Chris Lamb wrote:
> Please review the draft for May's Reproducible Builds report:
This has now been published — thanks to all who contributed.
If possible, please share the following link:
https://reproducible-builds.org/reports/2024-05/
.. and also consider retweeting:
On 6/5/24 2:27 PM, Chris Lamb wrote:
Please review the draft for May's Reproducible Builds report:
> whilst “there seems to be consensus about [the] source code for zsh
5.9” in various Linux distributions, it “does not align with the
contents of the zsh Git repository”.
This is factually
one note from the fedora side is that the change proposal mentioned in
April's report was approved, and add-determinism is now running in new
builds for Fedora 41 (rawhide), and work is ongoing to continue the scope
of packages it can operate on.
On Wed, Jun 5, 2024, 08:28 Chris Lamb wrote:
>
Hi all,
Please review the draft for May's Reproducible Builds report:
https://reproducible-builds.org/reports/2024-05/?draft
… or, via the Git repository itself:
https://salsa.debian.org/reproducible-builds/reproducible-website/blob/master/_reports/2024-05.md
I intend to publish it no
Chris Lamb wrote:
> Please review the draft for May's Reproducible Builds report:
This has now been published — thanks to all who contributed. If
you have a moment, please share the following link:
https://reproducible-builds.org/reports/2023-05/
… and also consider retweeting:
Hi all,
Please review the draft for May's Reproducible Builds report:
https://reproducible-builds.org/reports/2023-05/?draft
… or, via the Git repository itself:
https://salsa.debian.org/reproducible-builds/reproducible-website/blob/master/_reports/2023-05.md
I intend to publish it no
Hey Sebastian,
>> As I wrote in your merge request earlier, feel free to commit directly
>> to post drafts in the future!
>
> Alrighty; thanks for the invitation :) I've made an 'access request'
> to the Reproducible Builds group on Salsa so that I'll be able to
> commit directly in future.
Dear Chris,
> Thanks for sending this over; it'll definitely make it into the post
> later today. (I might futz with the formatting a bit, but otherwise it
> looks good as it is.)
Thank you for including the entry!
You have a very nice static site generator setup... being able to see
drafts on
Chris Lamb wrote:
> Please review the draft for May's Reproducible Builds report:
This has now been published — huge thanks to all who contributed.
If possible, please share the following link:
https://reproducible-builds.org/reports/2022-05/
.. and also consider retweeting:
Hey Sebastian,
>
> It's focusing on enhancing support for describing builds in Software
> Bill of Materials, with an express goal of being compatible with the
> Reproducible Builds efforts.
Thanks for sending this over; it'll definitely make it into the post
later today. (I might futz with the
Dear Chris,
Thank you for the notification of this draft! I've made a merge
request to add a section to the report about the new SPDX Builds Team.
It's focusing on enhancing support for describing builds in Software
Bill of Materials, with an express goal of being compatible with the
Reproducible
Hi all,
Please review the draft for May's Reproducible Builds report:
https://reproducible-builds.org/reports/2022-05/?draft
… or, via the Git repository itself:
https://salsa.debian.org/reproducible-builds/reproducible-website/blob/master/_reports/2022-05.md
I intend to publish it no
Chris Lamb wrote:
> Please review the draft for May's Reproducible Builds report:
This has now been published; many thanks to all who contributed.
Please share the following URL:
https://reproducible-builds.org/reports/2021-05/
Alternatively, if you are into that kind of thing, please
Hi all,
Please review the draft for May's Reproducible Builds report:
https://reproducible-builds.org/reports/2021-05/?draft
… or, via the Git repository itself:
https://salsa.debian.org/reproducible-builds/reproducible-website/blob/master/_reports/2021-05.md
I intend to publish it no
> > Bernhard's point is that if Alice has a PGP trust path to a hash value
> > [e.g., if Bob signed some hash value and Alice trusts Bob's key], has
> > a file whose hash is that value, and the hash function is sufficiently
> > strong, then Alice may trust that file as well, _regardless of its
> >
Bernhard M. Wiedemann wrote on Tue, 09 Jun 2020 12:31 +0200:
> Am 08.06.20 um 07:52 schrieb Daniel Shahaf:
> > Besides, there was no question, no concrete request, no clickable
> > URL…
>
> https://walletscrutiny.com/ was mentioned, though.
So was the word "clickable". People are less likely
On Wed, Jun 10, 2020 at 11:51:44AM -0400, Leo Wandersleb wrote:
> Sure but I found it confusing in combination with the quorum logic. If I trust
> my 12 sock puppets, I can reach any quorum that only requires 5 signatures.
> Some
> slightly stronger concept of identity is needed if you go by a
> Bernhard's point is that if Alice has a PGP trust path to a hash value
> [e.g., if Bob signed some hash value and Alice trusts Bob's key], has
> a file whose hash is that value, and the hash function is sufficiently
> strong, then Alice may trust that file as well, _regardless of its
> origin_.
The client side automation/protection is a huge headache for the project I
think.
https://WalletScrutiny.com aims to protect as many users of wallets as possible
and therefore does not look at the license but only at the fact if there is
public source code or not. I have little hope that a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Am 08.06.20 um 07:52 schrieb Daniel Shahaf:
> Besides, there was no question, no concrete request, no clickable
> URL…
https://walletscrutiny.com/ was mentioned, though.
IMHO an interesting and worthwhile project. It probably could use more
Chris Lamb wrote on Sun, 07 Jun 2020 22:50 -:
> Hi Leo,
> > Thanks for featuring WalletScrutiny! My original mail to the list had not
> > yielded feedback, so I was a bit surprised :D
>
> I can't speak for anyone else of course but I've been quite busy with
> other stuff so your mail kept
Hi Leo,
> Regarding feedback to the report: Why did the BlueWallet get this special
> mention? On WalletScrutiny.com, every wallet that is "not verifiable" has such
> a GitHub issue, linked to from the website.
One of the many responsibilities of writing these reports involves
keeping a watchful
On 6/2/20 10:20 AM, Chris Lamb wrote:
> Hi all,
>
> Please review the draft for May's Reproducible Builds report:
>
Thanks for featuring WalletScrutiny! My original mail to the list had not
yielded feedback, so I was a bit surprised :D
Regarding feedback to the report: Why did the BlueWallet get
Chris Lamb wrote:
> Please review the draft for May's Reproducible Builds report:
This has now been published. Please share the following URL:
https://reproducible-builds.org/reports/2020-05/
Please consider retweeting or promoting:
Hi all,
Please review the draft for May's Reproducible Builds report:
https://salsa.debian.org/reproducible-builds/reproducible-website/blob/master/_reports/2020-05.md
I intend to publish it no earlier than:
$ date -d 'Thu, 04 Jun 2020 12:00:00 +0100'
Chris Lamb wrote:
> Please review the draft for May's Reproducible Builds report:
This has now been published; many thanks to all who contributed.
Please share the following URL:
https://reproducible-builds.org/reports/2019-05/
Alternatively, if you are into that kind of thing, please
Hi all,
Please review the draft for May's Reproducible Builds report:
https://reproducible-builds.org/reports/2019-05/?draft
… or, via the Git respository itself:
https://salsa.debian.org/reproducible-builds/reproducible-website/blob/master/_reports/2019-05.md
I intend to publish it no
27 matches
Mail list logo