[Git][reproducible-builds/reproducible-website][master] 3 commits: Misc changes prior to publishing.
Chris Lamb
gitlab at salsa.debian.org
Tue Feb 12 13:31:07 CET 2019
Chris Lamb pushed to branch master at Reproducible Builds / reproducible-website
Commits:
c9596e2d by Chris Lamb at 2019-02-12T12:30:50Z
Misc changes prior to publishing.
- - - - -
a2b69623 by Chris Lamb at 2019-02-12T12:30:53Z
Drop FIXME to prevent false-positive FIXME detection (!).
- - - - -
f0614391 by Chris Lamb at 2019-02-12T12:30:58Z
published as https://reproducible-builds.org/blog/posts/198/
- - - - -
1 changed file:
- _blog/posts/198.md
Changes:
=====================================
_blog/posts/198.md
=====================================
@@ -1,27 +1,28 @@
---
layout: new/blog
week: 198
+published: 2019-02-12 12:30:58
---
Here's what happened in the [Reproducible Builds](https://reproducible-builds.org) effort between Sunday February 3rd and Saturday February 9th 2019:
-* This year, we intend to participate in [Google Summer of Code](https://summerofcode.withgoogle.com/) 2019. If you are interested in becoming a student or mentor please see [our entry on the wiki page](https://wiki.debian.org/SummerOfCode2019/Projects#SummerOfCode2019.2FProjects.2FReproducibleBuilds.Reproducible_Builds).
+* The Reproducible Builds project intends to participate in [Google Summer of Code](https://summerofcode.withgoogle.com/) in 2019. If you are interested in becoming a student or mentor please see [our entry on the wiki page](https://wiki.debian.org/SummerOfCode2019/Projects#SummerOfCode2019.2FProjects.2FReproducibleBuilds.Reproducible_Builds).
* In a blog post entitled "[Huawei case demonstrates importance of Free Software for security](https://fsfe.org/news/2019/news-20190205-01.en.html)" the [FSFE](https://fsfe.org) raised their voice in the [recent wider discussions regarding Huawei and 5G](https://www.zdnet.com/article/huawei-will-need-5-years-and-2b-to-resolve-uk-security-concerns-report/):
- > To establish trust in critical infrastructure like 5G, it is a crucial precondition that all software code powering those devices is published under a Free and Open Source Software licence" and furthermore points out that in case of binary distribution it is "necessary that there are reproducible builds.
+ > To establish trust in critical infrastructure like 5G, it is a crucial precondition that all software code powering those devices is published under a Free and Open Source Software licence" and furthermore points out that in case of binary distribution it is "necessary that there are reproducible builds".
-* Reproducible Builds were present at both [FOSDEM 2019](https://fosdem.org/2019/schedule/) and [CopyLeftConf](https://2019.copyleftconf.org/) handing out t-shirts to contributors. The latter event was run under the auspices of the [Software Freedom Conservancy](https://sfconservancy.org/) who act as the Reproducible Builds project fiscal sponsor and are a not-for-profit 501(c)(3) charity focused on ethical technology and user freedom. If you like the work of the Conservancy or the Reproducible Builds project, please consider [becoming an official supporter](https://sfconservancy.org/supporter/).
+* Reproducible Builds were present at both [FOSDEM 2019](https://fosdem.org/2019/schedule/) and [CopyLeftConf](https://2019.copyleftconf.org/) handing out t-shirts to a number of contributors. The latter event was run under the auspices of the [Software Freedom Conservancy](https://sfconservancy.org/) who also act as the Reproducible Builds project fiscal sponsor and are a not-for-profit 501(c)(3) charity focused on ethical technology and user freedom. If you like the work of the Conservancy or the Reproducible Builds project, please consider [becoming an official supporter](https://sfconservancy.org/supporter/).
* [diffoscope](https://diffoscope.org/) is our in-depth "diff-on-steroids" utility which helps us diagnose reproducibility issues in packages. This week, Chris Lamb adjust the behaviour to not look for adjacent `-dbgsym` Debian package files automatically anymore to align better with users' expectations. The existing behaviour can be re-enabled by specifying the new `--use-dbgsym` flag ([#44](https://salsa.debian.org/reproducible-builds/diffoscope/issues/44) / [#920701](https://bugs.debian.org/920701)).
Chris then [released and uploaded this as part of version `110`](https://tracker.debian.org/news/1028027/accepted-diffoscope-110-source-all-into-unstable/) but it was then reported that this introduced a regression where we had stopped using the `-dbgsym` packages when comparing `.buildinfo` or `.changes files`. This was subsequently fixed via [issue #46](https://salsa.debian.org/reproducible-builds/diffoscope/issues/46).
-* Bernhard M. Wiedemann a wrote [script to export CSV data](https://github.com/bmwiedemann/reproducibleopensuse/blob/master/rbplot.pl) of openSUSE reproducibility stats over time and [graphed it](https://rb.zq1.de/compare.factory/graph.png) using [Debian's graphing tool](https://salsa.debian.org/qa/jenkins.debian.net/blob/master/bin/make_graph.py).
+* Bernhard M. Wiedemann a wrote [script to export CSV data](https://github.com/bmwiedemann/reproducibleopensuse/blob/master/rbplot.pl) of [openSUSE](https://opensuse.org) reproducibility statistics over time and [graphed it](https://rb.zq1.de/compare.factory/graph.png) using [Debian's graphing tool](https://salsa.debian.org/qa/jenkins.debian.net/blob/master/bin/make_graph.py).
-* The [Nix](https://nixos.org/nix) "purely functional package manager" published a new "[r13y.com](https://r13y.com/)" single-page website that documents the current state of reproducibility in that distribution, a possible partner to [isdebianreproducibleyet.com](https://isdebianreproducibleyet.com/).
+* The [Nix](https://nixos.org/nix) "purely functional package manager" published a new [r13y.com](https://r13y.com/) "single-page" website that documents the current state of reproducibility in that distribution, a possible partner to [isdebianreproducibleyet.com](https://isdebianreproducibleyet.com/).
-* On Tuesday February 26th Chris Lamb will speak at [Speck&Tech 31 "Open Security"](https://www.eventbrite.com/e/specktech-31-open-security-tickets-53503912643) on Reproducible Builds in Trento, Italy.
+* On Tuesday 26th February Chris Lamb will speak at [Speck&Tech 31 "Open Security"](https://www.eventbrite.com/e/specktech-31-open-security-tickets-53503912643) on Reproducible Builds in Trento, Italy.
* Holger uploaded [koji version `1.16.1-1` to Debian](https://tracker.debian.org/news/1028398/accepted-koji-1161-1-source-into-unstable/) in order to package a new upstream version.
@@ -29,7 +30,7 @@ Here's what happened in the [Reproducible Builds](https://reproducible-builds.or
* Hervé Boutemy made more updates to the [reproducible-builds.org](https://reproducible-builds.org) project website, including specifying the implications of using `-Dline.separator` with respect to UNIX line endings [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/3fdaa2f)]. In addition, Holger Levsen added a link to the "[who]({{ "/who/" | prepend: site.baseurl }})" page for the tests page for [NixOS](https://nixos.org/nix/) [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/9093f6c)] and Mykola Nikishov fixed a dead link to [how-to contribute]({{ "/contribute/" | prepend: site.baseurl }}) page [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/b7ac922)].
-* While reproducing Arch Linux packages Jelle van der Waa and Santiago Torres discovered that the size field in pacman's package metadata is not reproducible on different filesystems. For example building on tmpfs versus ext4 records a different package size, more information can be found in the [pacman bugreport](https://bugs.archlinux.org/task/61717).
+* Whilst reproducing [Arch Linux](https://www.archlinux.org/) packages Jelle van der Waa and Santiago Torres discovered that the size field in [pacman](https://wiki.archlinux.org/index.php/pacman)'s package metadata is not reproducible on different filesystems. For example building on `tmpfs` versus `ext4` results a different package size. More information may be found be found on the [associated bug report](https://bugs.archlinux.org/task/61717).
## Packages reviewed and fixed, and bugs filed
@@ -42,7 +43,7 @@ Here's what happened in the [Reproducible Builds](https://reproducible-builds.or
* [#921511](https://bugs.debian.org/921511) filed against [python-octaviaclient](https://tracker.debian.org/pkg/python-octaviaclient) (forwarded and merged upstream [on Github](https://github.com/openstack/python-octaviaclient/pull/1) and [Gerrit](https://review.openstack.org/635194)).
* [#921513](https://bugs.debian.org/921513) filed against [sphinx](https://tracker.debian.org/pkg/sphinx) ([forwarded upstream](https://github.com/sphinx-doc/sphinx/pull/6028)).
* Steffen Winterfeldt:
- * [gfxboot](https://github.com/openSUSE/gfxboot/pull/35) (avoid variations in mtime values embedded in cpio archives)
+ * [gfxboot](https://github.com/openSUSE/gfxboot/pull/35) (avoid variations in `mtime` values embedded in [cpio](https://en.wikipedia.org/wiki/Cpio) archives)
## Test framework development
@@ -54,7 +55,7 @@ We operate a comprehensive [Jenkins](https://jenkins.io/)-based testing framewor
* Improve IRC messages. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/f9791397)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/f7019d9a)]
* [Debian](https://www.debian.org/)-specific changes:
- * Perform a large number of cleanups, updating `FIXME`-documentation to match. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/9c099966)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/3975ac64)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/25c9960b)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/ae0b90e5)]
+ * Perform a large number of cleanups, updating documentation to match. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/9c099966)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/3975ac64)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/25c9960b)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/ae0b90e5)]
* Avoid unnecessary `apt install` calls on every deployment run. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/6de8b742)]
* [LEDE](https://en.wikipedia.org/wiki/LEDE)/OpenWrt-specific changes:
@@ -63,14 +64,14 @@ We operate a comprehensive [Jenkins](https://jenkins.io/)-based testing framewor
* Misc/generic changes:
* Clarify where [NetBSD](https://www.netbsd.org/) is actually built. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/3cb41677)]
- * Improve jobs to check the version of [diffoscope](https://diffoscope.org/) relative to upstream in many distributions, [[add such a job for Arch Linux](https://salsa.debian.org/qa/jenkins.debian.net/commit/2a00fdfd)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/68d43d67)]
+ * Improve jobs to check the version of [diffoscope](https://diffoscope.org/) relative to upstream in various distributions. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/2a00fdfd)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/68d43d67)]
* Render the artificial date correctly in the [build variation](https://tests.reproducible-builds.org/debian/index_variations.html) tables. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/7ea459db)]
* Work around a rare and temporary problem when restarting [Munin](http://munin-monitoring.org/). [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/8efeaf25)]
* Drop code relating to [OpenSSH](https://openssh.org) client ports as this is handled via `~/ssh/config` now. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/874a6e23)]
* Fix various bits of documentation. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/b6b2b020)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/56d78d7a)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/1193a073)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/052e30fe)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/707c70eb)]
* [Fedora](https://getfedora.org/)-specific changes:
- * Correctly note that testing Fedora is disabled currently by turning a `FIXME` into a `TODO`. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/025a59ad)]
+ * Correctly note that testing Fedora is currently disabled. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/025a59ad)]
* Abstract some behaviour to make possible testing of other distributions easier. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/ebbb8dce)]
* Only update `mock` on build nodes. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/cd3a475d)]
@@ -79,4 +80,4 @@ In addition, Mattia Rizzolo updated the configuration for `df_inode` [[...](http
---
-This week's edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
+This week's edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Jelle van der Waa & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/5444a71bbc3812f816b2f5b72e40d6136d0107e3...f0614391b7a97e994fa574787b47dc339f1bafe3
--
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/5444a71bbc3812f816b2f5b72e40d6136d0107e3...f0614391b7a97e994fa574787b47dc339f1bafe3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20190212/6fe1156e/attachment.html>
More information about the rb-commits
mailing list