[Git][reproducible-builds/reproducible-presentations][master] fosdem talk: some polishing

Thu Feb 1 17:44:57 UTC 2024


Holger Levsen pushed to branch master at Reproducible Builds / reproducible-presentations


Commits:
a6334aad by Holger Levsen at 2024-02-01T18:44:47+01:00
fosdem talk: some polishing

Signed-off-by: Holger Levsen <holger at layer-acht.org>

- - - - -


2 changed files:

- 2024-02-03-R-B-the-first-10-years/index.html
- 2024-02-03-R-B-the-first-10-years/todo


Changes:

=====================================
2024-02-03-R-B-the-first-10-years/index.html
=====================================
@@ -149,6 +149,8 @@
         <ol>
           <li>Holger Levsen / holger at debian.org, located in Hamburg, Germany. Born at 329 ppm. He/him 🏳️‍🌈🏳️‍⚧️.</li>
           <li>Debian user since 1995, contributing since 2001, Debian member since 2007. I ❤️  Debian.</li>
+          <li><span class="fragment">FOSDEM 2005 was my first love^wFOSDEM. In 2014 we managed to do video for all the rooms for the 1<sup><small>st</small></sup> time.
+          </span></li>
           <li><span class="fragment">Working on Reproducible Builds since 2014.
           Aiming to make all ❤️  Free Software reproducible.</span></li>
           <li><span class="fragment">Ask me anything, anytime. This is a pretty complex topic.</span>
@@ -507,7 +509,7 @@
           <li class="fragment">Who knows about Reproducible Builds, why and how?</li>
           <li class="fragment">Who contribute(s|d) to Reproducible Builds?</li>
           <li class="fragment">Who knows that Reproducible Builds have been known for more than 10 years?<span class="fragment"> >30 years?</span></li>
-          <li class="fragment">Who knows about SBOM? <span class="fragment">(Software Bill of Materials) = our .buildinfo files from 2014!</li>
+          <li class="fragment">Who knows about SBOM? <span class="fragment"></br>(Software Bill of Materials) ~= our .buildinfo files from 2014!</li>
       </ul>
       </section>
 
@@ -552,7 +554,7 @@
    	<p class="fragment">https://lists.zx2c4.com/pipermail/wireguard/2023-April/008045.html
 	<br />Wireguard (VPN app for Android) builds are now reproducible, their release is identical on their website, Google Play Store and F-Droid. 🎯🎯🎯🥳
 	<br />(it's more complicated than that, see their mail.)</p>
-   	<p class="fragment">We were not even informed. 🥲  Poeople just do reproducible builds as normal part of their work nowadays. 🤗</p>
+   	<p class="fragment">We were not even informed. 🥲  People just do reproducible builds as normal part of their work nowadays. 🤗</p>
 	</ul>
 	</section>
 
@@ -578,7 +580,7 @@
 
       <section data-background="images/FOSDEM_logo.svg" data-background-size="10%" data-background-position="93% 9%" data-transition="none">
 	<ul>
-        <li> By 2023 Reproducible Builds has been widely understood:
+        <li> By 2024 Reproducible Builds has been widely understood:
 		<br><span class="fragment" style="font-size: 100%">https://reproducible-builds.org/resources/
 	<br>https://reproducible-builds.org/docs/
 <br>https://reproducible-builds.org/docs/publications/</span></li>
@@ -730,7 +732,7 @@
 	<ul>
 	<li class="fragment">Lower development costs and increased development speed through less developer time wasted on waiting for builds.</li>
 	<li class="fragment">Software development: does this change really have no effect / the desired effect only?</li>
-	<li class="fragment">Licence compliance: you can only be sure a binary is Free Software if it can be (re-)built reproducibly from a given source.</li>
+	<li class="fragment">Licence compliance: you can only be sure a binary is Free Software if it can be (re-)build reproducibly from a given source.</li>
 	<li class="fragment">Reproducible verified SBOMs.</li>
 	</ul>
 	</section>
@@ -768,7 +770,7 @@
         <h2>SOURCE_DATE_EPOCH</h2>
 	<ul>
 	<li>Who knows about SOURCE_DATE_EPOCH?</li>
-	<li class="fragment">Build time stamps are meaningless. SOURCE_DATE_EPOCH describes the time of the last modification of the source (in seconds since the Unix epoch).</li>
+	<li class="fragment">Build time stamps are largly meaningless. SOURCE_DATE_EPOCH describes the time of the last modification of the source (in seconds since the Unix epoch).</li>
 	<li class="fragment">Supported by <b>a lot</b> of software today.</li>
 	<li class="fragment">The specification is from 2015 and was updated in 2017.
 	<li class="fragment">https://reproducible-builds.org/docs/source-date-epoch/</li>
@@ -1053,7 +1055,15 @@ Arch Linux is 86.4% reproducible with 1701 bad and 10849 good packages.
         <h3>Summary</h3>
 	<ul>
    	<li>Many projects support reproducible builds in theory today, but it's unclear what that means in practice and how users can know and be confident.</li>
-	<li>This is a huge success.</li>
+	<li class="fragment">This is a huge success.</li>
+	<li class="fragment">This was thought to be impossible a decade ago.</li>
+	</ul>
+     </section>
+
+      <section data-background="images/FOSDEM_logo.svg" data-background-size="10%" data-background-position="93% 9%" data-transition="none">
+        <h3>Summary</h3>
+	<ul>
+   	<li>Many projects support or aim for reproducible builds today. This is a huge success.</li>
 	<li class="fragment">Next: finish those last 1-5% upstream.</li>
 	<li class="fragment">Next: create infrastructure of rebuilders in practice.</li>
 	<li class="fragment">Next: create infrastructure, processes and tools to securely use those results...</li>
@@ -1062,7 +1072,6 @@ Arch Linux is 86.4% reproducible with 1701 bad and 10849 good packages.
      </section>
 
 
-
       <!--========================================================= -->
 
 


=====================================
2024-02-03-R-B-the-first-10-years/todo
=====================================
@@ -1,3 +1,9 @@
+mention summit funding in funding slide?
+update 20230804 pngs?
+ci reproducibility table: add trixie!
+summary: is too long
+update packages after the end
+
 'the first 10 years and beyond'?
 reference old talks at fosdem:
 ../2023-08-04-R-B-the-first-10-years/2014-02-01-FOSDEM14.pdf
@@ -18,6 +24,7 @@ trust path in debian
 	signed release file
 	debs
 rebuilder-snapshot
+	explain the idea based on the observed numbers
 	#42
 	metasnap
 maint help wanted



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-presentations/-/commit/a6334aad138decb0794f551a553eef495160837d

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-presentations/-/commit/a6334aad138decb0794f551a553eef495160837d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20240201/17a4c7d5/attachment.htm>
