[Git][reproducible-builds/reproducible-website][master] 2 commits: Misc cosmetic changes.

[Chris Lamb]

Chris Lamb pushed to branch master at Reproducible Builds / reproducible-website


Commits:
8bd69c08 by Chris Lamb at 2018-11-20T13:16:27Z
Misc cosmetic changes.

- - - - -
08d17587 by Chris Lamb at 2018-11-20T13:16:40Z
published as https://reproducible-builds.org/blog/posts/186/

- - - - -


1 changed file:

- _blog/posts/186.md


Changes:

=====================================
_blog/posts/186.md
=====================================
@@ -1,25 +1,26 @@
 ---
 layout: blog
 week: 186
+published: 2018-11-20 13:16:40
 ---
 
 Here's what happened in the [Reproducible Builds](https://reproducible-builds.org) effort between Sunday November 11 and Saturday November 17 2018:
 
-* Code review for the [LLVM](https://llvm.org/) compiler to [support the `-fmacro-prefix-map` argument](https://reviews.llvm.org/D49466) is underway. Like the `-fdebug-prefix-map` flag, this argument replaces a string prefix for the `FILE` [pre-processor macro](https://en.wikipedia.org/wiki/C_preprocessor).
+* Code review for the [LLVM](https://llvm.org/) compiler to [support the `-fmacro-prefix-map` argument](https://reviews.llvm.org/D49466) is currently in progress. Like the `-fdebug-prefix-map` flag, this argument replaces a string prefix for the `FILE` [pre-processor macro](https://en.wikipedia.org/wiki/C_preprocessor).
 
-* Kyle Rankin, the Chief Security Officer of [Puri.sm](https://puri.sm/posts/protecting-the-digital-supply-chain/) posted a blog post entitled "[Protecting the Digital Supply Chain](https://puri.sm/posts/protecting-the-digital-supply-chain/)" which mentions that with Reproducible Builds you can show that no malicious code was injected somewhere in the software supply chain and it matches the code that can be audited:
+* Kyle Rankin, the Chief Security Officer of [Puri.sm](https://puri.sm/posts/protecting-the-digital-supply-chain/) authored a blog post entitled "[Protecting the Digital Supply Chain](https://puri.sm/posts/protecting-the-digital-supply-chain/)" which describes how with Reproducible Builds you can show that no malicious code was injected in software supply chains:
 
     > *Think of it like the combination of a food safety inspector and an independent lab that verifies the nutrition claims on a box of cereal all rolled into one.*
 
-* Upstream chromium-70 now builds reproducibly in openSUSE (with normalized build env) since [it uses the git commit date](https://chromium-review.googlesource.com/c/chromium/src/+/1167913)
-
-* Holger Levsen updated our website to add the [Tor](https://www.torproject.org/) project as participating in our [upcoming Paris Summit](https://reproducible-builds.org/events/paris2018/). In addition, Bernhard M. Wiedemann applied a sitewide change to use consistent capitalisation for [openSUSE](https://www.opensuse.org/) [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/1bd9083)].
+* Holger Levsen updated our website to add the [Tor](https://www.torproject.org/) project as a participant at [our upcoming Paris Summit](https://reproducible-builds.org/events/paris2018/). In addition, Bernhard M. Wiedemann applied a sitewide change to use consistent capitalisation for [openSUSE](https://www.opensuse.org/) [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/1bd9083)].
 
 * 38 Debian package reviews were added, 4 were updated and 19 were removed in this week, adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html). The `nondeterminstic_output_in_pkgconfig_files_generated_by_meson` was removed as a fix was applied upstream [[...](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/e1cf42dc)], and the note for the `randomness_in_binaries_generated_by_golang` issue was updated. ([1](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/0efa6b16), [2](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/8139ba15))
 
+* [diffoscope](https://diffoscope.org/) is our in-depth "diff-on-steroids" utility which helps us diagnose reproducibility issues in packages. This week, [Marius Gedminas](https://gedmin.as/) provided a patch to add a `python_requires` field to diffoscope's `setup.py` [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/8e5e9b8)] and Mattia Rizzolo sorted the list of recommended Python modules in `debian/tests/control` [[...]](https://salsa.debian.org/reproducible-builds/diffoscope/commit/b618777).
+
 * Chris Lamb's previously-authored patches for [GNU mtools](https://www.gnu.org/software/mtools/) to ensure the [Debian Installer](https://www.debian.org/devel/debian-installer/) images could become reproducible which were sent upstream last week ([1](http://lists.gnu.org/archive/html/info-mtools/2018-10/msg00003.html) & [2](http://lists.gnu.org/archive/html/info-mtools/2018-10/msg00004.html)) are now available in upstream's [4.0.20 release](http://lists.gnu.org/archive/html/info-mtools/2018-11/msg00004.html).
 
-* [diffoscope](https://diffoscope.org/) is our in-depth "diff-on-steroids" utility which helps us diagnose reproducibility issues in packages. This week, [Marius Gedminas](https://gedmin.as/) provided a patch to add a `python_requires` field to diffoscope's `setup.py` [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/8e5e9b8)] and Mattia Rizzolo sorted the list of recommended Python modules in `debian/tests/control` [[...]](https://salsa.debian.org/reproducible-builds/diffoscope/commit/b618777).
+* Upstream `chromium-70` now builds reproducibly in [openSUSE](https://opensuse.org) (with a admittedly-normalised build environment) since [it uses the Git commit date](https://chromium-review.googlesource.com/c/chromium/src/+/1167913).
 
 * Chris Lamb uploaded `strip-nondeterminism` (our tool to post-process files to remove known non-deterministic output) version `0.45.0-1` [to Debian unstable](https://tracker.debian.org/news/1002630/accepted-strip-nondeterminism-0450-1-source-all-into-unstable/) in order that [catch invalid ZIP "local" field lengths](https://salsa.debian.org/reproducible-builds/strip-nondeterminism/commit/e5f5008) — we were previously blindly trusting the value supplied in the ZIP file ([#803503](https://bugs.debian.org/803503)). As part of this upload he moved the utility to the [SemVer](https://semver.org) versioning scheme.
 
@@ -33,7 +34,7 @@ Packages reviewed and fixed, and bugs filed
     * [kvirc](https://github.com/kvirc/KVIrc/pull/2411) (drop `uname -r`), Also submitted to openSUSE ([...](https://build.opensuse.org/request/show/649892))
     * [libpt2](https://build.opensuse.org/request/show/649968) (drop `uname -r`)
 
-* Christoph Berg posted some work-in-progress patches for [postgresql-hll](https://github.com/citusdata/postgresql-hll), a [PostgreSQL](https://www.postgresql.org/) extension adding [HyperLogLog data structures](https://en.wikipedia.org/wiki/HyperLogLog) as a native data type to make their build reproducible [to the upstream mailing list](https://www.postgresql.org/message-id/20181113104005.GA32154%40msg.credativ.de).
+* Christoph Berg posted some work-in-progress patches for [postgresql-hll](https://github.com/citusdata/postgresql-hll) (a [PostgreSQL](https://www.postgresql.org/) extension adding [HyperLogLog data structures](https://en.wikipedia.org/wiki/HyperLogLog) as a native data type) to make their build reproducible [to the upstream mailing list](https://www.postgresql.org/message-id/20181113104005.GA32154%40msg.credativ.de).
 
 Test framework development
 --------------------------



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/f18c65b4a6e52b6463d56a4234605805d6685bed...08d17587879439a002278119d01807917a10eee1

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/f18c65b4a6e52b6463d56a4234605805d6685bed...08d17587879439a002278119d01807917a10eee1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20181120/1ad34ba9/attachment.html>