[Git][reproducible-builds/reproducible-website][master] 2021-05: Initial draft

Chris Lamb (@lamby) gitlab at salsa.debian.org
Tue Jun 1 15:05:21 UTC 2021



Chris Lamb pushed to branch master at Reproducible Builds / reproducible-website


Commits:
88b4c048 by Chris Lamb at 2021-06-01T16:05:00+01:00
2021-05: Initial draft

- - - - -


10 changed files:

- _reports/2021-05.md
- + images/reports/2021-05/QYH18NpsRu8.png
- + images/reports/2021-05/archlinux.png
- + images/reports/2021-05/debian.png
- + images/reports/2021-05/diffoscope.svg
- + images/reports/2021-05/executive-order.png
- + images/reports/2021-05/notforking.png
- + images/reports/2021-05/reproducible-builds.png
- + images/reports/2021-05/testframework.png
- + images/reports/2021-05/website.png


Changes:

=====================================
_reports/2021-05.md
=====================================
@@ -6,24 +6,212 @@ title: "Reproducible Builds in May 2021"
 draft: true
 ---
 
-* FIXME: David A. Wheeler send an email to the rb-general list, explaining that his PhD Public Defense of "Fully Countering Trusting Trust through Diverse Double-Compiliing (DDC)" at George Mason University (GMU) on 2009-11-23 is now available online.
-	https://lists.reproducible-builds.org/pipermail/rb-general/2021-May/002248.html
-	https://www.youtube.com/watch?v=QYH18NpsRu8
-	https://dwheeler.com/trusting-trust/
+**Welcome to the May 2021 report from the [Reproducible Builds](https://reproducible-builds.org) project**
+{: .lead}
 
+[![]({{ "/images/reports/2021-05/reproducible-builds.png#right" | relative_url }})](https://reproducible-builds.org/)
 
-* [section 4](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/)
-  [summary](https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/12/fact-sheet-president-signs-executive-order-charting-new-course-to-improve-the-nations-cybersecurity-and-protect-federal-government-networks/)
+In these reports we try to  the most important things that we have been up to over the past month. As a quick recap, whilst anyone may inspect the source code of free software for malicious flaws, almost all software is distributed to end users as pre-compiled binaries. If you are interested in contributing to the project, please visit our [*Contribute*]({{ "/contribute/" | relative_url }}) page on our website.
 
-* [Paul Spooren posted a patch for busybox to use SOURCE_DATE_EPOCH for timestamp if available](http://lists.busybox.net/pipermail/busybox/2021-May/088842.html)
-	(Debian and Archlinux so far set KCONFIG_NOTIMESTAMP=1 in their build systems to achieve the same, but this is better.)
+---
+
+[![]({{ "/images/reports/2021-05/executive-order.png#right" | relative_url }})](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/)
+
+The president of the United States [signed an executive order](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/) this month outlining policies aimed to improve the cybersecurity in the US. The executive order comes after a number of highly-publicised security problems such as a ransomware attack that [affected an oil pipeline between Texas and New York](https://www.bbc.co.uk/news/business-57050690) and the [SolarWinds hack](https://www.theverge.com/2021/2/18/22288961/solarwinds-hack-100-companies-9-federal-agencies) that affected a large number of US federal agencies.
+
+A [summary of the (8,000-word) document is available](https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/12/fact-sheet-president-signs-executive-order-charting-new-course-to-improve-the-nations-cybersecurity-and-protect-federal-government-networks/), but section four is relevant in the context of reproducible builds. Titled "*Enhancing Software Supply Chain Security*", it outlines a plan that might involve:
+
+> requiring developers to maintain greater visibility into their software and making security data publicly available. It stands up a concurrent public-private process to develop new and innovative approaches to secure software development and uses the power of Federal procurement to incentivize the market. Finally, it creates a pilot program to create an “energy star” type of label so the government – and the public at large – can quickly determine whether software was developed securely.
+
+In response to this Executive Order, the US [National Institute of Standards and Technology](https://www.nist.gov/) (NIST) announced that [they would host a virtual workshop in early June](https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/workshop-and-call-position-papers) to both respond and attempt to fulfill its terms. In addition, David Wheeler published a blog post on the [Linux Foundation's blog](https://www.linuxfoundation.org/en/blog/) on the topic. Titled [*How LF communities enable security measures required by the US Executive Order on Cybersecurity*](https://www.linuxfoundation.org/en/blog/how-lf-communities-enable-security-measures-required-by-the-us-executive-order-on-cybersecurity/), David's post explicitly mentions reproducible builds, particularly the [Yocto Project](https://www.yoctoproject.org/)'s support for fully-reproducible builds.
+
+<br>
+
+[![]({{ "/images/reports/2021-05/QYH18NpsRu8.png#right" | relative_url }})](https://www.youtube.com/watch?v=QYH18NpsRu8)
+
+David A. Wheeler [posted to our mailing list](https://lists.reproducible-builds.org/pipermail/rb-general/2021-May/002248.html), to announce that the public defense of his [*Fully Countering Trusting Trust through Diverse Double-Compiliing (DDC)*](https://dwheeler.com/trusting-trust/) PhD thesis at [George Mason University](https://www2.gmu.edu/) is now available online.
+
+<br>
+
+[Dan Shearer announced a new tool](https://lists.reproducible-builds.org/pipermail/rb-general/2021-May/002269.html) called "[Not-Forking](https://lumosql.org/src/not-forking/doc/trunk/README.md) which attempts to avoid duplicating the source code of one project within another. This is highly relevant in the context of reproducible builds, as embedded code copies are often the cause of reproducibility: in many cases, addressing the problem upstream (and then ensuring a fixed version is available in distributions) is not a sufficient fix, as any embedded code copies remain unaffected. (This has been observed a number of times, particularly with embedded copies of `help2man` and similar documentation generation tools.)
+
+<br>
+
+[![]({{ "/images/reports/2021-05/archlinux.png#right" | relative_url }})](https://archlinux.org/)
+
+Due to the [recent upheavals on the Freenode IRC network](https://en.wikipedia.org/wiki/Freenode#Ownership_change_and_conflict), the `#archlinux-reproducible` has moved to [Libera Chat](https://libera.chat/). (The more general `#reproducible-builds` IRC channel, which is hosted on the [OFTC](https://www.oftc.net/) network, has not moved.)
+
+<br>
+
+On [our mailing list](https://lists.reproducible-builds.org/listinfo/rb-general), Marcus Hoffman started a thread after finding that he was [unable to hunt down the cause of a unreproducible build of an Android APK package](https://lists.reproducible-builds.org/pipermail/rb-general/2021-May/002264.html) which Bernhard M. Wiedemann managed to track down to a '`pg-map-id`' field and a related checksum. This resulted in an [issue being reported against Google's Android toolchain](https://issuetracker.google.com/issues/189498001) which, as [Marcus himself wrote](https://lists.reproducible-builds.org/pipermail/rb-general/2021-May/002267.html), "hope it get's fixed this year".
+
+<br>
+
+[![]({{ "/images/reports/2021-05/debian.png#right" | relative_url }})](https://debian.org/)
+
+Richard Clobus [reported on his progress towards making the Debian 'Live' image reproducible](https://lists.reproducible-builds.org/pipermail/rb-general/2021-May/002253.html) on [our mailing list](https://lists.reproducible-builds.org/listinfo/rb-general) this month, coordinating with Holger Levsen to add automatic, daily testing of Live images and producing [*diffoscope*](https://diffoscope.org) reports if not. Elsewhere in Debian, 9 reviews of Debian packages were added, 8 were updated and 29 were removed this month adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html). Chris Lamb also identified a new [`random_uuid_in_notebooks_generated_by_nbsphinx`](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/c6a4aa47) toolchain issue.
+
+## Software development
+
+### Upstream patches
+
+* Arthur Gautier created a pull request against the official [RubyGems](https://rubygems.org/) repository in order to cleanup temporary directories that affected reproducibility when building extensions. [[...](https://github.com/rubygems/rubygems/pull/4610)]
+
+* Chris Lamb filed Debian bug [#988978](https://bugs.debian.org/988978) against [`apispec`](https://tracker.debian.org/pkg/apispec) ([forwarded upstream](https://github.com/marshmallow-code/apispec/pull/669)).
+
+* Roland Clobus filed Debian bugs [#988976](https://bugs.debian.org/988976) and [#989203](https://bugs.debian.org/989203) against [`apt-cacher-ng`](https://tracker.debian.org/pkg/apt-cacher-ng) package.
+
+* Paul Spooren [proposed a patch](http://lists.busybox.net/pipermail/busybox/2021-May/088842.html) for the [BusyBox](https://www.busybox.net/) suite of UNIX utilities popular on embedded systems so that it uses [`SOURCE_DATE_EPOCH`](https://reproducible-builds.org/specs/source-date-epoch/) for build timestamps if available. Debian and Arch Linux currently set `KCONFIG_NOTIMESTAMP=1` in their build systems to achieve the same, but as [Eli Schwartz added to the same thread](http://lists.busybox.net/pipermail/busybox/2021-May/088844.html) said: "for overall consistency and coherency, the spec on [reproducible-builds.org]({{ "/" | relative_url }}) does recommend every program respect one variable, `$SOURCE_DATE_EPOCH`, rather than needing to specify a different variable for each program".
+
+### [diffoscope](https://diffoscope.org)
+
+[![]({{ "/images/reports/2021-05/diffoscope.svg#right" | relative_url }})](https://diffoscope.org)
+
+[*diffoscope*](https://diffoscope.org) is the Reproducible Builds project in-depth and content-aware diff utility. Not only can it locate and diagnose reproducibility issues, it provides human-readable diffs from many kinds of binary formats. This month, [Chris Lamb](https://chris-lamb.co.uk) made a number of changes including releasing [version 174](https://diffoscope.org/news/diffoscope-174-released/), [version 175](https://diffoscope.org/news/diffoscope-175-released/) and [version 176](https://diffoscope.org/news/diffoscope-176-released/):
+
+* Bug fixes:
+
+    * Check that we are parsing an actual Debian `.buildinfo` file, not just a file with that particular extension — after all, it could be any file. ([#254](https://salsa.debian.org/reproducible-builds/diffoscope/-/issues/254), [`#987994`](https://bugs.debian.org/987994))
+    * Support signed `.buildinfo` files again. It appears that some versions of [`file(1)`](http://darwinsys.com/file/) reports them as `PGP signed message`. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/698bb26)]
+    * Use the actual filesystem path name (instead of *diffoscope*'s concept of the source archive name) in order to correct filename filtering when an APK file has been extracted from a container format. In particular, we need to filter the auto-incremented `1.apk` instead of `original-name.pk`. ([#255](https://salsa.debian.org/reproducible-builds/diffoscope/issues/-255))
+
+* New features:
+
+    * Update `ffmpeg` tests to work with version 4.4. ([#258](https://salsa.debian.org/reproducible-builds/diffoscope/-/issues/258))
+    * Correct grammar in a `fsimage.py` debug message. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/fcb648e)]
+
+* Misc:
+
+    * Don't unnecessarily call `os.path.basename` twice in the Android APK comparator. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/0ac914e)]
+    * Added instructions on how to install *diffoscope* on [openSUSE](https://opensuse.org) on the *diffoscope* website [[...](https://salsa.debian.org/reproducible-builds/diffoscope-website/commit/235a037)].
+    * Add a comment about stripping filenames. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/d223012)]
+    * Corrected a reference to `site.salsa_url` which was breaking the "File a new issue" link on the website. [[...](https://salsa.debian.org/reproducible-builds/diffoscope-website/commit/4c2dc3e)]
+
+In addition:
+
+* Keith Smiley:
+
+    * Improve support for Apple provisioning profiles. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/ec3e353)]
+    * Fix ignoring `objdump`-related tests on MacOS. MacOS has a version of `objdump(1)` that doesn't support `--info` so the tests would fail on that operating system. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/348c3af)]
+
+* Mattia Rizzolo:
+
+    * Fix recognition of compressed `.xz` archives with `file(1)` version 5.40. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/864644f)][[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/2cd654b)]
+    * Embed small test fixture in the code itself, rather than a separate file. [[...](https://salsa.debian.org/reproducible-builds/diffoscope/commit/df73767)]
+
+### strip-nondeterminism
+
+Chris Lamb made the following changes to [*strip-nondeterminism*](https://tracker.debian.org/pkg/strip-nondeterminism), our tool to remove specific non-deterministic results from a completed build:
+
+* Added support for Python `pyzip` files: they require special handling to not mangle the UNIX shebang. ([#18](https://salsa.debian.org/reproducible-builds/strip-nondeterminism/-/issues/18))
+
+* Dropped `single-debian-patch`, etc. from the Debian source package options. [[...](https://salsa.debian.org/reproducible-builds/strip-nondeterminism/commit/748e202)]
+
+* Version `1.12.0-1` was [uploaded to Debian unstable](https://tracker.debian.org/news/1240523/accepted-strip-nondeterminism-1120-1-source-into-unstable/) by Chris Lamb.
+
+
+### Website and documentation
+
+[![]({{ "/images/reports/2021-04/website.png#right" | relative_url }})](https://reproducible-builds.org/)
+
+Quite a few changes were made to the [main Reproducible Builds website and documentation](https://reproducible-builds.org/) this month, including:
+
+* Arnout Engelen:
+
+    * Explain how to contribute to reproducible builds related to [GNU Guix](https://guix.gnu.org/). [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/3d14ec4)]
+    * Add a section regarding contributing to [NixOS](https://guix.gnu.org/). [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/69c256b)]
+
+* Chris Lamb:
+
+    * Incorporate Holger Levsen's suggestion to improve the homepage text. [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/ee935d8)]
+
+* Holger Levsen:
+
+    * Make the contribute page look a bit less like it is 'under construction', including explaining how we care about all distros and projects. [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/03a3a85)][[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/8d68610)][[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/4f83bda)][[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/deddd80)]
+    * Create an [Arch Linux contribution page]({{ "/contribute/archlinux/" | relative_url }}). [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/6349cf5)][[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/108a0f2)]
+    * Make sponsor link visible in the sidebar. [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/37913ed)]
+
+* Ian Muchina:
+
+    * Add syntax highlight styles. [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/c110824)]
+
+* Jelle van der Waa:
+
+    * Add a few tasks to the [Arch Linux contribution page]({{ "/contribute/archlinux/" | relative_url }}) page. [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/6a4d684)]
+    * Reflect that the `#archlinux-reproducible` IRC channel has moved to [Libera Chat](https://libera.chat/). [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/0131495)]
+
+* Roland Clobus:
+
+    * Added a trailing slash, fixing access to the Debian and Archlinux contribution pages. [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/884ceef)]
+    * Fix markup as reported by `msgfmt`. [[...](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/0c32d7b)]
+
+
+### Testing framework
+
+[![]({{ "/images/reports/2021-05/testframework.png#right" | relative_url }})](https://tests.reproducible-builds.org/)
+
+The Reproducible Builds project operates a [Jenkins](https://jenkins.io/)-based testing framework that powers [`tests.reproducible-builds.org`](https://tests.reproducible-builds.org). This month, the following changes were made:
+
+* Holger Levsen:
+
+    * Automatic node health check improvements:
+
+        * Fix failed [`haveged`](http://www.issihosts.com/haveged/) entropy daemon services. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/523d4165)]
+        * Remedy failed `user-runtime-dir at 0` service invocations. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/f800ed4d)]
+        * Detect failures to connect to the [`review.coreboot.org`](https://review.coreboot.org/) [Gerrit](https://www.gerritcodereview.com/) code review instance. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/b5ab03f9)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/b4076493)]
+
+    * Improvements to the `common-functions.sh` library:
+
+        * Set a more sensible default for the locale early on. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/eb39d28f)]
+        * Various visual improvements, including changes to script output. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/2a199768)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/e2ff6e2b)]
+        * Improvement debug output. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/93dcb458)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/d51dc8d4)]
+        * Only notify an IRC channel if a channel is actually configured. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/f98d6522)]
+
+    * Improvements to cleanup routines:
+
+        * Cleanup `sbuild(1)` directories using `sudo(8)` after three days. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/5f5ca777)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/bdc4ca89)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/c6a25c95)]
+        * Loosen a regular expression to detect failures when removing stuff. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/fca3d447)]
+
+    * Misc:
+
+        * Increase kernel [`inotify(7)`](https://en.wikipedia.org/wiki/Inotify) watch limit further on all hosts. The value is now four times the default now. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/f11e3a2f)]
+        * Don't try to install the `devscripts` package from the *buster-backports* distribution. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/55855688)]
+        * Improve grammar in some comments that are seen every day. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/e4c00614)]
+
+* Mattia Rizzolo:
+
+    * Stop filtering out build failures due to `-ffile-prefix-map`: this flag is the default for the official `dpkg` package, so these are now "real" build failures. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/07652d29)]
+    * Export package 'not for us' (NFU) and 'blacklist' states in the `reproducible.json` file, but keep excluding them from `tracker.json`. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/37d9cc75)]
+    * Update the IP addresses of `armhf` architecture hosts. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/f62cc059)]
+    * Properly alternate between `-amd64` and `-686` Debian kernels on the i386 architecture builders. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/44cae15f)]
+    * Disable the `man-db` package everywhere, to save time in virtually all `apt` install/upgrade actions. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/76837355)]
+
+* Vagrant Cascadian:
+
+    * Add new `armhf` architecture build nodes. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/4921aaea)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/3115fb2a)]
+    * Retire all machines with only 2GiB of ram. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/dbc29d39)]
+    * Drop Debian *buster* kernel configurations for `cbxi4*` and `wbq0` hosts. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/622eabdd)]
+    * Keep `imx6` systems running Debian *buster* kernels. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/27ec7ab4)]
+    * Prepare to switch `armhf` nodes over to Debian *bullseye*. [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/0984d498)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/e5d4fff4)]
+
+Finally, build node maintenance was performed by Holger Levsen [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/c5b6a545)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/21e0b893)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/785c8dcc)] and Vagrant Cascadian [[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/6ad66746)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/f2b71ecf)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/73a1b4de)][[...](https://salsa.debian.org/qa/jenkins.debian.net/commit/9771fd9a)]
+
+
+<br>
+
+If you are interested in contributing to the Reproducible Builds project, please visit our [*Contribute*](https://reproducible-builds.org/contribute/) page on our website. However, you can get in touch with us via:
+
+ * IRC: `#reproducible-builds` on `irc.oftc.net`.
+
+ * Twitter: [@ReproBuilds](https://twitter.com/ReproBuilds)
 
-* [FIXME](https://www.linuxfoundation.org/en/blog/how-lf-communities-enable-security-measures-required-by-the-us-executive-order-on-cybersecurity/)
+ * Mastodon: [@reproducible_builds at fosstodon.org](https://fosstodon.org/@reproducible_builds)
 
-* [FIXME](https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/workshop-and-call-position-papers)
+ * Reddit: [/r/ReproducibleBuilds](https://reddit.com/r/reproduciblebuilds)
 
-* [988978 forwarded](https://github.com/marshmallow-code/apispec/pull/669)
+ * Mailing list: [`rb-general at lists.reproducible-builds.org`](https://lists.reproducible-builds.org/listinfo/rb-general)
 
-* [FIXME](https://github.com/rubygems/rubygems/pull/4610)
+<br>
 
-* FIXME: the irc channel #archlinux-reproducible has been moved to https://libera.chat.
+This month's report was written by Chris Lamb, Holger Levsen and Vagrant Cascadian. It was subsequently reviewed by a bunch of Reproducible Builds folks on IRC and the mailing list.
+{: .small}


=====================================
images/reports/2021-05/QYH18NpsRu8.png
=====================================
Binary files /dev/null and b/images/reports/2021-05/QYH18NpsRu8.png differ


=====================================
images/reports/2021-05/archlinux.png
=====================================
Binary files /dev/null and b/images/reports/2021-05/archlinux.png differ


=====================================
images/reports/2021-05/debian.png
=====================================
Binary files /dev/null and b/images/reports/2021-05/debian.png differ


=====================================
images/reports/2021-05/diffoscope.svg
=====================================
@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   version="1.1"
+   width="128"
+   height="128"
+   id="svg2">
+  <defs
+     id="defs4" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     transform="matrix(1.0692573,0,0,1.0692573,-328.34726,-503.5515)"
+     id="layer1">
+    <g
+       id="g5409">
+      <g
+         transform="translate(5.418238,0)"
+         id="g5386">
+        <rect
+           width="90.304001"
+           height="50.999996"
+           x="316.36414"
+           y="472.80621"
+           id="rect4667-3"
+           style="fill:none;stroke:none" />
+        <g
+           id="text4673-8"
+           style="font-size:64px;font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;text-align:start;line-height:125%;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#008000;fill-opacity:1;stroke:none;font-family:Inconsolata;-inkscape-font-specification:Inconsolata Medium">
+          <path
+             d="m 316.36413,483.82622 0,3.968 26.304,0 0,-3.968"
+             id="path5371"
+             style="fill:#c00000;fill-opacity:1" />
+          <path
+             d="m 348.36413,483.82622 0,3.968 26.304,0 0,-3.968"
+             id="path5373"
+             style="fill:#c00000;fill-opacity:1" />
+          <path
+             d="m 380.36413,483.82622 0,3.968 26.304,0 0,-3.968"
+             id="path5375"
+             style="fill:#c00000;fill-opacity:1" />
+        </g>
+        <g
+           id="text5366"
+           style="font-size:64px;font-style:normal;font-variant:normal;font-weight:500;font-stretch:normal;text-align:start;line-height:125%;letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;text-anchor:start;fill:#008000;fill-opacity:1;stroke:none;font-family:Inconsolata;-inkscape-font-specification:Inconsolata Medium">
+          <path
+             d="m 327.69213,496.99019 0,10.88 -11.328,0 0,3.968 11.328,0 0,11.968 4.032,0 0,-11.968 10.944,0 0,-3.968 -10.944,0 0,-10.88 -4.032,0"
+             id="path5378" />
+          <path
+             d="m 359.69213,496.99019 0,10.88 -11.328,0 0,3.968 11.328,0 0,11.968 4.032,0 0,-11.968 10.944,0 0,-3.968 -10.944,0 0,-10.88 -4.032,0"
+             id="path5380" />
+          <path
+             d="m 391.69213,496.99019 0,10.88 -11.328,0 0,3.968 11.328,0 0,11.968 4.032,0 0,-11.968 10.944,0 0,-3.968 -10.944,0 0,-10.88 -4.032,0"
+             id="path5382" />
+        </g>
+      </g>
+      <use
+         id="use5399"
+         x="0"
+         y="0"
+         width="744.09448"
+         height="1052.3622"
+         xlink:href="#g5386" />
+      <use
+         transform="matrix(0.8,0,0,0.8,82.417275,133.65028)"
+         id="use5401"
+         style="opacity:0.85"
+         x="0"
+         y="0"
+         width="744.09448"
+         height="1052.3622"
+         xlink:href="#g5386" />
+      <use
+         transform="matrix(0.6,0,0,0.6,164.83455,260.05454)"
+         id="use5403"
+         style="opacity:0.7"
+         x="0"
+         y="0"
+         width="744.09448"
+         height="1052.3622"
+         xlink:href="#g5386" />
+      <use
+         transform="matrix(0.4,0,0,0.4,247.25182,379.25208)"
+         id="use5405"
+         style="opacity:0.55"
+         x="0"
+         y="0"
+         width="744.09448"
+         height="1052.3622"
+         xlink:href="#g5386" />
+    </g>
+  </g>
+</svg>


=====================================
images/reports/2021-05/executive-order.png
=====================================
Binary files /dev/null and b/images/reports/2021-05/executive-order.png differ


=====================================
images/reports/2021-05/notforking.png
=====================================
Binary files /dev/null and b/images/reports/2021-05/notforking.png differ


=====================================
images/reports/2021-05/reproducible-builds.png
=====================================
Binary files /dev/null and b/images/reports/2021-05/reproducible-builds.png differ


=====================================
images/reports/2021-05/testframework.png
=====================================
Binary files /dev/null and b/images/reports/2021-05/testframework.png differ


=====================================
images/reports/2021-05/website.png
=====================================
Binary files /dev/null and b/images/reports/2021-05/website.png differ



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/88b4c0485bd04f7bd110dfee62eb2fb139a13e27

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/88b4c0485bd04f7bd110dfee62eb2fb139a13e27
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20210601/659491ab/attachment.htm>


More information about the rb-commits mailing list