Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not build two shared libraries #72

Merged
merged 1 commit into from Oct 7, 2018
Merged

Do not build two shared libraries #72

merged 1 commit into from Oct 7, 2018

Conversation

bmwiedemann
Copy link
Contributor

Without this patch, when building with make -j1
cmake would create and install two shared libraries
libcbor.so and libcbor.so.0.0.0
instead of creating libcbor.so as a symlink.
This broke verification of reproducible builds.

See https://reproducible-builds.org/ for why this matters.

Also, (like before) do not install libcbor.a
because static linking is bad for maintainability
(because all programs have to be re-built with fixed libraries)

This PR was done while working on reproducible builds for openSUSE.

@bmwiedemann
Do not build two shared libraries
965d41b 
Without this patch, when building with make -j1
cmake would create and install two shared libraries
libcbor.so and libcbor.so.0.0.0
instead of creating libcbor.so as a symlink.
This broke verification of reproducible builds.

See https://reproducible-builds.org/ for why this matters.

Also, (like before) do not install libcbor.a
because static linking is bad for maintainability
(all programs have to be re-built with fixed libraries)
@bmwiedemann
Copy link
Contributor Author

bmwiedemann commented Oct 7, 2018
edited

autogenerated provenance graph for libcbor.so https://www.zq1.de/~bernhard/images/rb/libcbor-j1.svg - notice the tooltips for the two left-hand strands mentioning "cbor" and "cbor_shared"

@PJK
Copy link
Owner

PJK commented Oct 7, 2018

This is great, thank you, @bmwiedemann! And well spotted with the static library.

As a side question, is there some automated check I can use to keep libcbor verification-friendly in the future?

@PJK PJK merged commit 75a6cc7 into PJK:master Oct 7, 2018
@bmwiedemann
Copy link
Contributor Author

You can try to avoid the ~12 basic indeterminisms described in https://github.com/bmwiedemann/theunreproduciblepackage (e.g. 'race' in this case)

But you don't really need to, because I'll watch whatever goes into openSUSE ;-)
There are also continuous tests running for Debian, published at
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/libcbor.html
but somehow they did not catch this case.

@bmwiedemann bmwiedemann deleted the static branch March 24, 2019 19:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Build issues
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bmwiedemann @PJK