducible builds: text files in JARs

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit bd4f992b490832a4b0c22598a24aad011d14c2f8
Author: Mark Thomas 
AuthorDate: Mon Jan 24 11:13:33 2022 +

Reproducible builds: text files in JARs
---
 build.xml | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/build.xml b/build.xml
index 467232f..846ed21 100644
--- a/build.xml
+++ b/build.xml
@@ -971,6 +971,16 @@
 when loading the ResourceBundles -->
 
 
+
+
+
+  
+
+
+  
+

[tomcat] 01/08: Reproducible builds: Consistent line endings in text files in JAR manifests

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit e5244a6143d79ae4718fcd1b780b9079d1f90add
Author: Mark Thomas 
AuthorDate: Mon Jan 24 10:23:14 2022 +

Reproducible builds: Consistent line endings in text files in JAR manifests
---
 build.xml | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/build.xml b/build.xml
index 8e29276..467232f 100644
--- a/build.xml
+++ b/build.xml
@@ -997,6 +997,13 @@
   
   
 
+
+
+
+  
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 06/07: Reproducible builds: consistent line endings for graal files

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit fd935d4195744cfe712ab3d179b581c775332d7a
Author: Mark Thomas 
AuthorDate: Mon Jan 24 19:06:09 2022 +

Reproducible builds: consistent line endings for graal files
---
 build.xml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/build.xml b/build.xml
index 97c8dc2..6e1e83e 100644
--- a/build.xml
+++ b/build.xml
@@ -3830,6 +3830,9 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
 
+
+
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 04/07: Reproducible builds: text files in JARs

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 925527b436586477d9231172dc6542b21b8dd537
Author: Mark Thomas 
AuthorDate: Mon Jan 24 11:13:33 2022 +

Reproducible builds: text files in JARs
---
 build.xml | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/build.xml b/build.xml
index 1f1944c..97c8dc2 100644
--- a/build.xml
+++ b/build.xml
@@ -976,6 +976,16 @@
 when loading the ResourceBundles -->
 
 
+
+
+
+  
+
+
+  
+

[tomcat] 01/07: Reproducible builds: Consistent line endings in text files in JAR manifests

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit fc7c4136c9bd74825993c8b8536d7a6305977292
Author: Mark Thomas 
AuthorDate: Mon Jan 24 10:23:14 2022 +

Reproducible builds: Consistent line endings in text files in JAR manifests
---
 build.xml | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/build.xml b/build.xml
index 710cc0c..1f1944c 100644
--- a/build.xml
+++ b/build.xml
@@ -1002,6 +1002,13 @@
   
   
 
+
+
+
+  
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/07: Reproducible builds. Use the prefiltered files for consistency

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 66198545717ed07f3638a6f50f6f4f08bbfc40d1
Author: Mark Thomas 
AuthorDate: Mon Jan 24 12:15:07 2022 +

Reproducible builds. Use the prefiltered files for consistency

The prefiltered files have the correct contents and consistent
line endings (LF) across all build platforms
Also removes the need to pre-process these files to perform filtering
---
 res/bnd/build-defaults.bnd | 4 ++--
 res/bnd/jasper-el.jar.tmp.bnd  | 2 +-
 res/bnd/jasper.jar.tmp.bnd | 2 +-
 res/bnd/servlet-api.jar.tmp.bnd| 4 ++--
 res/bnd/tomcat-embed-core.jar.tmp.bnd  | 4 ++--
 res/bnd/tomcat-embed-el.jar.tmp.bnd| 2 +-
 res/bnd/tomcat-embed-jasper.jar.tmp.bnd| 2 +-
 res/bnd/tomcat-embed-websocket.jar.tmp.bnd | 2 +-
 res/bnd/tomcat-websocket.jar.tmp.bnd   | 2 +-
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/res/bnd/build-defaults.bnd b/res/bnd/build-defaults.bnd
index d07caa5..753d08f 100644
--- a/res/bnd/build-defaults.bnd
+++ b/res/bnd/build-defaults.bnd
@@ -25,8 +25,8 @@ Implementation-Vendor: Apache Software Foundation
 X-Compile-Source-JDK: ${compile.release}
 X-Compile-Target-JDK: ${compile.release}
 
--includeresource.notice: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/default.notice};@YEAR@;${year}}\n"
--includeresource.license: {META-INF/LICENSE=../META-INF/default.license}
+-includeresource.notice: META-INF/NOTICE=../../output/manifests/default.notice
+-includeresource.license: 
META-INF/LICENSE=../../output/manifests/default.license
 
 -noclassforname: true
 
diff --git a/res/bnd/jasper-el.jar.tmp.bnd b/res/bnd/jasper-el.jar.tmp.bnd
index 67a2384..1b96a38 100644
--- a/res/bnd/jasper-el.jar.tmp.bnd
+++ b/res/bnd/jasper-el.jar.tmp.bnd
@@ -26,7 +26,7 @@ Export-Package: \
 org.apache.el.stream,\
 org.apache.el.util
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper-el.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper-el.jar/
 
 -jpms-module-info: \
 ${module.name};\
diff --git a/res/bnd/jasper.jar.tmp.bnd b/res/bnd/jasper.jar.tmp.bnd
index d235799..006c721 100644
--- a/res/bnd/jasper.jar.tmp.bnd
+++ b/res/bnd/jasper.jar.tmp.bnd
@@ -33,7 +33,7 @@ Export-Package: \
 -includepackage: \
 org.apache.jasper.resources
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper.jar/
 
 -jpms-module-info: \
 ${module.name};\
diff --git a/res/bnd/servlet-api.jar.tmp.bnd b/res/bnd/servlet-api.jar.tmp.bnd
index f656b97..b1a6740 100644
--- a/res/bnd/servlet-api.jar.tmp.bnd
+++ b/res/bnd/servlet-api.jar.tmp.bnd
@@ -27,8 +27,8 @@ Provide-Capability: \
 version:Version=${servlet.spec.version};\
 
uses:='${packages;NAMED;jakarta.servlet.*;NAMED;!jakarta.servlet.jsp.*}'
 
--includeresource.notice2: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/servlet-api.jar.notice};@YEAR@;${year}}\n"
--includeresource.license2: 
{META-INF/LICENSE=../META-INF/servlet-api.jar.license}
+-includeresource.notice2: 
META-INF/NOTICE=../../output/manifests/servlet-api.jar.notice
+-includeresource.license2: 
META-INF/LICENSE=../../output/manifests/servlet-api.jar.license
 
 -namesection: jakarta/servlet*/;\
 Specification-Title=Jakarta Servlet;\
diff --git a/res/bnd/tomcat-embed-core.jar.tmp.bnd 
b/res/bnd/tomcat-embed-core.jar.tmp.bnd
index 48980e7..ed1c656 100644
--- a/res/bnd/tomcat-embed-core.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-core.jar.tmp.bnd
@@ -96,8 +96,8 @@ Export-Package: \
 org.apache.tomcat.util.net.jsse,\
 org.apache.tomcat.util.threads.res
 
--includeresource.notice2: 
META-INF/NOTICE;literal="${replace;${cat;../META-INF/servlet-api.jar.notice};@YEAR@;${year}}\n"
--includeresource.license2: 
{META-INF/LICENSE=../META-INF/servlet-api.jar.license}
+-includeresource.notice2: 
META-INF/NOTICE=../../output/manifests/servlet-api.jar.notice
+-includeresource.license2: 
META-INF/LICENSE=../../output/manifests/servlet-api.jar.license
 
 Provide-Capability: \
 osgi.contract;\
diff --git a/res/bnd/tomcat-embed-el.jar.tmp.bnd 
b/res/bnd/tomcat-embed-el.jar.tmp.bnd
index 1567ec9..03d75a5 100644
--- a/res/bnd/tomcat-embed-el.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-el.jar.tmp.bnd
@@ -27,7 +27,7 @@ Export-Package: \
 org.apache.el.stream,\
 org.apache.el.util
 
--includeresource.meta-inf: /META-INF/=../META-INF/jasper-el.jar/
+-includeresource.meta-inf: /META-INF/=../../output/manifests/jasper-el.jar/
 
 Provide-Capability: \
 osgi.contract;\
diff --git a/res/bnd/tomcat-embed-jasper.jar.tmp.bnd 
b/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
index 4ae7954..3987ceb 100644
--- a/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
+++ b/res/bnd/tomcat-embed-jasper.jar.tmp.bnd
@@

Re: Reproducible builds update

2022-01-26 Thread Raymond Augé

Hey Mark,

bnd is in ramp down phase targetting a release in Feb so if you do find an
issue soon-ish we can work to get it in the release.

Ray

On Wed, Jan 26, 2022 at 4:05 AM Mark Thomas  wrote:

> I have made some progress on this over the last few days. The current
> status is:
>
> - Builds are reproducible (excluding signing of Windows binaries) when
>using the same OS / Java / Ant combination.
>
> - JSign gives us what we need to handling the signing of the Windows
>binaries. "Just" need to implement it.
>
> - No solution yet for the zipped JSON files created by the Javadoc tool.
>This is low priority. If we decide to address it, the short-term fix
>will be to unpack and rebuild the zip. The long term fix will be to
>get the Javadoc tool changed.
>
> - The Ant archive cross-platform ordering issues (".../..." vs
>"...\...") have been worked around with some renaming. The long term
>fix is to address this in Ant.
>
> - I think there is another BND issue. I've seen one instance of
>module-info.class being generated differently. I'm not sure if this is
>a pure BND issue or if cross-platform builds were a factor.
>
> - I have also seen one issue where XReflectionIntrospectionUtils.class
>was generated differently. I haven't looked into that yet.
>
>
> I have a few commits to push to improve cross-platform reproducibility.
> One is for the Ant archive ordering issue. The rest are various LF vs
> CRLF issues.
>
> My plan is to push these changes and back-port them - probably later today.
>
> I intend to continue working on making the Tomcat build reproducible
> cross-platform but I anticipate that this work will be on the
> back-burner for a while as I have a couple of other things I want to
> look at first.
>
> Mark
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

-- 
*Raymond Augé* (@rotty3000)
Senior Software Architect *Liferay, Inc.* (@Liferay)
OSGi Fellow, Java Champion

Re: Reproducible builds update

2022-01-26 Thread Mark Thomas

I have made some progress on this over the last few days. The current 
status is:


- Builds are reproducible (excluding signing of Windows binaries) when
  using the same OS / Java / Ant combination.

- JSign gives us what we need to handling the signing of the Windows
  binaries. "Just" need to implement it.

- No solution yet for the zipped JSON files created by the Javadoc tool.
  This is low priority. If we decide to address it, the short-term fix
  will be to unpack and rebuild the zip. The long term fix will be to
  get the Javadoc tool changed.

- The Ant archive cross-platform ordering issues (".../..." vs
  "...\...") have been worked around with some renaming. The long term
  fix is to address this in Ant.

- I think there is another BND issue. I've seen one instance of
  module-info.class being generated differently. I'm not sure if this is
  a pure BND issue or if cross-platform builds were a factor.

- I have also seen one issue where XReflectionIntrospectionUtils.class
  was generated differently. I haven't looked into that yet.


I have a few commits to push to improve cross-platform reproducibility. 
One is for the Ant archive ordering issue. The rest are various LF vs 
CRLF issues.


My plan is to push these changes and back-port them - probably later today.

I intend to continue working on making the Tomcat build reproducible 
cross-platform but I anticipate that this work will be on the 
back-burner for a while as I have a couple of other things I want to 
look at first.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-24 Thread Mark Thomas


On 24/01/2022 11:50, Rainer Jung wrote:

I had a little nag about ant.tstamp.now.iso mailed on January 20th.


Thanks. Fixed.

I switched from ant.tstamp.now.iso to ant.tstamp.now shortly after 
adding the property but missed a couple of references in that switch.


Should be OK now.

Mark




Copying here:

Am 15.01.2022 um 12:56 schrieb ma...@apache.org:
 > This is an automated email from the ASF dual-hosted git repository.
 >
 > markt pushed a commit to branch main
 > in repository https://gitbox.apache.org/repos/asf/tomcat.git
 >
 >
 > The following commit(s) were added to refs/heads/main by this push:
 >   new c5fda80  Update (currently unused) reproducible build 
timestamp

 > c5fda80 is described below
 >
 > commit c5fda809d2344d76aab21e5902fff797fd19880c
 > Author: Mark Thomas 
 > AuthorDate: Sat Jan 15 11:56:27 2022 +
 >
 >  Update (currently unused) reproducible build timestamp
 > ---
 >   build.properties.default | 4 ++--
 >   1 file changed, 2 insertions(+), 2 deletions(-)
 >
 > diff --git a/build.properties.default b/build.properties.default
 > index 35aeb76..e1003ea 100644
 > --- a/build.properties.default
 > +++ b/build.properties.default
 > @@ -38,8 +38,8 @@ version.suffix=-M10-dev
 >   # ----- Reproducible builds -
 >   # Uncomment and set to current time for reproducible builds
 >   # Note: The value is in seconds (unlike milliseconds used by 
System.currentTimeMillis()).

 > -#2022-01-12T06:00:00Z
 > -#ant.tstamp.now=1642003200
 > +#2022-01-15T12:00:00Z
 > +#ant.tstamp.now=1642248000

It seems build.xml uses ant.tstamp.now.iso, so the two lines should be

#ant.tstamp.now.iso=2022-01-15T12:00:00Z
#ant.tstamp.now=1642248000

or just the iso line and dropping the last one. Without the addition of 
"ant.tstamp.now.iso=" and iuncommenting, I get a build warning:


build-tomcat-jdbc:
  [echo] Building Tomcat JDBC pool libraries
    [tstamp] magic property ant.tstamp.now.iso ignored as 
'${ant.tstamp.now.iso}' is not in valid ISO pattern
    [tstamp] magic property ant.tstamp.now.iso ignored as 
'${ant.tstamp.now.iso}' is not in valid ISO pattern


The warning is OK, but it indocates, that the "iso" property is actually 
the one, that should be prepared to be easily usable.


Observed for TC 10.0, probably the same in other branches.

Thanks and regards,

Rainer

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-24 Thread Rainer Jung


I had a little nag about ant.tstamp.now.iso mailed on January 20th.

Copying here:

Am 15.01.2022 um 12:56 schrieb ma...@apache.org:
> This is an automated email from the ASF dual-hosted git repository.
>
> markt pushed a commit to branch main
> in repository https://gitbox.apache.org/repos/asf/tomcat.git
>
>
> The following commit(s) were added to refs/heads/main by this push:
>   new c5fda80  Update (currently unused) reproducible build timestamp
> c5fda80 is described below
>
> commit c5fda809d2344d76aab21e5902fff797fd19880c
> Author: Mark Thomas 
> AuthorDate: Sat Jan 15 11:56:27 2022 +
>
>  Update (currently unused) reproducible build timestamp
> ---
>   build.properties.default | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/build.properties.default b/build.properties.default
> index 35aeb76..e1003ea 100644
> --- a/build.properties.default
> +++ b/build.properties.default
> @@ -38,8 +38,8 @@ version.suffix=-M10-dev
>   # - Reproducible builds -
>   # Uncomment and set to current time for reproducible builds
>   # Note: The value is in seconds (unlike milliseconds used by 
System.currentTimeMillis()).

> -#2022-01-12T06:00:00Z
> -#ant.tstamp.now=1642003200
> +#2022-01-15T12:00:00Z
> +#ant.tstamp.now=1642248000

It seems build.xml uses ant.tstamp.now.iso, so the two lines should be

#ant.tstamp.now.iso=2022-01-15T12:00:00Z
#ant.tstamp.now=1642248000

or just the iso line and dropping the last one. Without the addition of 
"ant.tstamp.now.iso=" and iuncommenting, I get a build warning:


build-tomcat-jdbc:
 [echo] Building Tomcat JDBC pool libraries
   [tstamp] magic property ant.tstamp.now.iso ignored as 
'${ant.tstamp.now.iso}' is not in valid ISO pattern
   [tstamp] magic property ant.tstamp.now.iso ignored as 
'${ant.tstamp.now.iso}' is not in valid ISO pattern


The warning is OK, but it indocates, that the "iso" property is actually 
the one, that should be prepared to be easily usable.


Observed for TC 10.0, probably the same in other branches.

Thanks and regards,

Rainer

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-21 Thread Mark Thomas


On 21/01/2022 17:11, Christopher Schultz wrote:




Maybe patch ant to work differently?


I agree, that is the longer term fix. I'm not too familiar with the Ant 
code but I didn't see a simple way to fix it.


At the moment the short-term fix of renaming or deleting stuff seems to 
be working. It was good to remove applet. If this approach becomes too 
invasive then we may need to look to a fix for Ant sooner.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-21 Thread Christopher Schultz


Mark,

On 1/20/22 17:56, Mark Thomas wrote:

On 20/01/2022 11:02, Mark Thomas wrote:

On 19/01/2022 16:56, Rémy Maucherat wrote:
On Wed, Jan 19, 2022 at 5:52 PM Emmanuel Bourg  
wrote:

Fortunately a non-reproducible javadoc isn't really important, what
matters the most is to have reproducible executable packages.


That seems like a reasonable statement !


Ack. I'll look at the Javadoc issue in slower time.

I'm currently looking at reproducibility cross-platform. There seem to 
be differences in ordering for entries in archives. I need to figure 
out what the root cause is before I decide whether cross-platform 
reproducibility is worth pursuing further or not.


I think I have figured this out. It is to do with ordering.

Ant's zip task orders files by name and then places them in the archive, 
adjusting the file separator as required.


The issue is that on Linux you have:

webapp/WEB-INF
webapp2/WEB-INF

whereas on Windows you have

webapp2\WEB-INF
webapp\WEB-INF

Because in ASCII:
'/' is 0x2F
'0'-'9' is 0x30 to 0x39
'A'-'Z' is 0x41 to 0x5A
'\' is 0x5C
'a'-'z' is 0x61 to 0x7A


That's  amazing.

The different file separator between platforms causes the file order to 
change.


I have been working on fixing this here:
https://github.com/markt-asf/tomcat/commits/reproducible

The biggest change is the removal of the applet example - but since that 
doesn't work on any mainstream browser these days I think that is OK.


I want to run a few more tests on this but, assuming they all pass, I'll 
probably apply these changes tomorrow. They will likely be reorganised 
when I do.


I haven't looked beyond the src.zip archive yet. I imagine there might 
be similar issues elsewhere.


Maybe patch ant to work differently?

-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-21 Thread Rémy Maucherat

On Thu, Jan 20, 2022 at 11:57 PM Mark Thomas  wrote:
>
> On 20/01/2022 11:02, Mark Thomas wrote:
> > On 19/01/2022 16:56, Rémy Maucherat wrote:
> >> On Wed, Jan 19, 2022 at 5:52 PM Emmanuel Bourg  wrote:
> >>> Fortunately a non-reproducible javadoc isn't really important, what
> >>> matters the most is to have reproducible executable packages.
> >>
> >> That seems like a reasonable statement !
> >
> > Ack. I'll look at the Javadoc issue in slower time.
> >
> > I'm currently looking at reproducibility cross-platform. There seem to
> > be differences in ordering for entries in archives. I need to figure out
> > what the root cause is before I decide whether cross-platform
> > reproducibility is worth pursuing further or not.
>
> I think I have figured this out. It is to do with ordering.
>
> Ant's zip task orders files by name and then places them in the archive,
> adjusting the file separator as required.
>
> The issue is that on Linux you have:
>
> webapp/WEB-INF
> webapp2/WEB-INF
>
> whereas on Windows you have
>
> webapp2\WEB-INF
> webapp\WEB-INF
>
> Because in ASCII:
> '/' is 0x2F
> '0'-'9' is 0x30 to 0x39
> 'A'-'Z' is 0x41 to 0x5A
> '\' is 0x5C
> 'a'-'z' is 0x61 to 0x7A
>
> The different file separator between platforms causes the file order to
> change.
>
> I have been working on fixing this here:
> https://github.com/markt-asf/tomcat/commits/reproducible
>
> The biggest change is the removal of the applet example - but since that
> doesn't work on any mainstream browser these days I think that is OK.
>
> I want to run a few more tests on this but, assuming they all pass, I'll
> probably apply these changes tomorrow. They will likely be reorganised
> when I do.

Nice tricks !

Rémy

> I haven't looked beyond the src.zip archive yet. I imagine there might
> be similar issues elsewhere.
>
> Mark
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-20 Thread Mark Thomas


On 20/01/2022 11:02, Mark Thomas wrote:

On 19/01/2022 16:56, Rémy Maucherat wrote:

On Wed, Jan 19, 2022 at 5:52 PM Emmanuel Bourg  wrote:

Fortunately a non-reproducible javadoc isn't really important, what
matters the most is to have reproducible executable packages.


That seems like a reasonable statement !


Ack. I'll look at the Javadoc issue in slower time.

I'm currently looking at reproducibility cross-platform. There seem to 
be differences in ordering for entries in archives. I need to figure out 
what the root cause is before I decide whether cross-platform 
reproducibility is worth pursuing further or not.


I think I have figured this out. It is to do with ordering.

Ant's zip task orders files by name and then places them in the archive, 
adjusting the file separator as required.


The issue is that on Linux you have:

webapp/WEB-INF
webapp2/WEB-INF

whereas on Windows you have

webapp2\WEB-INF
webapp\WEB-INF

Because in ASCII:
'/' is 0x2F
'0'-'9' is 0x30 to 0x39
'A'-'Z' is 0x41 to 0x5A
'\' is 0x5C
'a'-'z' is 0x61 to 0x7A

The different file separator between platforms causes the file order to 
change.


I have been working on fixing this here:
https://github.com/markt-asf/tomcat/commits/reproducible

The biggest change is the removal of the applet example - but since that 
doesn't work on any mainstream browser these days I think that is OK.


I want to run a few more tests on this but, assuming they all pass, I'll 
probably apply these changes tomorrow. They will likely be reorganised 
when I do.


I haven't looked beyond the src.zip archive yet. I imagine there might 
be similar issues elsewhere.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-20 Thread Mark Thomas


On 19/01/2022 16:56, Rémy Maucherat wrote:

On Wed, Jan 19, 2022 at 5:52 PM Emmanuel Bourg  wrote:

Fortunately a non-reproducible javadoc isn't really important, what
matters the most is to have reproducible executable packages.


That seems like a reasonable statement !


Ack. I'll look at the Javadoc issue in slower time.

I'm currently looking at reproducibility cross-platform. There seem to 
be differences in ordering for entries in archives. I need to figure out 
what the root cause is before I decide whether cross-platform 
reproducibility is worth pursuing further or not.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-19 Thread Rémy Maucherat

On Wed, Jan 19, 2022 at 5:52 PM Emmanuel Bourg  wrote:
> Fortunately a non-reproducible javadoc isn't really important, what
> matters the most is to have reproducible executable packages.

That seems like a reasonable statement !

Rémy

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-19 Thread Emmanuel Bourg


Le 18/01/2022 à 21:03, Mark Thomas a écrit :

I'm wondering about second issue. It would be nice to have a complete 
fix but if the full docs package isn't reproducible how much of an issue 
is that?


Reproducibility issues with javadoc are quite frequent unfortunately, 
many Java packages in Debian aren't reproducible due to that. I suggest 
checking with the latest JDK first and then submit a bug report or a 
patch to OpenJDK.


Fortunately a non-reproducible javadoc isn't really important, what 
matters the most is to have reproducible executable packages.


Emmanuel Bourg

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-18 Thread Mark Thomas


On 19/01/2022 07:47, Romain Manni-Bucau wrote:

Hi Mark,

It is possible to use jdk.javadoc/jdk.compiler as libs and plug in through
the Context class forcing a JavaFileManager to force a DocFileFactory in
the HtmlConfiguration but it will be way more complex than
unzipping/rezipping the jar.


Nice idea. I hadn't thought of that. But I agree the complexity means 
the unzip/rezip approach is a better option in this instance.



Another option can be a light javaagent patching the few classes you want.


Another neat idea but it think the complexity rules this out as well.


Also wonder if you tried -notimestamp option.


Already running with that option.


Romain Manni-Bucau





Le mar. 18 janv. 2022 à 23:34, Christopher Schultz <
ch...@christopherschultz.net> a écrit :





I'm -0 on any efforts to make the javadoc builds reproducible. They
aren't exactly binary artifacts and anyone performing an audit isn't
going to treat documentation as in-scope anyways (at least not at this
point).

Does javadoc (or ant's javadoc task) not support explicit timestamps to
use (like javac does)? I haven't looked-into how javadoc (the CLI tool)
does things lately, but I wasn't aware it produced ZIP files. Is that
javadoc itself, or is that some ant post-processing step? If it's ant,
can't we just run  on all those files before zipping them?


It is javadoc. It creates 3 JSON index files and then zips them. The zip 
files end up with the expected timestamp. It is the JSON files that get 
zipped up that are the issue.


I'm still undecided whether to try and fix this or not.

I haven't got code signing working with reproducible builds yet but I 
have a few ideas and will be looking at that today. I also want to look 
at the results of comparing some cross-platform builds.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-18 Thread Romain Manni-Bucau

Hi Mark,

It is possible to use jdk.javadoc/jdk.compiler as libs and plug in through
the Context class forcing a JavaFileManager to force a DocFileFactory in
the HtmlConfiguration but it will be way more complex than
unzipping/rezipping the jar.
Another option can be a light javaagent patching the few classes you want.
Also wonder if you tried -notimestamp option.

Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book



Le mar. 18 janv. 2022 à 23:34, Christopher Schultz <
ch...@christopherschultz.net> a écrit :

> Mark,
>
> On 1/18/22 15:03, Mark Thomas wrote:
> > On 18/01/2022 19:39, Mark Thomas wrote:
> >
> > 
> >
> >> The first issue looks relatively simple to fix. I don't see an easy
> >> fix for the second. My best idea so far is some sort of
> >> post-processing for the Javadoc generation that extracts the file from
> >> the zip, sets the timestamp and then re-zips it. Suggestions for a
> >> better solution welcome.
> >
> > Yep, I think I fixed the first issue.
> >
> > I'm wondering about second issue. It would be nice to have a complete
> > fix but if the full docs package isn't reproducible how much of an issue
> > is that?
>
> I'm -0 on any efforts to make the javadoc builds reproducible. They
> aren't exactly binary artifacts and anyone performing an audit isn't
> going to treat documentation as in-scope anyways (at least not at this
> point).
>
> Does javadoc (or ant's javadoc task) not support explicit timestamps to
> use (like javac does)? I haven't looked-into how javadoc (the CLI tool)
> does things lately, but I wasn't aware it produced ZIP files. Is that
> javadoc itself, or is that some ant post-processing step? If it's ant,
> can't we just run  on all those files before zipping them?
>
> -chris
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: dev-h...@tomcat.apache.org
>
>

Re: Reproducible builds update

2022-01-18 Thread Christopher Schultz


Mark,

On 1/18/22 15:03, Mark Thomas wrote:

On 18/01/2022 19:39, Mark Thomas wrote:



The first issue looks relatively simple to fix. I don't see an easy 
fix for the second. My best idea so far is some sort of 
post-processing for the Javadoc generation that extracts the file from 
the zip, sets the timestamp and then re-zips it. Suggestions for a 
better solution welcome.


Yep, I think I fixed the first issue.

I'm wondering about second issue. It would be nice to have a complete 
fix but if the full docs package isn't reproducible how much of an issue 
is that?


I'm -0 on any efforts to make the javadoc builds reproducible. They 
aren't exactly binary artifacts and anyone performing an audit isn't 
going to treat documentation as in-scope anyways (at least not at this 
point).


Does javadoc (or ant's javadoc task) not support explicit timestamps to 
use (like javac does)? I haven't looked-into how javadoc (the CLI tool) 
does things lately, but I wasn't aware it produced ZIP files. Is that 
javadoc itself, or is that some ant post-processing step? If it's ant, 
can't we just run  on all those files before zipping them?


-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds update

2022-01-18 Thread Mark Thomas


On 18/01/2022 19:39, Mark Thomas wrote:



The first issue looks relatively simple to fix. I don't see an easy fix 
for the second. My best idea so far is some sort of post-processing for 
the Javadoc generation that extracts the file from the zip, sets the 
timestamp and then re-zips it. Suggestions for a better solution welcome.


Yep, I think I fixed the first issue.

I'm wondering about second issue. It would be nice to have a complete 
fix but if the full docs package isn't reproducible how much of an issue 
is that?


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Fix order to support reproducible builds

2022-01-18 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 929a34cf8e1b9cad97324734dbfeda5a6dce3207
Author: Mark Thomas 
AuthorDate: Tue Jan 18 19:49:30 2022 +

Fix order to support reproducible builds
---
 .../tomcat/util/xreflection/ObjectReflectionPropertyInspector.java | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
index 193e777..b79473e 100644
--- 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
+++ 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
@@ -24,8 +24,7 @@ import java.lang.reflect.Modifier;
 import java.net.InetAddress;
 import java.util.Arrays;
 import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
+import java.util.LinkedHashMap;
 import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
@@ -108,7 +107,7 @@ public final class ObjectReflectionPropertyInspector {
 }
 
 //types of properties that IntrospectionUtils.setProperty supports
-private static final Set> ALLOWED_TYPES = 
Collections.unmodifiableSet(new HashSet<>(
+private static final Set> ALLOWED_TYPES = 
Collections.unmodifiableSet(new LinkedHashSet<>(
 Arrays.asList(
 Boolean.TYPE,
 Integer.TYPE,
@@ -117,7 +116,7 @@ public final class ObjectReflectionPropertyInspector {
 InetAddress.class
 )
 ));
-private static Map, SetPropertyClass> classes = new HashMap<>();
+private static Map, SetPropertyClass> classes = new 
LinkedHashMap<>();
 
 public static void generateCode(Set baseClasses, String 
packageName, File location, String className) throws Exception {
 String packageDirectory = packageName.replace('.','/');

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Fix order to support reproducible builds

2022-01-18 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 7bc3fff66f916643c90d2947190fdc997f53176e
Author: Mark Thomas 
AuthorDate: Tue Jan 18 19:49:30 2022 +

Fix order to support reproducible builds
---
 .../tomcat/util/xreflection/ObjectReflectionPropertyInspector.java | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
index cf67e47..1d02421 100644
--- 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
+++ 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
@@ -24,8 +24,7 @@ import java.lang.reflect.Modifier;
 import java.net.InetAddress;
 import java.util.Arrays;
 import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
+import java.util.LinkedHashMap;
 import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
@@ -112,7 +111,7 @@ public final class ObjectReflectionPropertyInspector {
 }
 
 //types of properties that IntrospectionUtils.setProperty supports
-private static final Set> ALLOWED_TYPES = 
Collections.unmodifiableSet(new HashSet<>(
+private static final Set> ALLOWED_TYPES = 
Collections.unmodifiableSet(new LinkedHashSet<>(
 Arrays.asList(
 Boolean.TYPE,
 Integer.TYPE,
@@ -121,7 +120,7 @@ public final class ObjectReflectionPropertyInspector {
 InetAddress.class
 )
 ));
-private static Map, SetPropertyClass> classes = new HashMap<>();
+private static Map, SetPropertyClass> classes = new 
LinkedHashMap<>();
 
 public static void generateCode(Set baseClasses, String 
packageName, File location, String className) throws Exception {
 String packageDirectory = packageName.replace('.','/');

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Fix order to support reproducible builds

2022-01-18 Thread markt

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit f0cb9b0741955a5f5b877aed2771598ec09bc44c
Author: Mark Thomas 
AuthorDate: Tue Jan 18 19:49:30 2022 +

Fix order to support reproducible builds
---
 .../tomcat/util/xreflection/ObjectReflectionPropertyInspector.java | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
index cf67e47..1d02421 100644
--- 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
+++ 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
@@ -24,8 +24,7 @@ import java.lang.reflect.Modifier;
 import java.net.InetAddress;
 import java.util.Arrays;
 import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
+import java.util.LinkedHashMap;
 import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
@@ -112,7 +111,7 @@ public final class ObjectReflectionPropertyInspector {
 }
 
 //types of properties that IntrospectionUtils.setProperty supports
-private static final Set> ALLOWED_TYPES = 
Collections.unmodifiableSet(new HashSet<>(
+private static final Set> ALLOWED_TYPES = 
Collections.unmodifiableSet(new LinkedHashSet<>(
 Arrays.asList(
 Boolean.TYPE,
 Integer.TYPE,
@@ -121,7 +120,7 @@ public final class ObjectReflectionPropertyInspector {
 InetAddress.class
 )
 ));
-private static Map, SetPropertyClass> classes = new HashMap<>();
+private static Map, SetPropertyClass> classes = new 
LinkedHashMap<>();
 
 public static void generateCode(Set baseClasses, String 
packageName, File location, String className) throws Exception {
 String packageDirectory = packageName.replace('.','/');

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reproducible builds update

2022-01-18 Thread Mark Thomas


Hi all,

I've been looking at reproducible builds and my research so far 
indicates we have the following issues to solve:


1. ObjectReflectionPropertyInspector is not generating consistent code 
for XReflectionIntrospectionUtils. I think this is due to the various 
hash based collections returning entries in a different order for 
different runs.


2. Javadoc.
The Javadoc tool produces 3 json index files which it then zips. The 
issue is that the timestamp for the json index files use the current 
time which means they are different on subsequent runs. That makes the 
zip files different.


The first issue looks relatively simple to fix. I don't see an easy fix 
for the second. My best idea so far is some sort of post-processing for 
the Javadoc generation that extracts the file from the zip, sets the 
timestamp and then re-zips it. Suggestions for a better solution welcome.


Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Update timestamp for reproducible builds

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 21dcdad  Update timestamp for reproducible builds
21dcdad is described below

commit 21dcdadc3381953611da50112f74187b9798eaf1
Author: Mark Thomas 
AuthorDate: Tue Jun 8 12:09:54 2021 +0100

Update timestamp for reproducible builds
---
 build.properties.default | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 79e40b3..1394534 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -31,8 +31,8 @@ version.suffix=-dev
 
 # - Reproducible builds -
 # Uncomment and set to current time for reproducible builds
-#2021-05-08T15:00:00Z
-#ant.tstamp.now=1620482400
+#2021-06-08T12:00:00Z
+#ant.tstamp.now=1623153600
 
 # - Source control flags -
 git.branch=9.0.x

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Update timestamp for reproducible builds

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new d1cc88c  Update timestamp for reproducible builds
d1cc88c is described below

commit d1cc88ccbd89660e76e59962b21edec15474b75a
Author: Mark Thomas 
AuthorDate: Tue Jun 8 12:09:54 2021 +0100

Update timestamp for reproducible builds
---
 build.properties.default | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index dd478e5..53ad4e3 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -31,8 +31,8 @@ version.suffix=-dev
 
 # - Reproducible builds -
 # Uncomment and set to current time for reproducible builds
-#2021-05-08T15:00:00Z
-#ant.tstamp.now=1620482400
+#2021-06-08T12:00:00Z
+#ant.tstamp.now=1623153600
 
 # - Source control flags -
 git.branch=8.5.x

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 10.0.x updated: Update timestamp for reproducible builds

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 10.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/10.0.x by this push:
 new e872349  Update timestamp for reproducible builds
e872349 is described below

commit e87234939075a66cf0b157ff6f677597ccc5ce1a
Author: Mark Thomas 
AuthorDate: Tue Jun 8 12:09:54 2021 +0100

Update timestamp for reproducible builds
---
 build.properties.default | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index b42d483..eb4e4ce 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -31,8 +31,8 @@ version.suffix=-dev
 
 # - Reproducible builds -
 # Uncomment and set to current time for reproducible builds
-#2021-05-08T15:00:00Z
-#ant.tstamp.now=1620482400
+#2021-06-08T12:00:00Z
+#ant.tstamp.now=1623153600
 
 # - Source control flags -
 git.branch=main

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch main updated: Update timestamp for reproducible builds

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
 new 796d2d6  Update timestamp for reproducible builds
796d2d6 is described below

commit 796d2d6174938b8fa1fa9dbb536482f40de9382b
Author: Mark Thomas 
AuthorDate: Tue Jun 8 12:09:54 2021 +0100

Update timestamp for reproducible builds
---
 build.properties.default | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 4bb4928..dd9db1c 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -31,8 +31,8 @@ version.suffix=-M1-dev
 
 # - Reproducible builds -
 # Uncomment and set to current time for reproducible builds
-#2021-05-08T15:00:00Z
-#ant.tstamp.now=1620482400
+#2021-06-08T12:00:00Z
+#ant.tstamp.now=1623153600
 
 # - Source control flags -
 git.branch=main

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-24 Thread Mark Thomas

On March 24, 2021 3:57:47 PM UTC, Christopher Schultz 
 wrote:
>Mark,
>
>On 3/23/21 09:45, Mark Thomas wrote:
>> On 23/03/2021 13:15, Mark Thomas wrote:
>> 
>> 
>> 
>>> I did a little more digging. There is an assumption in
>JarInputStream 
>>> that /META-INF/MANIFEST.MF is either first or only preceded by
>/META-INF/
>>>
>>> I suspect I'm going to need to revert the  to  
>>> changes. I'm currently looking into alternatives.
>> 
>> Aha!
>> 
>> There is an undocumented attribute on the Zip task (and hence
>inherited 
>> by the Jar task) that can be used to specify the last modified time
>for 
>> all Jar entries.
>> 
>> I'll revert the  to  and use this attribute
>instead.
>
>Can a  type thing also not be given instructions for how to 
>order things?
>
>I think if we have e.g.
>
>
>   
>   
>   ...
>
>
>Then the manifest will definitely be first. Maybe  can even 
>sort its entries explicitly if it doesn't already do so.

Jar has an explicit manifest attribute. That is what we were using prior to the 
reproducible build changes and what I have now restored.

I'm not sure to what extent fileset supports control of order in the archive. 
So far, file order has always been consistent between runs so I haven't 
investigated further. Hopefully I won't need to.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-24 Thread Christopher Schultz


Mark,

On 3/23/21 09:45, Mark Thomas wrote:

On 23/03/2021 13:15, Mark Thomas wrote:



I did a little more digging. There is an assumption in JarInputStream 
that /META-INF/MANIFEST.MF is either first or only preceded by /META-INF/


I suspect I'm going to need to revert the  to  
changes. I'm currently looking into alternatives.


Aha!

There is an undocumented attribute on the Zip task (and hence inherited 
by the Jar task) that can be used to specify the last modified time for 
all Jar entries.


I'll revert the  to  and use this attribute instead.


Can a  type thing also not be given instructions for how to 
order things?


I think if we have e.g.


  
  
  ...


Then the manifest will definitely be first. Maybe  can even 
sort its entries explicitly if it doesn't already do so.


-chris

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Reproducible builds: Consistent line endings for .sh files in src distro

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 75d2cdb  Reproducible builds: Consistent line endings for .sh files in 
src distro
75d2cdb is described below

commit 75d2cdb4c43c999fc7c640771b950afae0e19667
Author: Mark Thomas 
AuthorDate: Tue Mar 23 20:56:50 2021 +

Reproducible builds: Consistent line endings for .sh files in src distro
---
 build.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/build.xml b/build.xml
index 7a134fb..ed4ea4d 100644
--- a/build.xml
+++ b/build.xml
@@ -2962,6 +2962,7 @@ skip.installer property in build.properties" />
   
   
   
+  
 
 
 
@@ -2986,6 +2987,7 @@ skip.installer property in build.properties" />
   
   
   
+  
 
 
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds: Consistent line endings for .sh files in src distro

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new d44dd7b  Reproducible builds: Consistent line endings for .sh files in 
src distro
d44dd7b is described below

commit d44dd7b511c187dd9771a00c11169cbb8e39772a
Author: Mark Thomas 
AuthorDate: Tue Mar 23 20:56:50 2021 +

Reproducible builds: Consistent line endings for .sh files in src distro
---
 build.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/build.xml b/build.xml
index 4397fef..14c3657 100644
--- a/build.xml
+++ b/build.xml
@@ -2984,6 +2984,7 @@ skip.installer property in build.properties" />
   
   
   
+  
 
 
 
@@ -3008,6 +3009,7 @@ skip.installer property in build.properties" />
   
   
   
+  
 
 
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Reproducible builds. Implement better solution for JARs

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 017f2fa  Reproducible builds. Implement better solution for JARs
017f2fa is described below

commit 017f2fa045d851591569c489de45f19cbbb658a5
Author: Mark Thomas 
AuthorDate: Tue Mar 23 14:23:04 2021 +

Reproducible builds. Implement better solution for JARs

Ant's jar task (and zip task) has a undocumented attribute that can be
used to control the last modified time for all the files in the archive.
Use this instead of switching to the zip task as the zip task does not
store /META-INF/MANIFEST at the start of the archive as expected by
JarInputStream
# Conflicts:
#   build.xml
---
 build.xml   | 92 ++---
 modules/jdbc-pool/build.xml | 20 +++---
 2 files changed, 41 insertions(+), 71 deletions(-)

diff --git a/build.xml b/build.xml
index 9c23c75..0f8a7af 100644
--- a/build.xml
+++ b/build.xml
@@ -732,13 +732,6 @@
 when loading the ResourceBundles -->
 
 
-
-
-
-  
-  
-
   
 
   
   
 
-
-
-
-  
-
   
 
   
@@ -895,91 +883,83 @@
   filesId="files.tomcat-dbcp" />
 
 
-
-
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
+
 
   
 
@@ -2111,7 +2091,9 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
 
-
+
   
 
 
@@ -2136,14 +2118,11 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
   
-  
-  
   
   
-
+
 
 
 
@@ -3391,7 +3370,9 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
   
-
+
   
 
 
@@ -3399,10 +3380,9 @@ Read the Building page on the Apache Tomcat 
documentation site for details on ho
   
   
-  
   
   
-
+
   
 
   
diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index c9a2444..3394e18 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -160,21 +160,11 @@
   
 
 
-
-
-  
-  
-  
-
-  
-  
-
-
 
-
-  
-  
+
   
 
   
@@ -182,7 +172,7 @@
 
   
   
-
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Reproducible builds. Implement better solution for JARs

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new ad731ed  Reproducible builds. Implement better solution for JARs
ad731ed is described below

commit ad731ed3faff23d4b5c9521f2f964de056351591
Author: Mark Thomas 
AuthorDate: Tue Mar 23 14:23:04 2021 +

Reproducible builds. Implement better solution for JARs

Ant's jar task (and zip task) has a undocumented attribute that can be
used to control the last modified time for all the files in the archive.
Use this instead of switching to the zip task as the zip task does not
store /META-INF/MANIFEST at the start of the archive as expected by
JarInputStream
---
 build.xml   | 110 ++--
 modules/jdbc-pool/build.xml |  20 ++--
 2 files changed, 49 insertions(+), 81 deletions(-)

diff --git a/build.xml b/build.xml
index 45dafa3..ee962b1 100644
--- a/build.xml
+++ b/build.xml
@@ -986,13 +986,6 @@
 when loading the ResourceBundles -->
 
 
-
-
-
-  
-  
-
   
 
   
   
 
-
-
-
-  
-
   
 
   
@@ -1175,115 +1163,105 @@
   addOSGi="true" />
 
 
-
-
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
+
 
   
 
@@ -2440,7 +2418,9 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
 
-
+
   
 
 
@@ -2465,14 +2445,11 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
   
-  
-  
   
   
-
+
 
 
 
@@ -3777,7 +3754,9 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
   
-
+
   
 
 
@@ -3785,10 +3764,9 @@ Read the Building page on the Apache Tomcat 
documentation site for details on ho
   
   
-  
   
   
-
+
 
   
   
diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index 3bc8c3d..21372bc 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -160,21 +160,11 @@
   
 
 
-
-
-  
-  
-  
-
-  
-  
-
-
 
-
-  
-  
+
   
 
   
@@ -182,7 +172,7 @@
 
   
   
-
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds. Implement better solution for JARs

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 2a065a5  Reproducible builds. Implement better solution for JARs
2a065a5 is described below

commit 2a065a51d959509c93b95f9fce5979ea39ec10a7
Author: Mark Thomas 
AuthorDate: Tue Mar 23 14:23:04 2021 +

Reproducible builds. Implement better solution for JARs

Ant's jar task (and zip task) has a undocumented attribute that can be
used to control the last modified time for all the files in the archive.
Use this instead of switching to the zip task as the zip task does not
store /META-INF/MANIFEST at the start of the archive as expected by
JarInputStream
---
 build.xml   | 110 ++--
 modules/jdbc-pool/build.xml |  20 ++--
 2 files changed, 49 insertions(+), 81 deletions(-)

diff --git a/build.xml b/build.xml
index 60fd8cc..b701195 100644
--- a/build.xml
+++ b/build.xml
@@ -991,13 +991,6 @@
 when loading the ResourceBundles -->
 
 
-
-
-
-  
-  
-
   
 
   
   
 
-
-
-
-  
-
   
 
   
@@ -1186,115 +1174,105 @@
   addOSGi="true" />
 
 
-
-
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
-
+
+
   
 
   
-  
-  
   
   
-
+
 
   
 
@@ -2462,7 +2440,9 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
 
-
+
   
 
 
@@ -2487,14 +2467,11 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
   
-  
-  
   
   
-
+
 
 
 
@@ -3809,7 +3786,9 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
   
-
+
   
 
 
@@ -3817,10 +3796,9 @@ Read the Building page on the Apache Tomcat 
documentation site for details on ho
   
   
-  
   
   
-
+
 
   
   
diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index 3bc8c3d..21372bc 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -160,21 +160,11 @@
   
 
 
-
-
-  
-  
-  
-
-  
-  
-
-
 
-
-  
-  
+
   
 
   
@@ -182,7 +172,7 @@
 
   
   
-
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-23 Thread Mark Thomas


On 23/03/2021 13:15, Mark Thomas wrote:



I did a little more digging. There is an assumption in JarInputStream 
that /META-INF/MANIFEST.MF is either first or only preceded by /META-INF/


I suspect I'm going to need to revert the  to  
changes. I'm currently looking into alternatives.


Aha!

There is an undocumented attribute on the Zip task (and hence inherited 
by the Jar task) that can be used to specify the last modified time for 
all Jar entries.


I'll revert the  to  and use this attribute instead.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-23 Thread Mark Thomas


On 22/03/2021 14:53, Konstantin Kolinko wrote:

пн, 22 мар. 2021 г. в 17:32, Mark Thomas :


On 22/03/2021 13:16, Konstantin Kolinko wrote:

сб, 20 мар. 2021 г. в 18:24, Emmanuel Bourg :



I got a quick look, I guess you replaced the  tasks with  to
make the timestamp of the zip entries reproducible? I'm not sure this is
sufficient, there is no guarantee the order of the entries will be the
same (this is usually dependent on the filesystem used, I don't think
Ant sorts the entries).


I have not reviewed the changes, but jar and zip differ in
a) placement of Manifest file (jar spec requires it to be the first
file in the archive IIRC)
b) encoding used for file names (jar uses UTF-8, zip uses platform default)


I couldn't find a reference to a requirement regarding the location of
MANIFEST. Do you have a reference?


I do not see with quick search in current spec [1],
but I see it mentioned and discussed here:
[2] https://en.wikipedia.org/wiki/JAR_(file_format)#Manifest
[3] 
https://stackoverflow.com/questions/4727637/how-do-i-verify-the-order-of-manifest-mf-within-jar


I did a little more digging. There is an assumption in JarInputStream 
that /META-INF/MANIFEST.MF is either first or only preceded by /META-INF/


I suspect I'm going to need to revert the  to  
changes. I'm currently looking into alternatives.


Mark





[1] https://docs.oracle.com/javase/8/docs/technotes/guides/jar/jar.html

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-22 Thread Konstantin Kolinko

пн, 22 мар. 2021 г. в 17:32, Mark Thomas :
>
> On 22/03/2021 13:16, Konstantin Kolinko wrote:
> > сб, 20 мар. 2021 г. в 18:24, Emmanuel Bourg :
>
> >> I got a quick look, I guess you replaced the  tasks with  to
> >> make the timestamp of the zip entries reproducible? I'm not sure this is
> >> sufficient, there is no guarantee the order of the entries will be the
> >> same (this is usually dependent on the filesystem used, I don't think
> >> Ant sorts the entries).
> >
> > I have not reviewed the changes, but jar and zip differ in
> > a) placement of Manifest file (jar spec requires it to be the first
> > file in the archive IIRC)
> > b) encoding used for file names (jar uses UTF-8, zip uses platform default)
>
> I couldn't find a reference to a requirement regarding the location of
> MANIFEST. Do you have a reference?

I do not see with quick search in current spec [1],
but I see it mentioned and discussed here:
[2] https://en.wikipedia.org/wiki/JAR_(file_format)#Manifest
[3] 
https://stackoverflow.com/questions/4727637/how-do-i-verify-the-order-of-manifest-mf-within-jar


[1] https://docs.oracle.com/javase/8/docs/technotes/guides/jar/jar.html

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-22 Thread Mark Thomas


On 22/03/2021 13:16, Konstantin Kolinko wrote:

сб, 20 мар. 2021 г. в 18:24, Emmanuel Bourg :


2. The current Windows exe signing process isn't repeatable. There are a
few suggestions workarounds at https://reproducible-builds.org/ and I
need to discuss these with the provider of the code signing service the
ASF uses (DigiCert).


The signature is reproducible but not the timestamp. We'd need something
like a detached signature shipped with the source package, and a build
that either append the signature or get a new one from DigiCert.


There are two signed executables: installer and uninstaller,
and uninstaller is packed into the installer executable.

That's why the installer is built twice by build.xml, first to create
an uninstaller so that it could be signed. (IIRC)

A timestamp is an important part of a signature (so that one does not
create a new signature with an expired key).


The suggested workaround would be something like:
- build
- sign the .exe
- extract the signature and save it somewhere
- rebuild
- insert the saved signature

If the build is reproducible, the rebuild will be identical and the 
inserted signature will be valid.



I got a quick look, I guess you replaced the  tasks with  to
make the timestamp of the zip entries reproducible? I'm not sure this is
sufficient, there is no guarantee the order of the entries will be the
same (this is usually dependent on the filesystem used, I don't think
Ant sorts the entries).


I have not reviewed the changes, but jar and zip differ in
a) placement of Manifest file (jar spec requires it to be the first
file in the archive IIRC)
b) encoding used for file names (jar uses UTF-8, zip uses platform default)


I couldn't find a reference to a requirement regarding the location of 
MANIFEST. Do you have a reference?


File name encoding should be a non issue as all the Tomcat files have 
ASCII names.



пн, 22 мар. 2021 г. в 12:44, Mark Thomas :


No. The Jar entries used the timestamps of the original files. As long
as the Jar task was configured not to add entries for directories (which
used the current time as the last modified date) that part was OK. The
issue was that the manifest was always created with the current time as
the last modified date.


Those entries for directories are required for some tools to operate
correctly. I think that we already turned them off once and turned
them back on.

(I think it was annotation scanning in some old version of Spring
Framework that was broken by missing directories, but I do not have a
link - just from memory.)


A link would be good so we can review exactly what the problem is/was.


I know that Apache Maven is capable of creating reproducible builds
(by setting an explicit timestamp when building). [1]
Looking at "maven-core-3.3.9.jar" as an example, it has entries for directories,

If the jar task does not do what is needed for us, it is better to ask
Apache Ant project for a fix (so that other projects can benefit from
it as well) rather than replace "jar" with "zip".


Big +1. I've already opened an issue with Bnd. I'll add doing the same 
with Ant to my TODO list.


I have no problem reverting any of the reproducible build changes if 
they cause problems. I too suspect that the jar -> zip change is the 
most likely to trigger issues.


Mark



[1] https://maven.apache.org/guides/mini/guide-reproducible-builds.html

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-22 Thread Konstantin Kolinko

сб, 20 мар. 2021 г. в 18:24, Emmanuel Bourg :

> > 2. The current Windows exe signing process isn't repeatable. There are a
> > few suggestions workarounds at https://reproducible-builds.org/ and I
> > need to discuss these with the provider of the code signing service the
> > ASF uses (DigiCert).
>
> The signature is reproducible but not the timestamp. We'd need something
> like a detached signature shipped with the source package, and a build
> that either append the signature or get a new one from DigiCert.

There are two signed executables: installer and uninstaller,
and uninstaller is packed into the installer executable.

That's why the installer is built twice by build.xml, first to create
an uninstaller so that it could be signed. (IIRC)

A timestamp is an important part of a signature (so that one does not
create a new signature with an expired key).

>
> I got a quick look, I guess you replaced the  tasks with  to
> make the timestamp of the zip entries reproducible? I'm not sure this is
> sufficient, there is no guarantee the order of the entries will be the
> same (this is usually dependent on the filesystem used, I don't think
> Ant sorts the entries).

I have not reviewed the changes, but jar and zip differ in
a) placement of Manifest file (jar spec requires it to be the first
file in the archive IIRC)
b) encoding used for file names (jar uses UTF-8, zip uses platform default)

пн, 22 мар. 2021 г. в 12:44, Mark Thomas :
>
> No. The Jar entries used the timestamps of the original files. As long
> as the Jar task was configured not to add entries for directories (which
> used the current time as the last modified date) that part was OK. The
> issue was that the manifest was always created with the current time as
> the last modified date.

Those entries for directories are required for some tools to operate
correctly. I think that we already turned them off once and turned
them back on.

(I think it was annotation scanning in some old version of Spring
Framework that was broken by missing directories, but I do not have a
link - just from memory.)

I know that Apache Maven is capable of creating reproducible builds
(by setting an explicit timestamp when building). [1]
Looking at "maven-core-3.3.9.jar" as an example, it has entries for directories,

If the jar task does not do what is needed for us, it is better to ask
Apache Ant project for a fix (so that other projects can benefit from
it as well) rather than replace "jar" with "zip".

[1] https://maven.apache.org/guides/mini/guide-reproducible-builds.html

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-22 Thread Mark Thomas

On 20/03/2021 15:24, Emmanuel Bourg wrote:

Le 19/03/2021 à 16:39, Mark Thomas a écrit :

Over the last few days I have been looking at making the Tomcat builds
(more) reproducible. I have currently reached the stage where sequential
builds on my local machine produce identical output.

That's a great idea.

There are several caveats

1. Some of the embedded JARs can vary between runs due to a Bnd issue.
That has been reported to the Bnd project and should be fixed shortly.

In Debian the Tomcat package is mostly reproducible, the only difference
is in the OSGi metadata and the Require-Capability field [1]. Is this
the Bnd issue you are referring to ?

Yes. The Bnd team also think they may need to normalize
Provide-Capability as well.

2. The current Windows exe signing process isn't repeatable. There are a
few suggestions workarounds at https://reproducible-builds.org/ and I
need to discuss these with the provider of the code signing service the
ASF uses (DigiCert).

The signature is reproducible but not the timestamp. We'd need something
like a detached signature shipped with the source package, and a build
that either append the signature or get a new one from DigiCert.

Indeed. I'll discuss the options here with DigiCert and report back.

I have a series of commits where each commit addresses a specific issue.

I got a quick look, I guess you replaced the tasks with to
make the timestamp of the zip entries reproducible?

No. The Jar entries used the timestamps of the original files. As long
as the Jar task was configured not to add entries for directories (which
used the current time as the last modified date) that part was OK. The
issue was that the manifest was always created with the current time as
the last modified date.

I'm not sure this is
sufficient, there is no guarantee the order of the entries will be the
same (this is usually dependent on the filesystem used, I don't think
Ant sorts the entries).

I haven't hit this issue yet. I suspect I will, or something similar,
when I start testing with different platforms.

In Debian there is a tool (strip-nondeterminism) post-processing the jar
files and fixing the possible variations (entries order, timestamps),
we'll probably need something similar.

Potentially. There isn't any particular deadline for this so we can take
the time to get things fixed in upstream Bnd, Ant, etc.

Mark

Emmanuel Bourg

[1]
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/diffoscope-results/tomcat9.html

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: Reproducible builds

2021-03-20 Thread Emmanuel Bourg

Le 19/03/2021 à 16:39, Mark Thomas a écrit :

> Over the last few days I have been looking at making the Tomcat builds
> (more) reproducible. I have currently reached the stage where sequential
> builds on my local machine produce identical output.

That's a great idea.


> There are several caveats
> 
> 1. Some of the embedded JARs can vary between runs due to a Bnd issue.
> That has been reported to the Bnd project and should be fixed shortly.

In Debian the Tomcat package is mostly reproducible, the only difference
is in the OSGi metadata and the Require-Capability field [1]. Is this
the Bnd issue you are referring to ?


> 2. The current Windows exe signing process isn't repeatable. There are a
> few suggestions workarounds at https://reproducible-builds.org/ and I
> need to discuss these with the provider of the code signing service the
> ASF uses (DigiCert).

The signature is reproducible but not the timestamp. We'd need something
like a detached signature shipped with the source package, and a build
that either append the signature or get a new one from DigiCert.


> I have a series of commits where each commit addresses a specific issue.

I got a quick look, I guess you replaced the  tasks with  to
make the timestamp of the zip entries reproducible? I'm not sure this is
sufficient, there is no guarantee the order of the entries will be the
same (this is usually dependent on the filesystem used, I don't think
Ant sorts the entries).

In Debian there is a tool (strip-nondeterminism) post-processing the jar
files and fixing the possible variations (entries order, timestamps),
we'll probably need something similar.

Emmanuel Bourg

[1]
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/diffoscope-results/tomcat9.html

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Reproducible builds: Windows installer

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new cc45875  Reproducible builds: Windows installer
cc45875 is described below

commit cc458751c4d7f6d9b17c5c8ded3f41cf608e35d1
Author: Mark Thomas 
AuthorDate: Fri Mar 19 15:22:41 2021 +

Reproducible builds: Windows installer
---
 build.xml | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/build.xml b/build.xml
index 2b63398..9c23c75 100644
--- a/build.xml
+++ b/build.xml
@@ -2259,6 +2259,10 @@ skip.installer property in build.properties" />
 encoding="ISO-8859-1" fixlast="false" >
   
 
+
+
+  
+
   
 
   
 
   
 
-
+
+
+  
+

[tomcat] branch master updated: Reproducible builds: Windows installer

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new c3215cf  Reproducible builds: Windows installer
c3215cf is described below

commit c3215cf9e3652a7c37b45580ccbb77d5233f47a5
Author: Mark Thomas 
AuthorDate: Fri Mar 19 15:22:41 2021 +

Reproducible builds: Windows installer
---
 build.xml | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/build.xml b/build.xml
index 3aabf2e..60fd8cc 100644
--- a/build.xml
+++ b/build.xml
@@ -2610,6 +2610,10 @@ skip.installer property in build.properties" />
 encoding="ISO-8859-1" fixlast="false" >
   
 
+
+
+  
+
   
 
   
 
   
 
-
+
+
+  
+

[tomcat] branch 8.5.x updated: Reproducible builds: Binary packages (excluding installer)

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 1df6d44  Reproducible builds: Binary packages (excluding installer)
1df6d44 is described below

commit 1df6d44d7653924f98b48ad66c86c497986dfc92
Author: Mark Thomas 
AuthorDate: Thu Mar 18 20:53:49 2021 +

Reproducible builds: Binary packages (excluding installer)
---
 build.xml | 70 +--
 1 file changed, 68 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index 437d300..212895b 100644
--- a/build.xml
+++ b/build.xml
@@ -1401,6 +1401,12 @@
 encoding="ISO-8859-1" fixlast="false" >
   
 
+
+
+
+  
+
+
 
   
 
@@ -1416,6 +1422,12 @@
 encoding="ISO-8859-1" fixlast="false" >
   
 
+
+
+
+  
+
+
 
   
@@ -2099,7 +2111,7 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
 
-
+

   
   
@@ -2124,7 +2136,14 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
   
   

-
+   
+   
+   
+   
+
 
 
 
@@ -2382,7 +2401,13 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
+  
   
 
 
@@ -2415,8 +2440,14 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
 
+  
   
 
 
@@ -2442,6 +2473,7 @@ skip.installer property in build.properties" />
 
 
 
+  
   
 
 
@@ -2482,7 +2514,14 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+  
+
+
 
+  
   
   
   
@@ -2500,6 +2539,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   
@@ -2548,6 +2592,12 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+  
+
+
 
   
@@ -2571,6 +2621,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   
@@ -2595,7 +2650,13 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
+  
   
 
 
@@ -2611,6 +2672,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 02/02: Reproducible builds: Binary packages (excluding installer)

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit f79d84fecbcb5bea7cf52fe0e0f84675940940a1
Author: Mark Thomas 
AuthorDate: Thu Mar 18 20:53:49 2021 +

Reproducible builds: Binary packages (excluding installer)
---
 build.xml | 76 +--
 1 file changed, 74 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index d7a0353..e975fa6 100644
--- a/build.xml
+++ b/build.xml
@@ -1751,6 +1751,12 @@
   
 
 
+
+
+  
+
+
 
 
   
 
+
+
+
+  
+
+
 
   
 
@@ -1801,6 +1813,12 @@
 encoding="ISO-8859-1" fixlast="false" >
   
 
+
+
+
+  
+
+
 
   
@@ -2422,7 +2440,7 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
 
-
+

   
   
@@ -2447,7 +2465,14 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
   
   

-
+   
+   
+   
+   
+
 
 
 
@@ -2698,7 +2723,13 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
+  
   
 
 
@@ -2731,8 +2762,14 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
 
+  
   
 
 
@@ -2758,6 +2795,7 @@ skip.installer property in build.properties" />
 
 
 
+  
   
 
 
@@ -2798,7 +2836,14 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+  
+
+
 
+  
   
   
   
@@ -2816,6 +2861,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   
@@ -2864,6 +2914,12 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+  
+
+
 
   
@@ -2887,6 +2943,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   
@@ -2911,7 +2972,13 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
+  
   
 
 
@@ -2927,6 +2994,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] 01/02: Reproducible builds: XReflectionIntrospectionUtils.java

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 974af564eb4e0e0fe873b3ae0f80f0ed29d32da8
Author: Mark Thomas 
AuthorDate: Thu Mar 18 19:50:00 2021 +

Reproducible builds: XReflectionIntrospectionUtils.java
---
 .../util/xreflection/ObjectReflectionPropertyInspector.java |  3 ++-
 .../apache/tomcat/util/xreflection/ReflectionProperty.java  | 12 +++-
 .../apache/tomcat/util/xreflection/SetPropertyClass.java| 13 +
 3 files changed, 22 insertions(+), 6 deletions(-)

diff --git 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
index dc101cb..f27a27f 100644
--- 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
+++ 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
@@ -26,6 +26,7 @@ import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
+import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
@@ -64,7 +65,7 @@ public final class ObjectReflectionPropertyInspector {
 
 private static final Set> getKnownClasses() throws 
ClassNotFoundException {
 return
-Collections.unmodifiableSet(new HashSet<>(
+Collections.unmodifiableSet(new LinkedHashSet<>(
 Arrays.asList(
 
Class.forName("org.apache.catalina.authenticator.jaspic.SimpleAuthConfigProvider"),
 
Class.forName("org.apache.catalina.authenticator.jaspic.PersistentProviderRegistrations$Property"),
diff --git a/java/org/apache/tomcat/util/xreflection/ReflectionProperty.java 
b/java/org/apache/tomcat/util/xreflection/ReflectionProperty.java
index f74f7c0..46d4447 100644
--- a/java/org/apache/tomcat/util/xreflection/ReflectionProperty.java
+++ b/java/org/apache/tomcat/util/xreflection/ReflectionProperty.java
@@ -19,7 +19,7 @@ package org.apache.tomcat.util.xreflection;
 import java.lang.reflect.Method;
 import java.net.InetAddress;
 
-final class ReflectionProperty {
+final class ReflectionProperty implements Comparable {
 private final String clazz;
 private final String propertyName;
 private final Class propertyType;
@@ -116,4 +116,14 @@ final class ReflectionProperty {
 sb.append('}');
 return sb.toString();
 }
+
+@Override
+public int compareTo(ReflectionProperty o) {
+// Class then property name
+int result = clazz.compareTo(o.clazz);
+if (result == 0) {
+result = propertyName.compareTo(o.propertyName);
+}
+return result;
+}
 }
diff --git a/java/org/apache/tomcat/util/xreflection/SetPropertyClass.java 
b/java/org/apache/tomcat/util/xreflection/SetPropertyClass.java
index 55a68c4..389a483 100644
--- a/java/org/apache/tomcat/util/xreflection/SetPropertyClass.java
+++ b/java/org/apache/tomcat/util/xreflection/SetPropertyClass.java
@@ -18,12 +18,12 @@ package org.apache.tomcat.util.xreflection;
 
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
-import java.util.HashSet;
 import java.util.Set;
+import java.util.TreeSet;
 
 import org.apache.tomcat.util.IntrospectionUtils;
 
-final class SetPropertyClass {
+final class SetPropertyClass implements Comparable {
 
 static final String OBJECT_VAR_NAME = "o";
 static final String NAME_VAR_NAME = "name";
@@ -32,8 +32,8 @@ final class SetPropertyClass {
 
 private final SetPropertyClass parent;
 private final Class clazz;
-private Set children = new HashSet<>();
-private Set properties = new HashSet<>();
+private Set children = new TreeSet<>();
+private Set properties = new TreeSet<>();
 private final boolean isAbstract;
 private final Method genericSetPropertyMethod;
 private final Method genericGetPropertyMethod;
@@ -433,4 +433,9 @@ final class SetPropertyClass {
 
 return code.toString();
 }
+
+@Override
+public int compareTo(SetPropertyClass o) {
+return clazz.getName().compareTo(o.clazz.getName());
+}
 }

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds: Binary packages (excluding installer)

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new c06dbae  Reproducible builds: Binary packages (excluding installer)
c06dbae is described below

commit c06dbae706e1907b961f5f36970e364744679c0c
Author: Mark Thomas 
AuthorDate: Thu Mar 18 20:53:49 2021 +

Reproducible builds: Binary packages (excluding installer)
---
 build.xml | 76 +--
 1 file changed, 74 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index 1bc68b7..44a021b 100644
--- a/build.xml
+++ b/build.xml
@@ -1773,6 +1773,12 @@
   
 
 
+
+
+  
+
+
 
 
   
 
+
+
+
+  
+
+
 
   
 
@@ -1823,6 +1835,12 @@
 encoding="ISO-8859-1" fixlast="false" >
   
 
+
+
+
+  
+
+
 
   
@@ -2444,7 +2462,7 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
 
 
 
-
+

   
   
@@ -2469,7 +2487,14 @@ Apache Tomcat ${version} native binaries for Win64 
AMD64/EMT64 platform.
   
   

-
+   
+   
+   
+   
+
 
 
 
@@ -2720,7 +2745,13 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
+  
   
 
 
@@ -2753,8 +2784,14 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
 
+  
   
 
 
@@ -2780,6 +2817,7 @@ skip.installer property in build.properties" />
 
 
 
+  
   
 
 
@@ -2820,7 +2858,14 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+  
+
+
 
+  
   
   
   
@@ -2838,6 +2883,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   
@@ -2886,6 +2936,12 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+  
+
+
 
   
@@ -2909,6 +2965,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   
@@ -2933,7 +2994,13 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
+  
   
 
 
@@ -2949,6 +3016,11 @@ skip.installer property in build.properties" />
   
 
 
+
+
+  
+
+
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds: XReflectionIntrospectionUtils.java

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new b2b5773  Reproducible builds: XReflectionIntrospectionUtils.java
b2b5773 is described below

commit b2b57736572eb1385130d32e5d291ee5558f2e3b
Author: Mark Thomas 
AuthorDate: Thu Mar 18 19:50:00 2021 +

Reproducible builds: XReflectionIntrospectionUtils.java
---
 .../util/xreflection/ObjectReflectionPropertyInspector.java |  3 ++-
 .../apache/tomcat/util/xreflection/ReflectionProperty.java  | 12 +++-
 .../apache/tomcat/util/xreflection/SetPropertyClass.java| 13 +
 3 files changed, 22 insertions(+), 6 deletions(-)

diff --git 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
index 520e6a0..514aeb4 100644
--- 
a/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
+++ 
b/java/org/apache/tomcat/util/xreflection/ObjectReflectionPropertyInspector.java
@@ -26,6 +26,7 @@ import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
+import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
@@ -64,7 +65,7 @@ public final class ObjectReflectionPropertyInspector {
 
 private static final Set> getKnownClasses() throws 
ClassNotFoundException {
 return
-Collections.unmodifiableSet(new HashSet<>(
+Collections.unmodifiableSet(new LinkedHashSet<>(
 Arrays.asList(
 
Class.forName("org.apache.catalina.authenticator.jaspic.SimpleAuthConfigProvider"),
 
Class.forName("org.apache.catalina.authenticator.jaspic.PersistentProviderRegistrations$Property"),
diff --git a/java/org/apache/tomcat/util/xreflection/ReflectionProperty.java 
b/java/org/apache/tomcat/util/xreflection/ReflectionProperty.java
index f74f7c0..46d4447 100644
--- a/java/org/apache/tomcat/util/xreflection/ReflectionProperty.java
+++ b/java/org/apache/tomcat/util/xreflection/ReflectionProperty.java
@@ -19,7 +19,7 @@ package org.apache.tomcat.util.xreflection;
 import java.lang.reflect.Method;
 import java.net.InetAddress;
 
-final class ReflectionProperty {
+final class ReflectionProperty implements Comparable {
 private final String clazz;
 private final String propertyName;
 private final Class propertyType;
@@ -116,4 +116,14 @@ final class ReflectionProperty {
 sb.append('}');
 return sb.toString();
 }
+
+@Override
+public int compareTo(ReflectionProperty o) {
+// Class then property name
+int result = clazz.compareTo(o.clazz);
+if (result == 0) {
+result = propertyName.compareTo(o.propertyName);
+}
+return result;
+}
 }
diff --git a/java/org/apache/tomcat/util/xreflection/SetPropertyClass.java 
b/java/org/apache/tomcat/util/xreflection/SetPropertyClass.java
index 55a68c4..389a483 100644
--- a/java/org/apache/tomcat/util/xreflection/SetPropertyClass.java
+++ b/java/org/apache/tomcat/util/xreflection/SetPropertyClass.java
@@ -18,12 +18,12 @@ package org.apache.tomcat.util.xreflection;
 
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
-import java.util.HashSet;
 import java.util.Set;
+import java.util.TreeSet;
 
 import org.apache.tomcat.util.IntrospectionUtils;
 
-final class SetPropertyClass {
+final class SetPropertyClass implements Comparable {
 
 static final String OBJECT_VAR_NAME = "o";
 static final String NAME_VAR_NAME = "name";
@@ -32,8 +32,8 @@ final class SetPropertyClass {
 
 private final SetPropertyClass parent;
 private final Class clazz;
-private Set children = new HashSet<>();
-private Set properties = new HashSet<>();
+private Set children = new TreeSet<>();
+private Set properties = new TreeSet<>();
 private final boolean isAbstract;
 private final Method genericSetPropertyMethod;
 private final Method genericGetPropertyMethod;
@@ -433,4 +433,9 @@ final class SetPropertyClass {
 
 return code.toString();
 }
+
+@Override
+public int compareTo(SetPropertyClass o) {
+return clazz.getName().compareTo(o.clazz.getName());
+}
 }

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Reproducible builds: Make jdbc-pool JAR reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new 760f357  Reproducible builds: Make jdbc-pool JAR reproducible
760f357 is described below

commit 760f357d590290b0d67fcaef31a255be4721e629
Author: Mark Thomas 
AuthorDate: Thu Mar 18 16:05:44 2021 +

Reproducible builds: Make jdbc-pool JAR reproducible
---
 build.xml  |  1 +
 modules/jdbc-pool/build.properties.default |  4 
 modules/jdbc-pool/build.xml| 20 ++--
 3 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index 992961f..437d300 100644
--- a/build.xml
+++ b/build.xml
@@ -1225,6 +1225,7 @@
 
 
+  
   
   
   
diff --git a/modules/jdbc-pool/build.properties.default 
b/modules/jdbc-pool/build.properties.default
index 2107872..1e1d03a 100644
--- a/modules/jdbc-pool/build.properties.default
+++ b/modules/jdbc-pool/build.properties.default
@@ -29,6 +29,10 @@ version.build=0
 version.patch=1
 version.suffix=
 
+# - Reproducible builds -
+# Uncomment and set to current time for reproducible builds
+#ant.tstamp.now.iso=2021-03-18T06:00:00Z
+
 # - Default Base Path for Dependent Packages -
 # Please note this path must be absolute, not relative,
 # as it is referenced with different working directory
diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index e56c1e9..c9a2444 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -85,6 +85,9 @@
   
 
   
+  
+
+  
   
 
 
@@ -157,8 +160,21 @@
   
 
 
+
+
+  
+  
+  
+
+  
+  
+
+
 
-
+
+  
+  
   
 
   
@@ -166,7 +182,7 @@
 
   
   
-
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Reproducible builds: Make jdbc-pool JAR reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new d988741  Reproducible builds: Make jdbc-pool JAR reproducible
d988741 is described below

commit d9887416e690eddc1dad31816ae3a18f355ed3f1
Author: Mark Thomas 
AuthorDate: Thu Mar 18 16:05:44 2021 +

Reproducible builds: Make jdbc-pool JAR reproducible
---
 build.xml  |  1 +
 modules/jdbc-pool/build.properties.default |  4 
 modules/jdbc-pool/build.xml| 20 ++--
 3 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index f3bc2f8..d7a0353 100644
--- a/build.xml
+++ b/build.xml
@@ -1529,6 +1529,7 @@
 
 
+  
   
   
   
diff --git a/modules/jdbc-pool/build.properties.default 
b/modules/jdbc-pool/build.properties.default
index 753da45..6131bd7 100644
--- a/modules/jdbc-pool/build.properties.default
+++ b/modules/jdbc-pool/build.properties.default
@@ -29,6 +29,10 @@ version.build=0
 version.patch=1
 version.suffix=
 
+# - Reproducible builds -
+# Uncomment and set to current time for reproducible builds
+#ant.tstamp.now.iso=2021-03-18T06:00:00Z
+
 # - Default Base Path for Dependent Packages -
 # Please note this path must be absolute, not relative,
 # as it is referenced with different working directory
diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index 6d41d22..3bc8c3d 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -85,6 +85,9 @@
   
 
   
+  
+
+  
   
 
 
@@ -157,8 +160,21 @@
   
 
 
+
+
+  
+  
+  
+
+  
+  
+
+
 
-
+
+  
+  
   
 
   
@@ -166,7 +182,7 @@
 
   
   
-
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds: Make jdbc-pool JAR reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new f558a19  Reproducible builds: Make jdbc-pool JAR reproducible
f558a19 is described below

commit f558a1984ea60318e7d3405b1fbe2a246edc49b4
Author: Mark Thomas 
AuthorDate: Thu Mar 18 16:05:44 2021 +

Reproducible builds: Make jdbc-pool JAR reproducible
---
 build.xml  |  1 +
 modules/jdbc-pool/build.properties.default |  4 
 modules/jdbc-pool/build.xml| 20 ++--
 3 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index 710d962..1bc68b7 100644
--- a/build.xml
+++ b/build.xml
@@ -1551,6 +1551,7 @@
 
 
+  
   
   
   
diff --git a/modules/jdbc-pool/build.properties.default 
b/modules/jdbc-pool/build.properties.default
index 753da45..6131bd7 100644
--- a/modules/jdbc-pool/build.properties.default
+++ b/modules/jdbc-pool/build.properties.default
@@ -29,6 +29,10 @@ version.build=0
 version.patch=1
 version.suffix=
 
+# - Reproducible builds -
+# Uncomment and set to current time for reproducible builds
+#ant.tstamp.now.iso=2021-03-18T06:00:00Z
+
 # - Default Base Path for Dependent Packages -
 # Please note this path must be absolute, not relative,
 # as it is referenced with different working directory
diff --git a/modules/jdbc-pool/build.xml b/modules/jdbc-pool/build.xml
index 6d41d22..3bc8c3d 100644
--- a/modules/jdbc-pool/build.xml
+++ b/modules/jdbc-pool/build.xml
@@ -85,6 +85,9 @@
   
 
   
+  
+
+  
   
 
 
@@ -157,8 +160,21 @@
   
 
 
+
+
+  
+  
+  
+
+  
+  
+
+
 
-
+
+  
+  
   
 
   
@@ -166,7 +182,7 @@
 
   
   
-
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Reproducible builds: Make i18n JARs reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new d2b6c69  Reproducible builds: Make i18n JARs reproducible
d2b6c69 is described below

commit d2b6c69838570db0264b68b7dea356287d2fb340
Author: Mark Thomas 
AuthorDate: Thu Mar 18 14:47:31 2021 +

Reproducible builds: Make i18n JARs reproducible
---
 build.xml | 58 +-
 1 file changed, 37 insertions(+), 21 deletions(-)

diff --git a/build.xml b/build.xml
index 4560387..992961f 100644
--- a/build.xml
+++ b/build.xml
@@ -737,6 +737,7 @@
 files placed in JARs -->
 
   
+  
 
   
 
@@ -894,76 +895,91 @@
   filesId="files.tomcat-dbcp" />
 
 
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
+
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Reproducible builds: Make i18n JARs reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 7b4c116  Reproducible builds: Make i18n JARs reproducible
7b4c116 is described below

commit 7b4c116418232d49e19f6078d988d09974beda5c
Author: Mark Thomas 
AuthorDate: Thu Mar 18 14:47:31 2021 +

Reproducible builds: Make i18n JARs reproducible
---
 build.xml | 74 ---
 1 file changed, 47 insertions(+), 27 deletions(-)

diff --git a/build.xml b/build.xml
index 9ab1864..f3bc2f8 100644
--- a/build.xml
+++ b/build.xml
@@ -991,6 +991,7 @@
 files placed in JARs -->
 
   
+  
 
   
 
@@ -1174,96 +1175,115 @@
   addOSGi="true" />
 
 
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
+
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds: Make i18n JARs reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 2aa6464  Reproducible builds: Make i18n JARs reproducible
2aa6464 is described below

commit 2aa646470ae9ec1e2b42930f19099544156c9386
Author: Mark Thomas 
AuthorDate: Thu Mar 18 14:47:31 2021 +

Reproducible builds: Make i18n JARs reproducible
---
 build.xml | 74 ---
 1 file changed, 47 insertions(+), 27 deletions(-)

diff --git a/build.xml b/build.xml
index 0ce088b..710d962 100644
--- a/build.xml
+++ b/build.xml
@@ -996,6 +996,7 @@
 files placed in JARs -->
 
   
+  
 
   
 
@@ -1185,96 +1186,115 @@
   addOSGi="true" />
 
 
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
-
+
+
   
 
   
+  
+  
   
   
-
+
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Reproducible builds: Make Graal processed JARs reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new f33ebf3  Reproducible builds: Make Graal processed JARs reproducible
f33ebf3 is described below

commit f33ebf31700680a4c2126f00dd2f5fbd49bde551
Author: Mark Thomas 
AuthorDate: Thu Mar 18 12:52:19 2021 +

Reproducible builds: Make Graal processed JARs reproducible
---
 build.xml | 12 ++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index 99300f1..9ab1864 100644
--- a/build.xml
+++ b/build.xml
@@ -76,6 +76,7 @@
   
   
   
+  
   
   
   
@@ -3725,8 +3726,15 @@ Read the Building page on the Apache Tomcat 
documentation site for details on ho
 
   
 
-
-  
+
+
+  
+
+
+  
+
+
+  
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds: Make Graal processed JARs reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 368f8c4  Reproducible builds: Make Graal processed JARs reproducible
368f8c4 is described below

commit 368f8c4958c209f6f5b1f1394a047ed711ed843a
Author: Mark Thomas 
AuthorDate: Thu Mar 18 12:52:19 2021 +

Reproducible builds: Make Graal processed JARs reproducible
---
 build.xml | 12 ++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index aa727ae..0ce088b 100644
--- a/build.xml
+++ b/build.xml
@@ -80,6 +80,7 @@
   
   
   
+  
   
   
   
@@ -3757,8 +3758,15 @@ Read the Building page on the Apache Tomcat 
documentation site for details on ho
 
   
 
-
-  
+
+
+  
+
+
+  
+
+
+  
 
   
 

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 8.5.x updated: Reproducible builds: Make non-bnd processed JARs reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
 new cbf0e27  Reproducible builds: Make non-bnd processed JARs reproducible
cbf0e27 is described below

commit cbf0e272e068225533cff04306d2a62f6b88869b
Author: Mark Thomas 
AuthorDate: Thu Mar 18 12:23:35 2021 +

Reproducible builds: Make non-bnd processed JARs reproducible
---
 build.properties.default |  4 
 build.xml| 15 +--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index e45fe99..5cc548d 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -29,6 +29,10 @@ version.build=65
 version.patch=0
 version.suffix=-dev
 
+# - Reproducible builds -
+# Uncomment and set to current time for reproducible builds
+#ant.tstamp.now.iso=2021-03-18T06:00:00Z
+
 # - Source control flags -
 git.branch=8.5.x
 
diff --git a/build.xml b/build.xml
index 3486a26..4560387 100644
--- a/build.xml
+++ b/build.xml
@@ -260,6 +260,7 @@
 
 
 
+
   
   
 
@@ -732,6 +733,11 @@
 
 
 
+
+
+  
+
   
 
   
 
 
+
+
+  
+
   
 
   
@@ -3291,7 +3301,7 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
   
-
+
   
 
 
@@ -3299,9 +3309,10 @@ Read the Building page on the Apache Tomcat 
documentation site for details on ho
   
   
+  
   
   
-
+
   
 
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch 9.0.x updated: Reproducible builds: Make non-bnd processed JARs reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
 new 8411469  Reproducible builds: Make non-bnd processed JARs reproducible
8411469 is described below

commit 84114698faaa618d8deb26d9101b2436a38f3317
Author: Mark Thomas 
AuthorDate: Thu Mar 18 12:23:35 2021 +

Reproducible builds: Make non-bnd processed JARs reproducible
---
 build.properties.default |  4 
 build.xml| 15 +--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index a0355eb..2103fb9 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -29,6 +29,10 @@ version.build=45
 version.patch=0
 version.suffix=-dev
 
+# - Reproducible builds -
+# Uncomment and set to current time for reproducible builds
+#ant.tstamp.now.iso=2021-03-18T06:00:00Z
+
 # - Source control flags -
 git.branch=master
 
diff --git a/build.xml b/build.xml
index 2593c4c..99300f1 100644
--- a/build.xml
+++ b/build.xml
@@ -261,6 +261,7 @@
 
 
 
+
   
   
 
@@ -985,6 +986,11 @@
 
 
 
+
+
+  
+
   
 
   
 
 
+
+
+  
+
   
 
   
@@ -3666,7 +3676,7 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
   
-
+
   
 
 
@@ -3674,9 +3684,10 @@ Read the Building page on the Apache Tomcat 
documentation site for details on ho
   
   
+  
   
   
-
+
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds: Make non-bnd processed JARs reproducible

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/master by this push:
 new 3149bef  Reproducible builds: Make non-bnd processed JARs reproducible
3149bef is described below

commit 3149befcb31301bc1eb115440858d34ae8adc516
Author: Mark Thomas 
AuthorDate: Thu Mar 18 12:23:35 2021 +

Reproducible builds: Make non-bnd processed JARs reproducible
---
 build.properties.default |  4 
 build.xml| 15 +--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 3e6b261..3878450 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -29,6 +29,10 @@ version.build=5
 version.patch=0
 version.suffix=-dev
 
+# - Reproducible builds -
+# Uncomment and set to current time for reproducible builds
+#ant.tstamp.now.iso=2021-03-18T06:00:00Z
+
 # - Source control flags -
 git.branch=master
 
diff --git a/build.xml b/build.xml
index 8338af0..aa727ae 100644
--- a/build.xml
+++ b/build.xml
@@ -266,6 +266,7 @@
 
 
 
+
   
   
 
@@ -990,6 +991,11 @@
 
 
 
+
+
+  
+
   
 
   
 
 
+
+
+  
+
   
 
   
@@ -3698,7 +3708,7 @@ Read the Building page on the Apache Tomcat documentation 
site for details on ho
 
   
   
-
+
   
 
 
@@ -3706,9 +3716,10 @@ Read the Building page on the Apache Tomcat 
documentation site for details on ho
   
   
+  
   
   
-
+
 
   
   

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[tomcat] branch master updated: Reproducible builds: Make bnd processed JARs reproducible