[Git][reproducible-builds/reproducible-website][master] 2023-01: fix pronouns
FC Stegerman (@obfusk)
gitlab at salsa.debian.org
Thu Feb 2 22:53:32 UTC 2023
FC Stegerman pushed to branch master at Reproducible Builds / reproducible-website
Commits:
f914442a by FC Stegerman at 2023-02-02T23:53:20+01:00
2023-01: fix pronouns
- - - - -
1 changed file:
- _reports/2023-01.md
Changes:
=====================================
_reports/2023-01.md
=====================================
@@ -77,15 +77,15 @@ In addition:
* F-Droid added 13 apps published with reproducible builds this month. [[…](https://gitlab.com/fdroid/fdroiddata/-/issues/2844)]
-* FC Stegerman outlined a bug where [`baseline.profm` files are nondeterministic](https://gist.github.com/obfusk/61046e09cee352ae6dd109911534b12e). As he notes, this issue [should already be fixed](https://android.googlesource.com/platform/tools/base/+/2f2c6b30b55e18e2672edf5ee8e8e583be759d3e) but it is not yet part of the official [Android Gradle plugin release](https://developer.android.com/studio/releases/gradle-plugin).
+* FC Stegerman outlined a bug where [`baseline.profm` files are nondeterministic](https://gist.github.com/obfusk/61046e09cee352ae6dd109911534b12e). As they note, this issue [should already be fixed](https://android.googlesource.com/platform/tools/base/+/2f2c6b30b55e18e2672edf5ee8e8e583be759d3e) but it is not yet part of the official [Android Gradle plugin release](https://developer.android.com/studio/releases/gradle-plugin).
* GitLab user [*Parwor*](https://gitlab.com/Parwor) discovered that the number of CPU cores can affect the reproducibility of `.dex` files. [[…](https://gitlab.com/fdroid/rfp/-/issues/1519#note_1226216164)]
-* FC Stegerman also announced the `0.2.0` and `0.2.1` releases of [*reproducible-apk-tools*](https://github.com/obfusk/reproducible-apk-tools), a suite of tools to help make `.apk` files reproducible. Several new subcommands and scripts were added, and a number of bugs were fixed as well [[…](https://lists.reproducible-builds.org/pipermail/rb-general/2023-january/002815.html)][[…](https://lists.reproducible-builds.org/pipermail/rb-general/2023-january/002816.html)]. He also updated the [F-Droid website](https://f-droid.org/) to improve the reproducibility-related documentation. [[…](https://gitlab.com/fdroid/fdroid-website/-/merge_requests/895/diffs)][[…](https://gitlab.com/fdroid/fdroid-website/-/merge_requests/901/diffs)]
+* FC Stegerman also announced the `0.2.0` and `0.2.1` releases of [*reproducible-apk-tools*](https://github.com/obfusk/reproducible-apk-tools), a suite of tools to help make `.apk` files reproducible. Several new subcommands and scripts were added, and a number of bugs were fixed as well [[…](https://lists.reproducible-builds.org/pipermail/rb-general/2023-january/002815.html)][[…](https://lists.reproducible-builds.org/pipermail/rb-general/2023-january/002816.html)]. They also updated the [F-Droid website](https://f-droid.org/) to improve the reproducibility-related documentation. [[…](https://gitlab.com/fdroid/fdroid-website/-/merge_requests/895/diffs)][[…](https://gitlab.com/fdroid/fdroid-website/-/merge_requests/901/diffs)]
* A number of bugs related to reproducibility were discovered in Android itself. Firstly, the non-deterministic order of `.zip` entries in `.apk` files [[…]](https://issuetracker.google.com/issues/265653160)] and then newline differences between building on Windows versus Linux can make builds not reproducible as well. [[…](https://issuetracker.google.com/issues/266109851)]. (Note that these links may require a Google account to view.)
-* And just before the end of the month, FC Stegerman started a thread on [our mailing list](https://lists.reproducible-builds.org/listinfo/rb-general) on the topic of [hiding data/code in APK embedded signatures](https://lists.reproducible-builds.org/pipermail/rb-general/2023-January/002825.html) which has been made possible by the [Android APK Signature Scheme v2/v3](https://source.android.com/docs/security/features/apksigning). As part of this, he made an Android app that reads the APK Signing block of its own APK and extracts a payload in order to alter its behaviour called [*sigblock-code-poc*](https://github.com/obfusk/sigblock-code-poc).
+* And just before the end of the month, FC Stegerman started a thread on [our mailing list](https://lists.reproducible-builds.org/listinfo/rb-general) on the topic of [hiding data/code in APK embedded signatures](https://lists.reproducible-builds.org/pipermail/rb-general/2023-January/002825.html) which has been made possible by the [Android APK Signature Scheme v2/v3](https://source.android.com/docs/security/features/apksigning). As part of this, they made an Android app that reads the APK Signing block of its own APK and extracts a payload in order to alter its behaviour called [*sigblock-code-poc*](https://github.com/obfusk/sigblock-code-poc).
### Debian
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/f914442a8e1ec9ea15e2404a7c80c2c54b4c0fc3
--
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/f914442a8e1ec9ea15e2404a7c80c2c54b4c0fc3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20230202/422e6134/attachment.htm>
More information about the rb-commits
mailing list