[Git][reproducible-builds/reproducible-website][master] 2 commits: 200: Fix reference to diffoscope image.

Chris Lamb gitlab at salsa.debian.org
Sun Mar 3 11:07:02 CET 2019


Chris Lamb pushed to branch master at Reproducible Builds / reproducible-website


Commits:
5ed67480 by Chris Lamb at 2019-03-03T09:40:08Z
200: Fix reference to diffoscope image.

- - - - -
2303cab5 by Chris Lamb at 2019-03-03T10:06:16Z
201: Initial draft.

- - - - -


3 changed files:

- _blog/posts/200.md
- _blog/posts/201.md
- + images/blog/201/diffoscope.svg


Changes:

=====================================
_blog/posts/200.md
=====================================
@@ -24,7 +24,7 @@ Here's what happened in the [Reproducible Builds](https://reproducible-builds.or
 
 ## diffoscope development
 
-[![]({{ "/images/blog/199/diffoscope.svg" | prepend: site.baseurl }})](https://diffoscope.org)
+[![]({{ "/images/blog/200/diffoscope.svg" | prepend: site.baseurl }})](https://diffoscope.org)
 
 [diffoscope](https://diffoscope.org/) is our in-depth "diff-on-steroids" utility which helps us diagnose reproducibility issues in packages.
 


=====================================
_blog/posts/201.md
=====================================
@@ -3,28 +3,62 @@ layout: new/blog
 week: 201
 ---
 
-* [FIXME](https://bugs.debian.org/911356#46)
+Here's what happened in the [Reproducible Builds](https://reproducible-builds.org) effort between Sunday February 24 and Saturday March 2 2019:
 
-* Holger uploaded koji 1.16.2-1, fixing CVE-2018-1002161. Closes: #922922.
+* On Tuesday 26th Chris Lamb spoke at [Speck&Tech 31 "Open Security"](https://www.eventbrite.com/e/specktech-31-open-security-tickets-53503912643) on Reproducible Builds.
 
-* Eric Myhre reported about the developer of Dwarf Fortress reporting some "butterfly-effect style" bugs in
-deterministic world generation this week: http://www.bay12games.com/dwarves/#2019-02-21 - Reproducible builds: it's not just for compilers, it's for dwarfs too.  And their entire universe...!
+* On [our mailing list](https://lists.reproducible-builds.org/pipermail/rb-general/) this week:
+    * Eric Myhre [posted about the developer of Dwarf Fortress reporting](https://lists.reproducible-builds.org/pipermail/rb-general/2019-February/001473.html) some "butterfly-effect style" bugs in deterministic world generation in a post titled [*Reproducible builds: it's not just for compilers, it's for dwarfs too.  And their entire universe...!*](http://www.bay12games.com/dwarves/#2019-02-21).
+    * Holger Levsen posted an update after he calculated that [Debian is 54% reproducible in practice](https://lists.reproducible-builds.org/pipermail/rb-general/2019-March/001479.html).
 
-* Bernhard M. Wiedemann posted his monthly [*Reproducible Builds status update*](https://lists.opensuse.org/opensuse-factory/2019-02/msg00599.html) for the [openSUSE](https://opensuse.org/) distribution. This includes some verification of official builds, where for 81.2% similar (but not bit-identical) build results were produced.
+* Alexander "*lynxis*" Couzens [announced the first release](https://bugs.debian.org/918480#42) of [`squashfskit`](https://github.com/squashfskit/squashfskit), a set of utilities that create and manipulate read-only compressed file systems that was forked from `squashfs-tools`.
 
-* Vagrant Cascadian updated diffoscope in [GNU Guix](https://www.gnu.org/software/guix/) [[...](https://git.savannah.gnu.org/cgit/guix.git/commit/?id=6dacaa70a0874662cbdabfc6df987cd5a09a518c)].
+* Bernhard M. Wiedemann [posted his monthly Reproducible Builds status update](https://lists.opensuse.org/opensuse-factory/2019-02/msg00599.html) for the [openSUSE](https://opensuse.org/) distribution. This includes some verification of official builds, where 81.2%-similar (NB. not yet bit-identical build results were achieved.
 
-* [squashfskit released](https://bugs.debian.org/918480#42)
+* Graham Christensen corrected some broken links on the [reproducible-builds.org](https://reproducible-builds.org) project website. [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/43ba1a1)][[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/a691971)]
 
-* [FIXME](https://github.com/sphinx-doc/sphinx/pull/6028#issuecomment-467885608)
+* Holger uploaded version `1.16.2-1` of [koji](https://pagure.io/koji) — the RPM building and tracking system — to Debian, fixing [CVE-2018-1002161](https://security-tracker.debian.org/tracker/CVE-2018-1002161) to address a SQL injection attack. ([#922922](https://bugs.debian.irg/922922))
 
-* [FIXME](https://diff.intrinsic.com/)
+* A tool to [compare the differences between between two versions of the same Node "npm" package](https://diff.intrinsic.com/) was released, speaking to the same concerns for code provenance that the Reproducible Builds project has.
+
+* 15 Debian package reviews were added, 3 were updated and 14 were removed in this week, adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html).
+
+## diffoscope development
+
+[![]({{ "/images/blog/201/diffoscope.svg" | prepend: site.baseurl }})](https://diffoscope.org)
+
+[diffoscope](https://diffoscope.org/) is our in-depth "diff-on-steroids" utility which helps us diagnose reproducibility issues in packages. This week:
+
+* Chris Lamb:
+    * Improved the displayed comment when falling back to a binary diff to include the file type. [(#49)](https://salsa.debian.org/reproducible-builds/diffoscope/issues/49)
+    * Tided definition of "no file-specific differences were detected" message suffix. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/a671bfb)]
+    * Corrected a "recurse" typo. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/d41f09b)]
+
+* Vagrant Cascadian updated diffoscope in [GNU Guix](https://www.gnu.org/software/guix/). [[...](https://git.savannah.gnu.org/cgit/guix.git/commit/?id=6dacaa70a0874662cbdabfc6df987cd5a09a518c)]
 
 ## Packages reviewed and fixed, and bugs filed
 
 * Bernhard M. Wiedemann:
     * [scons](https://github.com/SCons/scons/pull/3312) (hostname)
     * [nfs-ganesha](https://build.opensuse.org/request/show/679666) (hostname)
-    * [eigen3](https://build.opensuse.org/request/show/679669) (drop latex .log ; [partially submitted upstream](https://bitbucket.org/eigen/eigen/pull-requests/598/do-not-keep-latex-logs/diff))
+    * [eigen3](https://build.opensuse.org/request/show/679669) (drop LaTeX `.log`, [partially submitted upstream](https://bitbucket.org/eigen/eigen/pull-requests/598/do-not-keep-latex-logs/diff))
+
+* Chris Lamb:
+    * [#923169](https://bugs.debian.org/923169) filed against [node-lunr](https://tracker.debian.org/pkg/node-lunr).
+    * [#923170](https://bugs.debian.org/923170) filed against [heudiconv](https://tracker.debian.org/pkg/heudiconv).
+
+In additiom, one of Chris Lamb's previous patches for the [Sphinx](https://sphinx-doc.org) documentation system [was merged upstream](https://github.com/sphinx-doc/sphinx/pull/6028#issuecomment-467885608).and he [updated his branch against](https://github.com/shadow-maint/shadow/pull/146#issuecomment-468750829) the `shadow` password utility.
+
+## Test framework development
+
+We operate a comprehensive [Jenkins](https://jenkins.io/)-based testing framework that powers [tests.reproducible-builds.org](https://tests.reproducible-builds.org). This week, Holger Levsen made the following improvements:
+
+* Improve the output of the Debian reproducible "SHA1" chcker [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/5a50d32f)], also including stats for non-reproducible binNMUs, `arch:all` and `arch:amd64` packages [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/151b4f00)].
+* Deal with zero results in the SHA1 checker. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/38bf9944)]
+* Node maintenance. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/efbe90df)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/2d0205d5)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/b700d342)]
+
+In addition, Mattia Rizzolo performed some `armhf` node maintenance. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/50f250b9)]
+
+---
 
-* [FIXME](https://github.com/shadow-maint/shadow/pull/146#issuecomment-468750829)
+This week's edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Vagrant Cascadian & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.


=====================================
images/blog/201/diffoscope.svg
=====================================
@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   version="1.1"
+   width="128"
+   height="128"
+   id="svg2">
+  <defs
+     id="defs4" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     transform="matrix(1.0692573,0,0,1.0692573,-328.34726,-503.5515)"
+     id="layer1">
+    <g
+       id="g5409">
+      <g
+         transform="translate(5.418238,0)"
+         id="g5386">
+        <rect
+           width="90.304001"
+           height="50.999996"
+           x="316.36414"
+           y="472.80621"
+           id="rect4667-3"
+           style="fill:none;stroke:none" />
+        <g
+           id="text4673-8"
+           style="font-size:64px;font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;text-align:start;line-height:125%;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#008000;fill-opacity:1;stroke:none;font-family:Inconsolata;-inkscape-font-specification:Inconsolata Medium">
+          <path
+             d="m 316.36413,483.82622 0,3.968 26.304,0 0,-3.968"
+             id="path5371"
+             style="fill:#c00000;fill-opacity:1" />
+          <path
+             d="m 348.36413,483.82622 0,3.968 26.304,0 0,-3.968"
+             id="path5373"
+             style="fill:#c00000;fill-opacity:1" />
+          <path
+             d="m 380.36413,483.82622 0,3.968 26.304,0 0,-3.968"
+             id="path5375"
+             style="fill:#c00000;fill-opacity:1" />
+        </g>
+        <g
+           id="text5366"
+           style="font-size:64px;font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;text-align:start;line-height:125%;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#008000;fill-opacity:1;stroke:none;font-family:Inconsolata;-inkscape-font-specification:Inconsolata Medium">
+          <path
+             d="m 327.69213,496.99019 0,10.88 -11.328,0 0,3.968 11.328,0 0,11.968 4.032,0 0,-11.968 10.944,0 0,-3.968 -10.944,0 0,-10.88 -4.032,0"
+             id="path5378" />
+          <path
+             d="m 359.69213,496.99019 0,10.88 -11.328,0 0,3.968 11.328,0 0,11.968 4.032,0 0,-11.968 10.944,0 0,-3.968 -10.944,0 0,-10.88 -4.032,0"
+             id="path5380" />
+          <path
+             d="m 391.69213,496.99019 0,10.88 -11.328,0 0,3.968 11.328,0 0,11.968 4.032,0 0,-11.968 10.944,0 0,-3.968 -10.944,0 0,-10.88 -4.032,0"
+             id="path5382" />
+        </g>
+      </g>
+      <use
+         id="use5399"
+         x="0"
+         y="0"
+         width="744.09448"
+         height="1052.3622"
+         xlink:href="#g5386" />
+      <use
+         transform="matrix(0.8,0,0,0.8,82.417275,133.65028)"
+         id="use5401"
+         style="opacity:0.85"
+         x="0"
+         y="0"
+         width="744.09448"
+         height="1052.3622"
+         xlink:href="#g5386" />
+      <use
+         transform="matrix(0.6,0,0,0.6,164.83455,260.05454)"
+         id="use5403"
+         style="opacity:0.7"
+         x="0"
+         y="0"
+         width="744.09448"
+         height="1052.3622"
+         xlink:href="#g5386" />
+      <use
+         transform="matrix(0.4,0,0,0.4,247.25182,379.25208)"
+         id="use5405"
+         style="opacity:0.55"
+         x="0"
+         y="0"
+         width="744.09448"
+         height="1052.3622"
+         xlink:href="#g5386" />
+    </g>
+  </g>
+</svg>



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/fe510fdb5b88e3e83faa82bf53d704988e2beb95...2303cab59ff7c08b81d688a43bd14261ea02ff12

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/compare/fe510fdb5b88e3e83faa82bf53d704988e2beb95...2303cab59ff7c08b81d688a43bd14261ea02ff12
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20190303/8a00c781/attachment.html>


More information about the rb-commits mailing list