Differences between revisions 356 and 357
Revision 356 as of 2018-05-19 10:42:18
Size: 5313
Editor: lamby
Comment:
Revision 357 as of 2018-06-05 18:35:51
Size: 5397
Editor: lamby
Comment:
Deletions are marked like this. Additions are marked like this.
Line 24: Line 24:
 * [[DebianBug:894441|#894441: binNMUs should be replaced by easy "no-change-except-debian/changelog-uploads"]]  * [[DebianBug:894441|#894441: binNMUs should be replaced by easy "no-change-
except-debian/changelog-uploads"]]
 * [[DebianBug:900837|#900837: Mass-rebuild of packages for reproducible build]]

It should be possible to reproduce, byte for byte, every build of every package in Debian. More information about reproducible builds in general are available at reproducible-builds.org.

About
About

Howto
Make a package reproducible

?Contribute
?How to help

Toolchain
Experimental toolchain

History
Project history

Alioth
Alioth project

Bugs
Bug reports

Jenkins
Continuous integration

Status

Reproducible builds of Debian as a whole is still not a reality, though individual reproducible builds of packages are possible and being done. So while we are making very good progress, it is a stretch to say that Debian is reproducible.

  • Most packages built in sid today are reproducible under a fixed build-path and environment.

  • We have a new control file *.buildinfo that records the build environment, see deb-buildinfo for reference. Older design drafts are here.

  • We have a continuous integration platform that builds and immediately rebuilds packages. With this we can detect problems related to timestamps, file ordering, CPU usage, (pseudo-)randomness and other things.

  • We are examining packages and sorting out common problems.

  • Many patches have already been submitted, and we are continuously writing new ones.

  • You can check which packages installed on your system are still unreproducible by using the reproducible-check script in the devscripts package.

Next

except-debian/changelog-uploads"]]

  • #900837: Mass-rebuild of packages for reproducible build

  • Tighten up the Policy definition of "reproducible" to be stricter about environment variables and build paths.
    • Discuss which environment variables we should blacklist or whitelist, 876055.

    • Try to push our patches upstream, that allow toolchain programs to build reproducibly even varying build paths.

    • Continue to experiment building packages under varying build paths, to see the extent of this issue.
  • Using .buildinfo data, develop tools that can rebuild previously-built packages including ones from the official Debian archives.

  • Require matching binary packages from the developer and a buildd before accepting the package in the archive. This could initially be opt-in.

For more concrete tasks to be done, look at ?how to contribute.

Statistics from the continuous integration platform

Drivers

  • h01ger
  • lamby
  • infinity0


CategoryDebianDevelopment