[Git][reproducible-builds/reproducible-website][master] 3 commits: Sort by package name.
Chris Lamb
gitlab at salsa.debian.org
Sun Jul 15 11:11:05 CEST 2018
Chris Lamb pushed to branch master at Reproducible Builds / reproducible-website
Commits:
1f31b1c0 by Chris Lamb at 2018-07-15T09:47:30+01:00
Sort by package name.
- - - - -
e1c55b85 by Chris Lamb at 2018-07-15T09:58:24+01:00
Update grammar in draft template.
- - - - -
5f71842c by Chris Lamb at 2018-07-15T10:10:46+01:00
168: Initial draft.
- - - - -
2 changed files:
- _blog/posts/168.md
- bin/generate-draft.template
Changes:
=====================================
_blog/posts/168.md
=====================================
--- a/_blog/posts/168.md
+++ b/_blog/posts/168.md
@@ -3,40 +3,98 @@ layout: blog
week: 168
---
+Here's what happened in the [Reproducible Builds](https://reproducible-builds.org) effort between Sunday July 8 and Saturday July 14 2018:
+
+* Derek Zimmer wrote a post entitled [Solving an Old Open Source Problem to Improve Security](https://www.privateinternetaccess.com/blog/2018/07/reproducible-builds-solving-an-old-open-source-problem-to-improve-security/) on the [PrivateinternetAccess](https://www.privateinternetaccess.com) blog.
+
* Mathias Clasen wrote a short text about [reproducing flatpacks from source](https://blogs.gnome.org/mclasen/2018/07/07/flatpak-making-contribution-easy/)
-* [FIXME: debian bug on Qt rcc/qrc mtimes](https://bugs.debian.org/894476)
+
+* Ross Vandegrift posted to [our mailing list](https://lists.reproducible-builds.org/listinfo/rb-general) asking a [question about the doxygen documentatin generators's `$year` variable and `SOURCE_DATE_EPOCH`](https://lists.reproducible-builds.org/pipermail/rb-general/2018-July/001075.html).
+
+* Chris Lamb added a link to our website's [resources](https://reproducible-builds.org/resources/) page to add a video link for the talk he gave on Wednesday 13th June at [foss-backstage.de](https://foss-backstage.de) in Berlin, Germany on reproducible builds and [how they prevent developers being targets for malicious attacks](https://foss-backstage.de/session/think-youre-not-target-tale-3-developers).
+
+* Vagrant Cascadian [removed various `armhf` systems with only 1GB of RAM](https://salsa.debian.org/qa/jenkins.debian.net/commit/91e179d9) from the [Reproducible Builds testing framework](http://tests.reproducible-builds.org/).
+
+* There was significant progress on Debian bug [#894476](https://bugs.debian.org/894476) ("rcc: please honour `SOURCE_DATE_EPOCH`")
+
+* 6 package reviews were been added, 3 were been updated and 6 were removed in this week, adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html). In addition, two issue types ([variations\_from\_march\_native](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/89029ae8) and [randomness\_in\_documentation\_generated\_by\_lua\_ldoc](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/06fc7acd)) were added. Lastly, two new classes of issue were added to [theunreproduciblepackage](https://github.com/bmwiedemann/theunreproduciblepackage/tree/master/compile-time-check/).
+
Packages reviewed and fixed, and bugs filed
-------------------------------------------
* Bernhard M. Wiedemann:
- * [lam](https://build.opensuse.org/request/show/621765) (fix date+hostname)
- * [lv2](https://build.opensuse.org/request/show/621773) (use upstreamed patches)
- * [form](https://build.opensuse.org/request/show/621791) (drop march=native)
- * [python-annoy](https://build.opensuse.org/request/show/621794) (drop march=native)
- * [legion](https://build.opensuse.org/request/show/621947) (drop march=native)
- * [trigger-rally](https://build.opensuse.org/request/show/621952) (drop march=native and mtune=native)
- * [glucat](https://build.opensuse.org/request/show/621954) (drop march=native ([bug](https://bugzilla.opensuse.org/show_bug.cgi?id=1100520)))
* [bash](https://bugzilla.opensuse.org/show_bug.cgi?id=1100488) (strcpy memory corruption, [sent upstream](http://lists.gnu.org/archive/html/bug-bash/2018-07/msg00010.html))
- * [librsb](https://build.opensuse.org/request/show/622196) (dont store compile CPU cache details)
- * [givaro](https://build.opensuse.org/request/show/622366) (compile time CPU detection)
- * [fflas-ffpack](https://build.opensuse.org/request/show/622370) (compile time CPU detection)
- * [redis](https://build.opensuse.org/request/show/622155) (fixed date+hostname)
- * [sudo](https://build.opensuse.org/request/show/622342) (build races?)
- * [qore](https://build.opensuse.org/request/show/622345) (uname -a)
- * [linux-glibc-devel](https://build.opensuse.org/request/show/622351) (uname -r)
- * [pidentd](https://build.opensuse.org/request/show/622364) (uname -r)
* [courier-imap](https://github.com/svarshavchik/courier-libs/pull/10) (merged, date, use `SOURCE_DATE_EPOCH`)
- * [dosemu](https://build.opensuse.org/request/show/622368) (merged, [submitted+merged upstream](https://github.com/stsp/dosemu2/pull/640) date, use `SOURCE_DATE_EPOCH`)
+ * [dapl](https://build.opensuse.org/request/show/622857) (date, use `SOURCE_DATE_EPOCH`)
+ * [dosemu](https://build.opensuse.org/request/show/622368) (merged, [submitted and merged upstream](https://github.com/stsp/dosemu2/pull/640) date, use `SOURCE_DATE_EPOCH`)
+ * [fflas-ffpack](https://build.opensuse.org/request/show/622370) (compile time CPU detection)
+ * [form](https://build.opensuse.org/request/show/621791) (drop `march=native`)
+ * [givaro](https://build.opensuse.org/request/show/622366) (compile time CPU detection)
+ * [glucat](https://build.opensuse.org/request/show/621954) (drop `march=native` ([bug](https://bugzilla.opensuse.org/show_bug.cgi?id=1100520)))
* [infinipath-psm](https://build.opensuse.org/request/show/622529) (date, use `SOURCE_DATE_EPOCH`)
+ * [lam](https://build.opensuse.org/request/show/621765) (fix date and hostname)
+ * [legion](https://build.opensuse.org/request/show/621947) (drop march=native)
+ * [librsb](https://build.opensuse.org/request/show/622196) (dont store compile CPU cache details)
+ * [linux-glibc-devel](https://build.opensuse.org/request/show/622351) (`uname -r`)
+ * [lv2](https://build.opensuse.org/request/show/621773) (use upstreamed patches)
* [opa-fm](https://build.opensuse.org/request/show/622572) (date, use `SOURCE_DATE_EPOCH`)
- * [dapl](https://build.opensuse.org/request/show/622857) (date, use `SOURCE_DATE_EPOCH`)
- * [tuxpaint-config](https://build.opensuse.org/request/show/622524) (date, use `SOURCE_DATE_EPOCH`)
- * [tuxpaint](https://build.opensuse.org/request/show/622523) (date, use `SOURCE_DATE_EPOCH`, [submitted upstream](https://sourceforge.net/p/tuxpaint/tuxpaint/merge-requests/4/))
+ * [openSUSE build env](https://github.com/openSUSE/post-build-checks/pull/20) (fix all `pdflatex` timestamps)
+ * [pidentd](https://build.opensuse.org/request/show/622364) (`uname -r`)
+ * [python-annoy](https://build.opensuse.org/request/show/621794) (drop march=native)
* [python-libsass](https://build.opensuse.org/request/show/622824) (sort `readdir(2)`)
- * [openSUSE build env])https://github.com/openSUSE/post-build-checks/pull/20) (fix all pdflatex timestamps)
+ * [qore](https://build.opensuse.org/request/show/622345) (`uname -a`)
+ * [redis](https://build.opensuse.org/request/show/622155) (date and hostname)
+ * [sudo](https://build.opensuse.org/request/show/622342) (build races?)
+ * [trigger-rally](https://build.opensuse.org/request/show/621952) (drop `march=native` and `mtune=native`)
+ * [tuxpaint-config](https://build.opensuse.org/request/show/622524) (date, use `SOURCE_DATE_EPOCH`)
+ * [tuxpaint](https://build.opensuse.org/request/show/622523) (date, use `SOURCE_DATE_EPOCH`; [submitted upstream](https://sourceforge.net/p/tuxpaint/tuxpaint/merge-requests/4/))
+
+* Chris Lamb:
+ * [#903442](https://bugs.debian.org/903442) filed against [ogdi-dfsg](https://tracker.debian.org/pkg/ogdi-dfsg).
+
+* Evgeny Kapun:
+ * [#903580](https://bugs.debian.org/903580) filed against [aegisub](https://tracker.debian.org/pkg/aegisub).
+
+
+diffoscope development
+----------------------
+
+[diffoscope](https://diffoscope.org) is our in-depth "diff-on-steroids" utility which helps us diagnose reproducibility issues in packages. This week, diffoscope version `99` was [uploaded to Debian unstable](https://tracker.debian.org/news/971762/accepted-diffoscope-99-source-into-unstable/) by Mattia Rizzolo. It [includes contributions already covered in previous weeks](https://salsa.debian.org/reproducible-builds/diffoscope/commits/99) as well as new ones from:
+
+
+* `anthraxx`:
+ * [Add compatibility with `python-libarchive` >= 2.8](https://salsa.debian.org/reproducible-builds/diffoscope/commit/5ed8e48).
+
+* Chris Lamb:
+ * [Support `.deb` archives that contain an uncompressed `data.tar`](https://salsa.debian.org/reproducible-builds/diffoscope/commit/185077c). ([#903401](https://bugs.debian.org/903401))
+ * [Support `.deb` archives that contain an uncompressed `control.tar`](https://salsa.debian.org/reproducible-builds/diffoscope/commit/dc9ee98). ([#903391](https://bugs.debian.org/903391))
+
+* Mattia Rizzolo:
+ * [Do not shadow original import errors when loading comparators](https://salsa.debian.org/reproducible-builds/diffoscope/commit/90028d4).
+ * [Fix `override_dh_clean-does-not-call-dh_clean` Lintian warning](https://salsa.debian.org/reproducible-builds/diffoscope/commit/c0ebadd).
+ * [Autogenerate `debian/tests/control` with all the recommends listed as dependencies](https://salsa.debian.org/reproducible-builds/diffoscope/commit/58ec1c7).
+ * [Add a build-dependency on `procyon-decompiler` to run the tests](https://salsa.debian.org/reproducible-builds/diffoscope/commit/3c05e56).
+ * [Always clean the line before printing a log message](https://salsa.debian.org/reproducible-builds/diffoscope/commit/615095a).
+ * [Clean the terminal line before printing a traceback](https://salsa.debian.org/reproducible-builds/diffoscope/commit/fd6eff9).
+ * [Remove terminal line cleaning; it is handled by the logging module](https://salsa.debian.org/reproducible-builds/diffoscope/commit/e75be7e).
+ * [Fix a test if `/sbin` contains a directory](https://salsa.debian.org/reproducible-builds/diffoscope/commit/8c2b079).
+
+
+reprotest development
+---------------------
+
+`reprotest` is our "end-user" tool to build arbitrary software and check it for reproducibility. This week, version `0.7.8` was [uploaded to Debian unstable](https://tracker.debian.org/news/972031/accepted-reprotest-078-source-into-unstable/) by Mattia Rizzolo. It [includes contributions already covered in previous weeks](https://salsa.debian.org/reproducible-builds/reprotest/commits/debian/0.7.8) as additional contributions from Mattia, including:
+
+* [Don't `Recommend` `diffutils` as it is an `Essential:yes` package](https://salsa.debian.org/reproducible-builds/reprotest/commit/823d543).
+* [Point `debian/watch` towards our new release archive](https://salsa.debian.org/reproducible-builds/reprotest/commit/c614a3c).
+* [Fix spelling errors in documentation strings](https://salsa.debian.org/reproducible-builds/reprotest/commit/7173f93).
+* [Use `/usr/share/dpkg/pkg-info.m` to avoid shelling out to `dpkg-parsechangelog`](https://salsa.debian.org/reproducible-builds/reprotest/commit/d08174f).
+* [Recommend `diffoscope` by itself instead as an alternative to `diffutils`](https://salsa.debian.org/reproducible-builds/reprotest/commit/f32a30c).
+
-2 new classes were added to [theunreproduciblepackage](https://github.com/bmwiedemann/theunreproduciblepackage/tree/master/compile-time-check/)
+Misc.
+-----
-* [FIXME](https://www.privateinternetaccess.com/blog/2018/07/reproducible-builds-solving-an-old-open-source-problem-to-improve-security/)
+This week's edition was written by Bernhard M. Wiedemann, Chris Lamb & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
=====================================
bin/generate-draft.template
=====================================
--- a/bin/generate-draft.template
+++ b/bin/generate-draft.template
@@ -35,7 +35,7 @@ In addition, build failure bugs were reported by:
Reviews of unreproducible packages
----------------------------------
-{{ packages_stats['added'] }} package reviews have been added, {{ packages_stats['updated'] }} have been updated and {{ packages_stats['removed'] }} have been removed in this week, adding to our [knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html).
+{{ packages_stats['added'] }} package reviews were added, {{ packages_stats['updated'] }} were updated and {{ packages_stats['removed'] }} were removed in this week, adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html).
FIXME issue types have been updated:
{% for _, xs in issues_yml.items()|sort %}{% for x in xs %}
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/4f5b0f76e966b2176ae517f9040e4a1a779b4142...5f71842ccca6148a2c3eae7d4f9ba9566dd09ac1
--
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/4f5b0f76e966b2176ae517f9040e4a1a779b4142...5f71842ccca6148a2c3eae7d4f9ba9566dd09ac1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20180715/0dd80264/attachment.html>
More information about the rb-commits
mailing list