Differences between revisions 349 and 350
Revision 349 as of 2017-05-14 15:12:18
Size: 5319
Editor: HolgerLevsen
Comment: we gotta fix policy
Revision 350 as of 2017-05-15 00:23:29
Size: 5319
Editor: PaulWise
Comment: typo
Deletions are marked like this. Additions are marked like this.
Line 15: Line 15:
  * Due to DebianBug:862059 packages build on the buildd network are only uploaded with unsigned .buildinfo files so far.   * Due to DebianBug:862059 packages built on the buildd network are only uploaded with unsigned .buildinfo files so far.

It should be possible to reproduce, byte for byte, every build of every package in Debian. More information about reproducible builds in general are available at reproducible-builds.org.


Make a package reproducible

?How to help

Experimental toolchain

Project history

Alioth project

Bug reports

Continuous integration


Reproducible builds of Debian as a whole is still not a reality, though individual reproducible builds of packages are possible and being done. So while we are making very good progress, it is a stretch to say that Debian is reproducible.

Statistics from the continuous integration platform


  • Identify more common problems.
  • Change debian-policy so that "packages should build bit by bit identical binary packages" (844431, change to "must" later…)

  • Start a campaign to get developers to fix their packages and/or NMU them once policy has been changed.
  • Publish .buildinfo files uploaded, either into the archive itself (763822) or to buildinfo.debian.net (862073 and 862538), maybe first to the latter as a prototype…

  • Require matching binary packages from the developer and a buildd before accepting the package in the archive. This could initially be opt-in.

For more concrete tasks to be done, look at ?how to contribute.


  • h01ger
  • lamby
  • infinity0