[Git][reproducible-builds/reproducible-website][master] 2024-04: small fixes

FC (Fay) Stegerman (@obfusk) gitlab at salsa.debian.org
Thu May 9 01:47:27 UTC 2024



FC (Fay) Stegerman pushed to branch master at Reproducible Builds / reproducible-website


Commits:
f43168ca by FC (Fay) Stegerman at 2024-05-09T03:47:12+02:00
2024-04: small fixes

- - - - -


1 changed file:

- _reports/2024-04.md


Changes:

=====================================
_reports/2024-04.md
=====================================
@@ -20,7 +20,7 @@ draft: true
 
 ### New `backseat-signed` tool to validate distributions' source inputs
 
-*kpcyrd* announced on a new tool called [`backseat-signed`](https://github.com/kpcyrd/backseat-signed), after:
+*kpcyrd* announced a new tool called [`backseat-signed`](https://github.com/kpcyrd/backseat-signed), after:
 
 > I figured out a somewhat straight-forward way to check if a given `git archive` output is cryptographically claimed to be the source input of a given binary package in either Arch Linux or Debian (or both).
 
@@ -56,7 +56,7 @@ Later on in the month, Fay followed up with a second post detailing a script tha
 
 [![]({{ "/images/reports/2024-04/website.png#right" | relative_url }})]({{ "/" | relative_url }})
 
-There were made a number of improvements to our website this month, including Chris Lamb updating the [archive page]({{ "/docs/archive/" | relative_url }}) to recommend `-X` and unzipping with `TZ=UTC` [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/d15f76b8)] and added Maven, Gradle, JDK and Groovy examples to the [`SOURCE_DATE_EPOCH` page]({{ "/docs/source-date-epoch/" | relative_url }}) [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/bfcbb9a2)]. In addition Jan Zerebecki added a new [`/contribute/opensuse/`]({{ "/contribute/opensuse/" | relative_url }}) page [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/4901c9ae)] and *Sertonix* and fixed the automatic RSS feed detection [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/5f311583)][[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/54c80767)].
+There were a number of improvements made to our website this month, including Chris Lamb updating the [archive page]({{ "/docs/archive/" | relative_url }}) to recommend `-X` and unzipping with `TZ=UTC` [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/d15f76b8)] and adding Maven, Gradle, JDK and Groovy examples to the [`SOURCE_DATE_EPOCH` page]({{ "/docs/source-date-epoch/" | relative_url }}) [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/bfcbb9a2)]. In addition Jan Zerebecki added a new [`/contribute/opensuse/`]({{ "/contribute/opensuse/" | relative_url }}) page [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/4901c9ae)] and *Sertonix* fixed the automatic RSS feed detection [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/5f311583)][[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/54c80767)].
 
 <br>
 
@@ -86,7 +86,7 @@ Simon's [post](https://blog.josefsson.org/2024/04/13/reproducible-and-minimal-so
 
 [![]({{ "/images/reports/2024-04/sicherheit2024_016.png#right" | relative_url }})](https://doi.org/10.18420/sicherheit2024_016)
 
-Joshua Drexel1, Esther Hänggi and Iyán Méndez Veiga of the School of Computer Science and Information Technology, Hochschule Luzern (HSLU) in Switzerland published a paper this month entitled [*Reproducible Builds and Insights from an Independent Verifier for Arch Linux*](https://doi.org/10.18420/sicherheit2024_016). The paper establishes the context as follows:
+Joshua Drexel, Esther Hänggi and Iyán Méndez Veiga of the School of Computer Science and Information Technology, Hochschule Luzern (HSLU) in Switzerland published a paper this month entitled [*Reproducible Builds and Insights from an Independent Verifier for Arch Linux*](https://doi.org/10.18420/sicherheit2024_016). The paper establishes the context as follows:
 
 > Supply chain attacks have emerged as a prominent cybersecurity threat in recent years. Reproducible and bootstrappable builds have the potential to reduce such attacks significantly. In combination with independent, exhaustive and periodic source code audits, these measures can effectively eradicate compromises in the building process. In this paper we introduce both concepts, we analyze the achievements over the last ten years and explain the remaining challenges.
 



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/f43168ca3dfdd88e0dd98c53c56db7091d6e7ef6

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/f43168ca3dfdd88e0dd98c53c56db7091d6e7ef6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20240509/68559d09/attachment.htm>


More information about the rb-commits mailing list