New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
reproducible build #175
Comments
What would be a proper fix? |
Exactly, sort all the linker inputs manually and it should be fine. |
Looks like an easy patch. |
I have been quite busy recently so I'm afraid I wouldn't have the time to do so soonish. |
Personally, I have only sent cosmetic patches to obuild. But today I managed to triage all obuild issues. That will be my great open source contribution of the day. :) |
this issue is important for security, it allows people to trust that the binary they use was indeed produced from the source code of the given version |
debian also has a reproducible builds infrastructure in place |
The executable built by obuild, as well as the obuild bootstrap executable, are not reproducible, according to openSUSE's report: https://bugzilla.opensuse.org/show_bug.cgi?id=1087961
I tested it with an Ubuntu 16.04 machine:
I've also compared the
obuild.bootstrap
executables in the two builds, they are also different from each other.The text was updated successfully, but these errors were encountered: