[Git][reproducible-builds/reproducible-website][master] 2019-05: 8 minor fixes

Bernhard M. Wiedemann gitlab at salsa.debian.org
Wed Jun 5 08:03:26 UTC 2019



Bernhard M. Wiedemann pushed to branch master at Reproducible Builds / reproducible-website


Commits:
885eb93b by Bernhard M. Wiedemann at 2019-06-05T08:01:40Z
2019-05: 8 minor fixes

- - - - -


2 changed files:

- _reports/2019-04.md
- _reports/2019-05.md


Changes:

=====================================
_reports/2019-04.md
=====================================
@@ -13,7 +13,7 @@ published: 2019-05-05 17:08:27
 
 As a quick recap, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users pre-compiled. The motivation behind reproducible builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.
 
-In this months's report, we will cover:
+In this month's report, we will cover:
 
 * **Media coverage** — *Compromised toolchains, what makes a good digital product?, etc.*
 * **Upstream news** — *Scala and Go working on reproducibility, etc.*


=====================================
_reports/2019-05.md
=====================================
@@ -14,7 +14,7 @@ In our reports we outline the most important things which have been up to in and
 
 As a quick recap, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users pre-compiled. The motivation behind reproducible builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing third-parties to come to a consensus on whether a build was compromised.
 
-In this months's report, we will cover:
+In this month's report, we will cover:
 
 * **Media coverage** — *More supply chain attacks, Reproducible Builds on the conference circuit, etc.*
 * **Upstream news** — *Mozilla updating their add-on policy, etc.*
@@ -27,7 +27,7 @@ In this months's report, we will cover:
 
 ## Media coverage
 
-* Adam Greenberg reported on [Wired](https://www.wired.com) about the [Barium](https://www.wired.com/story/barium-supply-chain-hackers/), detailing a single group of malicious actors who appear responsible for a veriety supply chain hacks of [CCleaner](https://www.ccleaner.com/), [Asus](https://www.asus.com/) and more, therefore planting backdoors on and gaining access to millions of machines.
+* Adam Greenberg reported on [Wired](https://www.wired.com) about the [Barium](https://www.wired.com/story/barium-supply-chain-hackers/), detailing a single group of malicious actors who appear responsible for a variety supply chain hacks of [CCleaner](https://www.ccleaner.com/), [Asus](https://www.asus.com/) and more, therefore planting backdoors on and gaining access to millions of machines.
 
 * The work of Chris Lamb in/around Debian's Reproducible Builds effort [won a Google Open Source Peer Bonus award](https://opensource.googleblog.com/2019/04/google-open-source-peer-bonus-winners.html), a program with the goal of recognising and supporting the ecosystem and sustainability of free software by rewarding and recognising developers for their contributions to open source projects
 
@@ -63,7 +63,7 @@ There was yet more progress towards making the [Debian Installer](https://www.de
 
 68 reviews of Debian packages were added, 30 were updated and 11 were removed this month, adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html). Chris Lamb discovered, identified and triaged two new issue types, the first identifying randomness in [Fontconfig](https://www.freedesktop.org/wiki/Software/fontconfig/) `.uuid` files [[...](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/0b9e9668) and another [`randomness_in_output_from_perl_deparse`](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/430c2d21).
 
-Finally,[GNU Guix](https://www.gnu.org/software/guix) announced its [1.0.0 release](https://www.gnu.org/software/guix/blog/2019/gnu-guix-1.0.0-released/).
+Finally, [GNU Guix](https://www.gnu.org/software/guix) announced its [1.0.0 release](https://www.gnu.org/software/guix/blog/2019/gnu-guix-1.0.0-released/).
 
 ---
 
@@ -126,10 +126,10 @@ Finally, Vagrant Cascadian [submitted a patch](https://patchwork.ozlabs.org/patc
 * Mattia Rizzolo:
 
     * Uploaded version `115` [to Debian experimental](https://tracker.debian.org/news/1040177/accepted-diffoscope-115-source-all-into-experimental/).
-    * Adjust various build and test-dependencies, including specifing the [ffmpeg](https://ffmpeg.org/) video encoding tool/library and the [Black](https://ffmpeg.org/) code formatter [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/0eddfab)] in the build-dependenciess [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/d2d3dec)] and reinstating the [oggvideotools](https://sourceforge.net/projects/oggvideotools/) and `procyon-decompiler` as test dependencies, now that are no-longer buggy [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/6940757)], etc.
+    * Adjust various build and test-dependencies, including specifying the [ffmpeg](https://ffmpeg.org/) video encoding tool/library and the [Black](https://ffmpeg.org/) code formatter [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/0eddfab)] in the build-dependencies [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/d2d3dec)] and reinstating the [oggvideotools](https://sourceforge.net/projects/oggvideotools/) and `procyon-decompiler` as test dependencies, now that are no-longer buggy [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/6940757)], etc.
     * Make the Debian autopkgtests not fail when a limited subset of "required tools" are temporarily unavailable. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/f584fa2)][[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/3d74240)][[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/2e11182)]
 
-In addition, Santiago Torres altered the behavour of the tests to ensure compatibility with various versions of [file(1)]() [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/0f02296)] and Vagrant Cascadian added support for various external tools in [GNU Guix](https://www.gnu.org/software/guix/) [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/7f3416f)] and updated the version of *diffoscope* in that distribution [[...](https://git.savannah.gnu.org/cgit/guix.git/commit/?id=ff793da66918ace85048f90dc069415ef067ba06)].
+In addition, Santiago Torres altered the behaviour of the tests to ensure compatibility with various versions of [file(1)]() [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/0f02296)] and Vagrant Cascadian added support for various external tools in [GNU Guix](https://www.gnu.org/software/guix/) [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/7f3416f)] and updated the version of *diffoscope* in that distribution [[...](https://git.savannah.gnu.org/cgit/guix.git/commit/?id=ff793da66918ace85048f90dc069415ef067ba06)].
 
 
 #### try.diffoscope.org
@@ -144,7 +144,7 @@ Chris Lamb made a large number of following changes to the web-based ("no instal
 
 * Updated and upgraded the underlying operating system to the Debian *stable* distribution.
 
-* Moved the [canonical Git repository](https://salsa.debian.org/reproducible-builds/try.diffoscope.org) from Github to the [Reproducible Builds group on salsa.debian.org](https://salsa.debian.org/reproducible-builds/try.diffoscope.org), requiring moving to Gitlab's own [continuous integration (CI) support](https://docs.gitlab.com/ee/ci/) from [Travis CI](https://travis-ci.org/), working around the aggressive firewall (exclusively outgoing ports 80/443) applied to the [Salsa](https://salsa.debian.org/)-based CI runners.
+* Moved the [canonical Git repository](https://salsa.debian.org/reproducible-builds/try.diffoscope.org) from GitHub to the [Reproducible Builds group on salsa.debian.org](https://salsa.debian.org/reproducible-builds/try.diffoscope.org), requiring moving to GitLab's own [continuous integration (CI) support](https://docs.gitlab.com/ee/ci/) from [Travis CI](https://travis-ci.org/), working around the aggressive firewall (exclusively outgoing ports 80/443) applied to the [Salsa](https://salsa.debian.org/)-based CI runners.
 
 * Avoid having to update the [Let's Encrypt](https://letsencrypt.org/)-provided SSL certificate manually every 90 days by moving to using [Certbot](https://certbot.eff.org/about/) in `--auto` mode.
 
@@ -183,7 +183,7 @@ Mattia Rizzolo [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/dd86
 
 Chris Lamb added various fixes for larger/smaller screens [[...](https://salsa.debian.org/reproducible-builds/reproducible-website.git/commit/edef6f8)], added a logo suitable for printing physical pin badges [[...](https://salsa.debian.org/reproducible-builds/reproducible-website.git/commit/d78fd45)] and refreshed the opening copy text on our [`SOURCE_DATE_EPOCH`](https://reproducible-builds.org/docs/source-date-epoch) page.
 
-Bernhard M. Wiedemann then [documented a more consise C code example](https://reproducible-builds.org/docs/source-date-epoch/#c) for parsing the `SOURCE_DATE_EPOCH` environment variable [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/547732f)][[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/e1efd6f)] and Holger Levsen added a [link to a specific bug](https://bugzilla.opensuse.org/show_bug.cgi?id=1133809) blocking progress in [openSUSE](https://opensuse.org/) to our [*Who is involved?*](https://reproducible-builds.org/who/) page [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/d9f4bce)].
+Bernhard M. Wiedemann then [documented a more concise C code example](https://reproducible-builds.org/docs/source-date-epoch/#c) for parsing the `SOURCE_DATE_EPOCH` environment variable [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/547732f)][[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/e1efd6f)] and Holger Levsen added a [link to a specific bug](https://bugzilla.opensuse.org/show_bug.cgi?id=1133809) blocking progress in [openSUSE](https://opensuse.org/) to our [*Who is involved?*](https://reproducible-builds.org/who/) page [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/d9f4bce)].
 
 ---
 



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/commit/885eb93b69868df83164ad02f1aceb0271c952b4

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/commit/885eb93b69868df83164ad02f1aceb0271c952b4
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20190605/ebce2972/attachment.html>


More information about the rb-commits mailing list