[Git][reproducible-builds/reproducible-website][master] 2 commits: Add ablity to override the entire <head> title.

Chris Lamb gitlab at salsa.debian.org
Sun Dec 23 19:40:27 CET 2018 

Chris Lamb pushed to branch master at Reproducible Builds / reproducible-website


Commits:
e56d4a66 by Chris Lamb at 2018-12-23T17:50:33Z
Add ablity to override the entire <head> title.

- - - - -
5ad02fca by Chris Lamb at 2018-12-23T18:40:16Z
Move homepage to new style.

- - - - -


3 changed files:

- _includes/new/head.html
- − index.html
- + index.md


Changes:

=====================================
_includes/new/head.html
=====================================
@@ -1,6 +1,6 @@
 <head>
   <meta charset="utf-8">
-  <title>{% if page.title %}{{ page.title }} — {% endif %}{{ site.title }}</title>
+  <title>{% if page.title_head %}{{ page.title_head }}{% else %}{% if page.title %}{{ page.title }} — {% endif %}{{ site.title }}{% endif %}</title>
 
   <link rel="stylesheet" href="{{ "/assets/styles/main.css" | prepend: site.baseurl }}">
   <link rel="shortcut icon" type="image/png" href="{{ "/assets/images/favicon.png" | prepend: site.baseurl }}"/>


=====================================
index.html deleted
=====================================
@@ -1,138 +0,0 @@
----
-layout: home
----
-{% assign sorted_pages = site.pages | sort:"order" %}
-<nav>
-  <div class="hide-on-mobiles">
-    {% for page in sorted_pages %}
-      {% if page.title and page.order >= 0 %}<a class="page-link" href="{{ page.url | prepend: site.baseurl }}">{{ page.title }}</a>{% endif %}
-    {% endfor %}
-  </div>
-  <div class="show-on-mobiles">
-    <select onchange="if (this.value) window.location.href=this.value">
-      <option value="">reproducible-builds.org</option>
-      {% for page in sorted_pages %}
-        {% if page.title and page.order >= 0 %}<option value="{{ page.url | prepend: site.baseurl }}">{{ page.title }}</option>{% endif %}
-      {% endfor %}
-    </select>
-  </div>
-</nav>
-
-<div class="row">
-  <div class="four columns title">
-    <h2 id="what">What is it about?</h1>
-  </div>
-  <div class="eight columns text">
-    <p>
-      <strong>Reproducible builds</strong> are a set of software development
-      practices that create an <strong>independently-verifiable path</strong>
-      from <strong>source code to the binary code</strong> used by computers.
-      (<a href="{{ "/docs/definition/" | prepend: site.baseurl }}">Full definition</a>)
-    </p>
-  </div>
-</div>
-
-<br>
-
-<div class="row">
-  <div class="four columns title">
-    <h2 id="why">Why does it matter?</h1>
-  </div>
-  <div class="eight columns text">
-    <p>
-      Whilst anyone can inspect the source code of free and open source
-      software for malicious flaws, most software is distributed pre-compiled
-      with no method to confirm whether they correspond.
-    </p>
-    <p>
-      This incentivises attacks on developers who release software, not only
-      via traditional exploitation but moreover in the forms of political
-      influence, blackmail or even threats of violence.
-    </p>
-    <p>
-      This is particularly a concern for developers collaborating on privacy or
-      security software: attacking these typically result in compromising
-      particularly politically-sensitive targets such as dissidents,
-      journalists and whistleblowers, as well as anyone wishing to communicate
-      securely under a repressive regime.
-    </p>
-    <p>
-      Whilst individual developers are a natural target, it additionally
-      encourages attacks on build infrastructure as an successful attack would
-      provide access to a large number of downstream computer systems. By
-      modifying the generated binaries here instead of modifying the upstream
-      source code, illicit changes are essentially invisible to its original
-      authors and users alike.
-    </p>
-    <p>
-      The motivation behind the <em>Reproducible Builds</em> project is therefore
-      to allow verification that no vulnerabilities or backdoors have been
-      introduced during this compilation process. By promising
-      <strong>identical results</strong> are always generated from a given
-      source, this allows <strong>multiple third parties</strong> to come to a
-      consensus on a "correct" result, highlighting any deviations as suspect
-      and worthy of scrutiny.
-    </p>
-    <p>
-      This ability to notice if a developer has been compromised then
-      deters such threats or attacks ocurring in the first place as any
-      compromise would be quickly detected. This offers comfort to front-liners
-      that they not only can be threatened, but they would not be co-erced into
-      exploiting or exposing their colleagues or end-users.
-    <p>
-      <a href="/who/"><strong>Several free software projects</strong></a>
-      already, or will soon, provide reproducible builds.
-    </p>
-  </div>
-</div>
-
-<br>
-
-<div class="row">
-  <div class="four columns title">
-    <h2 id="how">How?</h1>
-  </div>
-  <div class="eight columns text">
-    <p>
-      First, the <strong>build system needs to be made entirely
-      deterministic</strong>: transforming a given source must always create
-      the same result. For example, the current date and time must not be
-      recorded and output always has to be written in the same order.
-    </p>
-    <p>
-      Second, the set of tools used to perform the build and more generally the
-      <strong>build environment</strong> should either be <strong>recorded or
-      pre-defined</strong>.
-    <p>
-      Third, users should be given a way to recreate a close enough build
-      environment, perform the build process, and <strong>validate that the
-      output matches the original build</strong>.
-    </p>
-    <p>
-      Learn more about <a href="/docs/"><strong>how to make your software build
-      reproducibly…</strong></a>
-    </p>
-  </div>
-</div>
-
-<br>
-
-<div class="row">
-  <div class="four columns title">
-    <h2 id="news">News</h1>
-  </div>
-  <div class="eight columns">
-    <br>
-    <p class="rss-subscribe"><a href="{{ "/blog" | prepend: site.baseurl }}">Read our most recent weekly report</a>.</p>
-    <br>
-    <ul class="posts">
-      {% for post in site.posts limit:3 %}
-        <li>
-          <span class="post-date">{{ post.date | date: "%b %-d, %Y" }}</span>
-          <a class="post-link" href="{{ post.url | prepend: site.baseurl }}">{{ post.title }}</a>
-        </li>
-      {% endfor %}
-    </ul>
-    <p class="rss-subscribe"><a href="{{ "/feed.xml" | prepend: site.baseurl }}">Subscribe via RSS</a>.</p>
-  </div>
-</div>


=====================================
index.md
=====================================
@@ -0,0 +1,97 @@
+---
+layout: new/default
+title: Home
+title_head: Reproducible Builds — a set of software development practices that create an independently-verifiable path from source to binary code
+order: 0
+---
+
+<div class="text-center mt-md-5">
+    <a href="{{ "/" | prepend: site.baseurl }}">
+        <img class="img-fluid" src="{{ "/assets/images/logo-text.svg" | prepend: site.baseurl }}" alt="Reproducible Builds" style="height: 150px;" />
+    </a>
+
+    <p class="lead mt-sm-3 mt-md-5 mx-md-5 px-md-5">
+        <strong>Reproducible builds</strong> are a set of software development
+        practices that create an independently-verifiable path from source
+        to binary code.
+
+        <small class="d-none d-sm-inline">
+            (<a href="{{ "/docs/definition/" | prepend: site.baseurl }}">more</a>)
+        </small>
+    </p>
+</div>
+
+## Why does it matter?
+
+Whilst anyone can inspect the source code of free and open source software for
+malicious flaws, most software is distributed pre-compiled with no method to
+confirm whether they correspond.
+
+This incentivises attacks on developers who release software, not only via
+traditional exploitation, but also in the forms of political influence,
+blackmail or even threats of violence.
+
+This is particularly a concern for developers collaborating on privacy or
+security software: attacking these typically result in compromising
+particularly politically-sensitive targets such as dissidents, journalists and
+whistleblowers, as well as anyone wishing to communicate securely under a
+repressive regime.
+
+Whilst individual developers are a natural target, it additionally encourages
+attacks on build infrastructure as an successful attack would provide access to
+a large number of downstream computer systems. By modifying the generated
+binaries here instead of modifying the upstream source code, illicit changes
+are essentially invisible to its original authors and users alike.
+
+The motivation behind the **Reproducible Builds** project is therefore to allow
+verification that no vulnerabilities or backdoors have been introduced during
+this compilation process. By promising **identical results** are always
+generated from a given source, this allows **multiple third parties** to come
+to a consensus on a "correct" result, highlighting any deviations as suspect
+and worthy of scrutiny.
+
+This ability to notice if a developer has been compromised then
+deters such threats or attacks ocurring in the first place as any
+compromise would be quickly detected. This offers comfort to front-liners
+that they not only can be threatened, but they would not be co-erced into
+exploiting or exposing their colleagues or end-users.
+
+[Several free software projects]({{ "/who/" | prepend: site.baseurl }})
+already, or will soon, provide reproducible builds.
+
+## How?
+
+First, the **build system needs to be made entirely deterministic**:
+transforming a given source must always create the same result. For example,
+the current date and time must not be recorded and output always has to be
+written in the same order.
+
+Second, the set of tools used to perform the build and more generally the
+**build environment** should either be **recorded or pre-defined**.
+
+Third, users should be given a way to recreate a close enough build
+environment, perform the build process, and **validate that the output matches
+the original build**.
+
+Learn more about [how to make your software build reproducibly…]({{ "/docs" | prepend: site.baseurl }})
+
+## News
+
+<ul class="list-unstyled">
+    {% assign by_week = site.blog | sort: "week" | reverse  %}
+    {% for page in by_week limit: 2 %}
+    {% if page.published %}
+    <li>
+        <span class="text-muted">{{ page.published | date: "%b %-d, %Y" }}</span>:
+        <a href="{{ "/blog/posts/" | append: page.week | append: "/" | prepend: site.baseurl }}">Reproducible Builds: Weekly report #{{ page.week }}</a>
+    </li>
+    {% endif %}
+    {% endfor %}
+
+    {% for post in site.posts limit: 3 %}
+    <li>
+        <span class="text-muted">{{ post.date | date: "%b %-d, %Y" }}</span>:
+        <a href="{{ post.url | prepend: site.baseurl }}">{{ post.title }}</a>
+    </li>
+    {% endfor %}
+</ul>



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/5e10be8c052da9e517df46944b5a1a6cba0bcb34...5ad02fca26f5c185567812040ccb9cd7c840e4af

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/5e10be8c052da9e517df46944b5a1a6cba0bcb34...5ad02fca26f5c185567812040ccb9cd7c840e4af
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20181223/76920030/attachment.html>

More information about the rb-commits mailing list