[Git][reproducible-builds/reproducible-website][master] 5 commits: docs(publications): use definition list and open links in new tab

Wed Nov 6 00:42:12 UTC 2024


Chris Lamb pushed to branch master at Reproducible Builds / reproducible-website


Commits:
6cb170a2 by hulkoba at 2024-11-05T16:40:33-08:00
docs(publications): use definition list and open links in new tab

- - - - -
8208d0ee by hulkoba at 2024-11-05T16:40:37-08:00
publications: indent definition

- - - - -
806381da by hulkoba at 2024-11-05T16:40:37-08:00
publications: put them in a data.yml file

- - - - -
4f779510 by Chris Lamb at 2024-11-05T16:41:58-08:00
Manually merge in changes made to master.

- - - - -
8409fe10 by Chris Lamb at 2024-11-05T16:42:05-08:00
_docs/publications.md: Use spaces.

- - - - -


3 changed files:

- + _data/publications.yml
- _docs/publications.md
- assets/styles/custom.scss


Changes:

=====================================
_data/publications.yml
=====================================
@@ -0,0 +1,106 @@
+- title: Reflections on trusting trust
+  source: Commun. ACM, 27 (8), 761–763
+  authors: Thompson, K.
+  date: 1984
+  url: https://doi.org/10.1145/358198.358210
+- title: Fully countering trusting trust through diverse double-compiling
+  authors: Wheeler, D. A.
+  date: 2010
+  url: https://arxiv.org/abs/1004.5534
+- title: Functional package management with guix
+  authors: Courtès, L.
+  date: 2013
+  url: https://arxiv.org/abs/1305.4584
+- title: Reproducible and User-Controlled Software Environments in HPC with Guix
+  source: 2nd International Workshop on Reproducibility in Parallel Computing (RepPar)
+  authors: Courtès, L., & Wurmus, R.
+  date: 2015, August
+  url: https://inria.hal.science/hal-01161771
+- title: Automated localization for unreproducible builds.
+  source: Proceedings of the 40th International Conference on Software Engineering
+  authors: Ren, Z., Jiang, H., Xuan, J., & Yang, Z.
+  date: 2018, May
+  url: https://doi.org/10.1145/3180155.3180224
+- title: Transparent, provenance-assured, and secure software-as-a-service
+  source: 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA), 1–8
+  authors: Tapas, N., Longo, F., Merlino, G., & Puliafito, A.
+  date: 2019
+  url: https://doi.org/10.1109/NCA.2019.8935014
+- title: "In-toto: Providing farm-to-table guarantees for bits and bytes"
+  source: Proceedings of the 28th USENIX Conference on Security Symposium, 1393–1410
+  authors: Torres-Arias, S., Afzali, H., Kuppusamy, T. K., Curtmola, R., & Cappos, J.
+  date: 2019
+  url: https://www.usenix.org/conference/usenixsecurity19/presentation/torres-arias
+- title: "Backstabber’s knife collection: A review of open source software supply chain attacks"
+  source: In_ Lecture notes in computer science _(pp. 23–43). Springer International Publishing.
+  authors: Ohm, M., Plate, H., Sykosch, A., & Meier, M.
+  date: 2020
+  url: https://doi.org/10.1007/978-3-030-52683-2_2
+- title: Reproducible containers
+  source: Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, 167–182
+  authors: Navarro Leija, O. S., Shiptoski, K., Scott, R. G., Wang, B., Renner, N., Newton, R. R., & Devietti, J.
+  date: 2020
+  url: https://doi.org/10.1145/3373376.3378519
+- title: Towards detection of software supply chain attacks by forensic artifacts
+  source: Proceedings of the 15th International Conference on Availability, Reliability and Security
+  authors: Ohm, M., Sykosch, A., & Meier, M.
+  date: 2020
+  url: https://doi.org/10.1145/3407023.3409183
+- title: Toward long-term and archivable reproducibility
+  source: Computing in Science & Engineering, 23(3), 82–91
+  authors:  Akhlaghi, M., Infante-Sainz, R., Roukema, B. F., Khellat, M., Valls-Gabaud, D., & Baena-Galle, R.
+  date: 2021
+  url: https://doi.org/10.1109/mcse.2021.3072860
+- title: "Reproducible builds: Increasing the integrity of software supply chains"
+  source: IEEE Software, 39(2), 62–70
+  authors: Lamb, C., & Zacchiroli, S.
+  date: 2022
+  url: https://doi.org/10.1109/MS.2021.3073045
+- title: An experience report on producing verifiable builds for large-scale commercial systems
+  source: IEEE Transactions on Software Engineering, 48(9), 3361–3377
+  authors: Shi, Y., Wen, M., Cogo, F. R., Chen, B., & Jiang, Z. M.
+  date: 2022
+  url: https://doi.org/10.1109/TSE.2021.3092692
+- title: Automated patching for unreproducible builds
+  source: Proceedings of the 44th International Conference on Software Engineering, 200–211
+  authors: Ren, Z., Sun, S., Xuan, J., Li, X., Zhou, Z., & Jiang, H.
+  date: 2022
+  url: https://doi.org/10.1145/3510003.3510102
+- title: "Top five challenges in software supply chain security: Observations from 30 industry and organizations"
+  source: IEEE Security & Privacy, 20(2), 96–100
+  authors: Enck, W., & Williams, L.
+  date: 2022
+  url: https://doi.org/10.1109/MSEC.2022.3142338
+- title: Reproducibility of computational environments for software development
+  source: Bachelor's thesis, RWTH Aachen University
+  authors: Strangfeld, M.
+  date: 2022
+  url: https://doi.org/10.5281/zenodo.13843189
+- title: On business adoption and use of reproducible builds for open and closed source software
+  source: Software Quality Journal, 31(3), 687–719
+  authors: Butler, S., Gamalielsson, J., Lundell, B., Brax, C., Mattsson, A., Gustavsson, T., Feist, J., Kvarnström, B., & Lönroth, E.
+  date: 2022
+  url: https://doi.org/10.1007/s11219-022-09607-z
+- title: "It’s like flossing your teeth: On the importance and challenges of reproducible builds for software supply chain security"
+  source: 2023 IEEE Symposium on Security and Privacy (SP), 1527–1544
+  authors: Fourne, M., Wermke, D., Enck, W., Fahl, S., & Acar, Y.
+  date: 2023
+  url: https://doi.org/10.1109/SP46215.2023.10179320
+- title: "Signing in four public software package registries: Quantity, quality, and influencing factors"
+  authors: Schorlemmer, T. R., Kalu, K. G., Chigges, L., Ko, K. M., Isghair, E. A.-M. A., Baghi, S., Torres-Arias, S., & Davis, J. C.
+  date: 2024
+  url: https://arxiv.org/abs/2401.14635
+- title: Reproducibility of build environments through space and time
+  authors: Malka, J., Zacchiroli, S., & Zimmermann, T.
+  date: 2024
+  url: https://arxiv.org/abs/2402.00424
+- title: "Options Matter: Documenting and Fixing Non-Reproducible Builds in Highly-Configurable Systems"
+  source: MSR 2024 - 21th International Conference on Mining Software Repository, 1–11.
+  authors: Randrianaina, G. A., Khelladi, D. E., Zendra, O., & Acher, M.
+  date: 2024
+  url: https://inria.hal.science/hal-04441579
+- title: Reproducibility in software engineering
+  source: University of Mons.
+  authors: Dellaiera, P.
+  date: 2024
+  url: https://doi.org/10.5281/zenodo.12666898


=====================================
_docs/publications.md
=====================================
@@ -37,89 +37,8 @@ researchers and practitioners looking to cite relevant literature in their work.
 The file can be found within the repository, making it easy for anyone to access
 and utilize in their own scholarly writings.
 
-- Thompson, K. (1984). Reflections on trusting trust. _Commun. ACM_,
-  _27_(8), 761–763. <https://doi.org/10.1145/358198.358210>
-- Wheeler, D. A. (2010). _Fully countering trusting trust through
-  diverse double-compiling_. <https://arxiv.org/abs/1004.5534>
-- Courtès, L. (2013). _Functional package management with guix_.
-  <https://arxiv.org/abs/1305.4584>
-- Courtès, L., & Wurmus, R. (2015, August).
-  <span class="nocase">Reproducible and User-Controlled Software
-  Environments in HPC with Guix</span>. _<span class="nocase">2nd
-  International Workshop on Reproducibility in Parallel Computing
-  (RepPar)</span>_. <https://inria.hal.science/hal-01161771>
-- Ren, Z., Jiang, H., Xuan, J., & Yang, Z. (2018, May). Automated
-  localization for unreproducible builds. _Proceedings of the 40th
-  International Conference on Software Engineering_.
-  <https://doi.org/10.1145/3180155.3180224>
-- Tapas, N., Longo, F., Merlino, G., & Puliafito, A. (2019).
-  Transparent, provenance-assured, and secure software-as-a-service.
-  _2019 IEEE 18th International Symposium on Network Computing and
-  Applications (NCA)_, 1–8. <https://doi.org/10.1109/NCA.2019.8935014>
-- Torres-Arias, S., Afzali, H., Kuppusamy, T. K., Curtmola, R., &
-  Cappos, J. (2019). In-toto: Providing farm-to-table guarantees for
-  bits and bytes. _Proceedings of the 28th USENIX Conference on
-  Security Symposium_, 1393–1410.
-  <https://www.usenix.org/conference/usenixsecurity19/presentation/torres-arias>
-- Ohm, M., Plate, H., Sykosch, A., & Meier, M. (2020). Backstabber’s
-  knife collection: A review of open source software supply chain
-  attacks. In _Lecture notes in computer science_ (pp. 23–43).
-  Springer International Publishing.
-  <https://doi.org/10.1007/978-3-030-52683-2_2>
-- Navarro Leija, O. S., Shiptoski, K., Scott, R. G., Wang, B., Renner,
-  N., Newton, R. R., & Devietti, J. (2020). Reproducible containers.
-  _Proceedings of the Twenty-Fifth International Conference on
-  Architectural Support for Programming Languages and Operating
-  Systems_, 167–182. <https://doi.org/10.1145/3373376.3378519>
-- Ohm, M., Sykosch, A., & Meier, M. (2020). Towards detection of
-  software supply chain attacks by forensic artifacts. _Proceedings of
-  the 15th International Conference on Availability, Reliability and
-  Security_. <https://doi.org/10.1145/3407023.3409183>
-- Akhlaghi, M., Infante-Sainz, R., Roukema, B. F., Khellat, M.,
-  Valls-Gabaud, D., & Baena-Galle, R. (2021). Toward long-term and
-  archivable reproducibility. _Computing in Science & Engineering_,
-  _23_(3), 82–91. <https://doi.org/10.1109/mcse.2021.3072860>
-- Lamb, C., & Zacchiroli, S. (2022). Reproducible builds: Increasing
-  the integrity of software supply chains. _IEEE Software_, _39_(2),
-  62–70. <https://doi.org/10.1109/MS.2021.3073045>
-- Shi, Y., Wen, M., Cogo, F. R., Chen, B., & Jiang, Z. M. (2022). An
-  experience report on producing verifiable builds for large-scale
-  commercial systems. _IEEE Transactions on Software Engineering_,
-  _48_(9), 3361–3377. <https://doi.org/10.1109/TSE.2021.3092692>
-- Ren, Z., Sun, S., Xuan, J., Li, X., Zhou, Z., & Jiang, H. (2022).
-  Automated patching for unreproducible builds. _Proceedings of the
-  44th International Conference on Software Engineering_, 200–211.
-  <https://doi.org/10.1145/3510003.3510102>
-- Enck, W., & Williams, L. (2022). Top five challenges in software
-  supply chain security: Observations from 30 industry and government
-  organizations. _IEEE Security & Privacy_, _20_(2), 96–100.
-  <https://doi.org/10.1109/MSEC.2022.3142338>
-- Strangfeld, M. (2022). _Reproducibility of computational
-  environments for software development_ \[Bachelor's Thesis, RWTH
-  Aachen University\]. <https://doi.org/10.5281/zenodo.13843189>
-- Butler, S., Gamalielsson, J., Lundell, B., Brax, C., Mattsson, A.,
-  Gustavsson, T., Feist, J., Kvarnström, B., & Lönroth, E. (2023). On
-  business adoption and use of reproducible builds for open and closed
-  source software. _Software Quality Journal_, _31_(3), 687–719.
-  <https://doi.org/10.1007/s11219-022-09607-z>
-- Fourne, M., Wermke, D., Enck, W., Fahl, S., & Acar, Y. (2023). It’s
-  like flossing your teeth: On the importance and challenges of
-  reproducible builds for software supply chain security. _2023 IEEE
-  Symposium on Security and Privacy (SP)_, 1527–1544.
-  <https://doi.org/10.1109/SP46215.2023.10179320>
-- Schorlemmer, T. R., Kalu, K. G., Chigges, L., Ko, K. M., Isghair, E.
-  A.-M. A., Baghi, S., Torres-Arias, S., & Davis, J. C. (2024).
-  _Signing in four public software package registries: Quantity,
-  quality, and influencing factors_.
-  <https://arxiv.org/abs/2401.14635>
-- Malka, J., Zacchiroli, S., & Zimmermann, T. (2024). _Reproducibility
-  of build environments through space and time_.
-  <https://arxiv.org/abs/2402.00424>
-- Randrianaina, G. A., Khelladi, D. E., Zendra, O., & Acher, M.
-  (2024). <span class="nocase">Options Matter: Documenting and Fixing
-  Non-Reproducible Builds in Highly-Configurable Systems</span>.
-  _<span class="nocase">MSR 2024 - 21th International Conference on
-  Mining Software Repository</span>_, 1–11.
-  <https://inria.hal.science/hal-04441579>
-- Dellaiera, P. (2024). _Reproducibility in software engineering_.
-  University of Mons. <https://doi.org/10.5281/zenodo.12666898>
+{% for pub in site.data.publications %}
+{{ pub.title }}
+ : {% if pub.source %}_{{pub.source}}_<br>{% endif %}
+   {{ pub.authors }} ({{ pub.date }})<br><{{ pub.url }}>{:target="_blank"}
+{% endfor %}


=====================================
assets/styles/custom.scss
=====================================
@@ -9,7 +9,11 @@
   }
 }
 
-
+// This is used in /docs/publications
+dl > dd {
+  margin-left: 1rem;
+  padding-bottom: 0.75rem;
+}
 
 main {
   a {



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/compare/ab7546d710e474e1baf423a892dbfc0e9ca189c8...8409fe1069a08806ef980fed0c7fd8f9545df69a

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/compare/ab7546d710e474e1baf423a892dbfc0e9ca189c8...8409fe1069a08806ef980fed0c7fd8f9545df69a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20241106/d50ec5e0/attachment.htm>
