[Git][reproducible-builds/reproducible-website][docs/additional-jekyll-build-dependencies] 22 commits: Archives: add file permissions hint/guidance
James Addison (@jayaddison)
gitlab at salsa.debian.org
Mon Feb 3 18:06:51 UTC 2025
James Addison pushed to branch docs/additional-jekyll-build-dependencies at Reproducible Builds / reproducible-website
Commits:
35ed63bc by James Addison at 2025-01-11T01:30:29+00:00
Archives: add file permissions hint/guidance
- - - - -
439f6234 by Holger Levsen at 2025-01-13T16:42:34+01:00
add two presentations from FOSDEM 2016 which were linked on https://wiki.debian.org/ReproducibleBuilds/About a long time ago
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
2f3a8adf by Arnout Engelen at 2025-01-14T17:30:47+01:00
Update link to NixOS r-b issue template
- - - - -
788901d6 by Chris Lamb at 2025-01-16T13:33:43+00:00
2025-01 += https://www.cs.cmu.edu/~ckaestne/pdf/icse25_rb.pdf
- - - - -
4cbc0195 by Michael R. Crusoe at 2025-01-20T12:14:36+01:00
README: make setup command copy & paste friendly
- - - - -
2d425f72 by Michael R. Crusoe at 2025-01-20T12:22:56+01:00
SOURCE_DATE_EPOCH: Add R example
- - - - -
3a56dbd0 by Holger Levsen at 2025-01-23T15:43:07+01:00
2025 01: += https://(arm64|armhf).reproduce.debian.net/
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
fa64e848 by Holger Levsen at 2025-01-23T21:29:17+01:00
2025 01: += https://riscv64.reproduce.debian.net
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
248672ac by Vagrant Cascadian at 2025-01-26T21:42:44-08:00
2025-01: freebsd zero-trust builds
- - - - -
5a3582e0 by Holger Levsen at 2025-01-29T14:30:33+01:00
ressources: add link to FOSDEM distro devroom talk, it'll be streamed
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
9c9e6a0b by Holger Levsen at 2025-01-29T14:46:10+01:00
check/cleanup 1 presentation formerly linked on https://wiki.debian.org/ReproducibleBuilds/About
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
71e24599 by Holger Levsen at 2025-01-29T15:03:08+01:00
2025 01: += https://github.com/freebsd/pkg/issues/2410
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
2282c7bb by Holger Levsen at 2025-01-29T16:28:58+01:00
check/cleanup 1 presentation duplicate
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
52df0c3e by Chris Lamb at 2025-01-30T07:16:20+00:00
2025-01 += https://hal.science/hal-04913007v1/file/2025-MSR-reproducibility.pdf
- - - - -
50860ae0 by Bernhard M. Wiedemann at 2025-01-31T13:12:00+01:00
2025-01: +openSUSE monthly + many patches
- - - - -
1e8d2f5a by Chris Lamb at 2025-02-03T12:17:19+00:00
2025-01: Initial draft
- - - - -
52c9f521 by Chris Lamb at 2025-02-03T12:23:11+00:00
2025-02 += https://social.treehouse.systems/@marcan/113914172433692339
- - - - -
760cd523 by kpcyrd at 2025-02-03T13:27:04+01:00
2025-01: clarify Arch Linux image -> bootable system
- - - - -
44631e61 by Pol Dellaiera at 2025-02-03T14:05:24+01:00
2025-01 += add a note about issue in PHP package manager
- - - - -
f7e5a9c9 by Holger Levsen at 2025-02-03T15:12:38+01:00
resources: add link to slides of our FOSDEM 2025 talk
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
be88b102 by Holger Levsen at 2025-02-03T18:55:17+01:00
2025 02: += some FOSDEM2025 talks about r-b stuff
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
baa910b3 by James Addison at 2025-02-03T18:06:25+00:00
README: add a couple of additional doc dependencies (`po4a`, `python3-yaml`)
Conflicts:
README.md
- - - - -
16 changed files:
- README.md
- _data/presentations.yml
- _docs/archives.md
- _docs/source-date-epoch.md
- + _reports/2025-01.md
- + _reports/2025-02.md
- contribute/nixos.md
- + images/reports/2025-01/2025-MSR-reproducibility.png
- + images/reports/2025-01/debian.png
- + images/reports/2025-01/diffoscope.png
- + images/reports/2025-01/icse25_rb.png
- + images/reports/2025-01/opensuse.png
- + images/reports/2025-01/reproduce.png
- + images/reports/2025-01/reproducible-builds.png
- + images/reports/2025-01/testframework.png
- + images/reports/2025-01/website.png
Changes:
=====================================
README.md
=====================================
@@ -49,7 +49,7 @@ We have a guideline for you to read:
[our guide for contributors](https://reproducible-builds.org/contribute).
```console
-$ sudo apt install jekyll git ruby-jekyll-redirect-from ruby-jekyll-polyglot ruby-jekyll-sitemap
+sudo apt install jekyll git po4a python3-yaml ruby-jekyll-redirect-from ruby-jekyll-polyglot ruby-jekyll-sitemap
```
Basically, it is:
=====================================
_data/presentations.yml
=====================================
@@ -1,3 +1,14 @@
+- title: a tale of several distros joining forces for a common goal, reproducible builds
+ presented_by: Holger Levsen, Jelle van der Waa, kpcyrd
+ event:
+ url: https://fosdem.org/2025/schedule/event/fosdem-2025-6479-a-tale-of-several-distros-joining-forces-for-a-common-goal-reproducible-builds/
+ name: FOSDEM 2025
+ location: Brussels, Belgium
+ date: 2025-02-02
+ video:
+ url: https://live.fosdem.org/watch/h1302
+ slides: https://reproducible-builds.org/_lfs/presentations/2025-02-02-a-tale-of-several-distros-joining-forces-for-a-common-goal-reproducible-builds/
+
- title: Rebuilding what is distributed from ftp.debian.org
presented_by: Holger Levsen
event:
@@ -636,13 +647,6 @@
name: Libreplanet 2017
location: MIT, Cambridge, United States
-- title: Reproducible Builds everywhere
- presented_by: Holger Levsen
- event:
- url: https://www.guug.de/veranstaltungen/ffg2017/
- name: GUUG Frühjahrsfachgespräch 2017
- location: Darmstadt, Germany
-
- title: Introduction to Reproducible builds
presented_by: Vagrant Cascadian
event:
@@ -653,7 +657,7 @@
- title: Reproducible Builds everywhere
presented_by: Holger Levsen
event:
- url: https://ffg.guug.de/
+ url: https://www.guug.de/veranstaltungen/ffg2017/
name: GUUG Frühjahrsfachgespräch 2017
date: 2017-03-24
location: Darmstadt, Germany
@@ -810,11 +814,34 @@
event:
url: https://archive.fosdem.org/2016/schedule/event/reproducible_freebsd_packages/
name: FOSDEM 2016
+ date: 2016-01-31
location: Brussels, Belgium
video:
url: http://video.fosdem.org/2016/k4601/reproducible-builds-in-freebsd-packages.mp4
slides: https://archive.fosdem.org/2016/schedule/event/reproducible_freebsd_packages/attachments/slides/1170/export/events/attachments/reproducible_freebsd_packages/slides/1170/reproducible_builds_freebsd
+- title: ElectroBSD - Getting a reproducible BSD out of the door
+ presented_by: Fabian Keil
+ event:
+ url: https://archive.fosdem.org/2016/schedule/event/electrobsd/
+ name: FOSDEM 2016
+ date: 2016-01-31
+ location: Brussels, Belgium
+ video:
+ url: http://video.fosdem.org/2016/k4601/electrobsd-getting-a-reproducible-bsd-out-of-the-door.mp4
+ slides: https://www.fabiankeil.de/talks/reproducible-electrobsd/
+
+- title: Beyond reproducible builds - Making the whole free software ecosystem reproducible and then…
+ presented_by: Holger Levsen
+ event:
+ url: https://archive.fosdem.org/2016/schedule/event/reproducible_ecosystem/
+ name: FOSDEM 2016
+ date: 2016-01-31
+ location: Brussels, Belgium
+ video:
+ url: http://video.fosdem.org/2016/janson/beyond-reproducible-builds.mp4
+ slides: https://archive.fosdem.org/2016/schedule/event/reproducible_ecosystem/attachments/slides/1221/export/events/attachments/reproducible_ecosystem/slides/1221/2016_01_31_FOSDEM16_Reproducible_ecosystem.pdf
+
- title: Beyond Reproducible builds
presented_by: Chris Lamb
event:
@@ -926,7 +953,6 @@
#
# * [[https://summit.debconf.org/debconf14/meeting/78/reproducible-builds-for-debian/|Reproducible Builds, a year later]], [[http://debconf14.debconf.org/|DebConf14]], [[http://meetings-archive.debian.net/pub/debian-meetings/2014/debconf14/webm/Reproducible_Builds_for_Debian_a_year_later.webm|Video]], [[http://reproducible.alioth.debian.org/presentations/2014-08-26-DebConf14.pdf|Slides]] ([[http://anonscm.debian.org/gitweb/?p=reproducible/presentations.git;a=tree;f=2014-08-26-DebConf14;hb=HEAD|Sources]])
# * [[https://events.ccc.de/congress/2014/Fahrplan/events/6240.html|Reproducible Builds, Moving Beyond Single Points of Failure for Software Distribution]], [[https://events.ccc.de/congress/2014/|31st Chaos Communication Congress]] (31C3), [[http://media.ccc.de/browse/congress/2014/31c3_-_6240_-_en_-_saal_g_-_201412271400_-_reproducible_builds_-_mike_perry_-_seth_schoen_-_hans_steiner.html|Video]], [[https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2491/original/2014CCCReproducible.pdf|Slides]]
-# * [[https://fosdem.org/2015/schedule/event/stretching_out_for_trustworthy_reproducible_builds/|Stretching out for trustworthy reproducible builds]], [[https://fosdem.org/2015/|FOSDEM'15]], [[https://fosdem.org/2015/schedule/event/stretching_out_for_trustworthy_reproducible_builds/attachments/paper/668/export/events/attachments/stretching_out_for_trustworthy_reproducible_builds/paper/668/2015_01_31_FOSDEM15.pdf|Slides]] ([[http://anonscm.debian.org/cgit/reproducible/presentations.git/tree/2015-01-31-FOSDEM15|Sources]]), [[https://fosdem.org/2015/schedule/event/stretching_out_for_trustworthy_reproducible_builds/|Interview]]
# * [[https://berlin.ccc.de/wiki/Datengarten/52|Stretching out for trustworthy reproducible builds]], Datengarten 52, CCC Berlin, [[http://meetings-archive.debian.net/pub/debian-meetings/2015/datengarten-ccc-berlin/|Recordings]], [[http://meetings-archive.debian.net/pub/debian-meetings/2015/datengarten-ccc-berlin/2015-05-26-CCCBerlin.pdf|Slides]] ([[https://anonscm.debian.org/cgit/reproducible/presentations.git/tree/2015-05-26-CCCBerlin|Sources]])
# * [[https://entropia.de/GPN15:Reproducible_Builds|Stretching out for trustworthy reproducible builds]], Gulaschprogrammiernacht 15, Karlsruhe, Germany, [[http://meetings-archive.debian.net/pub/debian-meetings/2015/GPN15/|Recordings]], [[http://meetings-archive.debian.net/pub/debian-meetings/2015/GPN15/reproducible-builds-2015-06-07-GPN15.pdf|Slides]] ([[https://anonscm.debian.org/cgit/reproducible/presentations.git/tree/2015-06-07-GPN15|Sources]])
# * [[https://www.passageenseine.org/fr/programme/2015/vendredi-19-juin/grande-salle/compilations-reproductibles-permettre-le-lien-entre-un-binaire-et-sa-source|Compilations reproductibles : permettre le lien entre un binaire et sa source]], Pas Sage en Seine 2015, Paris, France, [[http://data.passageenseine.org/2015/mp4/PSES2015_Compilations%20reproductibles%20:%20permettre%20le%20lien%20entre%20un%20binaire%20et%20sa%20source%20(Lunar).mp4|Video]], [[https://reproducible.alioth.debian.org/presentations/2015-06-19-PSES2015.pdf|Slides]] ([[https://anonscm.debian.org/cgit/reproducible/presentations.git/tree/2015-06-19-PSES2015|Sources]])
@@ -940,10 +966,6 @@
# * ''Beyond Reproducible builds'', Chaos Computer Club Hamburg, Germany, 2015-11-13, [[https://cdn.media.ccc.de/contributors/ccchh/Vortrag_Holger.mp4|Video]] (German), Slides are available from git
# * [[https://www.hackerspace.gr/wiki/Reproducible_builds|Let's talk about Reproducible Builds]] at hackerspace.gr in Athens, Greece, 2015-12-04, slides are available in git
# * [[https://ross.karchner.com/explaining-reproducible-builds/|Lightning talk from Ross Karchner]], 2016-12-29, [[https://www.slideshare.net/rosskarchner/reproducible-builds-lightning-talk|Slides]]
-# * at FOSDEM 16:
-# * [[https://fosdem.org/2016/schedule/event/electrobsd/|ElectroBSD - Getting a reproducible BSD out of the door]]
-# * [[https://fosdem.org/2016/schedule/event/reproducible_freebsd_packages/|Reproducible builds in FreeBSD packages]]
-# * [[https://fosdem.org/2016/schedule/event/reproducible_ecosystem/|The reproducible ecosystem]] by Holger Levsen - ([[https://wiki.debian.org/ReproducibleBuilds/About?action=AttachFile&do=view&target=2016-01-31-FOSDEM16-Reproducible-ecosystem.pdf|slides]]) ([[https://anonscm.debian.org/cgit/reproducible/presentations.git/tree/2016-01-31-FOSDEM16|sources]])
# * [[http://www.devconf.cz/|devconf.cz]] (Fedora/Redhat conference): [[https://wiki.debian.org/ReproducibleBuilds/About?action=AttachFile&do=view&target=2016-02-06-devconf.cz-Reproducible-rpm-world-lightningtalk.pdf|Reproducible builds lightning talk]] (slides) ([[https://anonscm.debian.org/cgit/reproducible/presentations.git/tree/2016-02-06-devconf.cz|sources]])
# * [[https://internetfreedomfestival.org/wiki/index.php/Reproducible_Builds|Session about Reproducible Builds]] at InternetFreedomFestival (IFF) in Valencia 2016
# * [[https://www.libreplanet.org/2016/program/|LibrePlanet 2016]] (FSF conference): [[https://wiki.debian.org/ReproducibleBuilds/About?action=AttachFile&do=view&target=2016-03-20-libreplanet.pdf|Reproducible builds ecosystem]] (slides) ([[https://anonscm.debian.org/cgit/reproducible/presentations.git/tree/2016-03-20-libreplanet|sources]])
=====================================
_docs/archives.md
=====================================
@@ -110,6 +110,15 @@ To avoid this, either `unset POSIXLY_CORRECT` (only works with [tar>1.32](https:
`--pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime` or `--format=gnu` (both only available in GNU tar)
or use `--format=ustar` if the limitations in that format are not a problem.
+File permissions
+----------------
+
+Permissions on build artifacts may vary, for example due to differing `umask` settings. The resulting permission differences may be reflected when archive files containing them are created.
+
+When possible, it is preferable to create build artifacts using deterministic permissions so that variance does not arise. However, sometimes it may be easier or more practical to configure static permissions later in the build, when the archive files are created.
+
+To configure file permissions when creating a `tar` archive, you can use the `--mode` argument. For example, to request that, by default, unpacked files should be readable by everyone by default, writable only by their owner, and to allow everyone to list directory/folder contents, add: `--mode=a=rX,u+w`
+
Full example
------------
=====================================
_docs/source-date-epoch.md
=====================================
@@ -186,13 +186,13 @@ docker buildx build --output type=image,name=docker.io/username/image,push=true,
The `rewrite-timestamp` option is not set to `true` by default due to the overhead of rewriting image layers.
-#### apt-get
+##### apt-get
`RUN apt-get` does not automatically consume `SOURCE_DATE_EPOCH` to install packages from the past snapshot.
<https://github.com/reproducible-containers/repro-sources-list.sh> can be used for reconfiguring `/etc/apt/sources.list`
to use `https://snapshot.debian.org/archive/debian/<SOURCE_DATE_EPOCH>/`.
-#### Further information
+##### Further information
See:
- https://github.com/moby/buildkit/blob/master/docs/build-repro.md
- https://github.com/docker-library/official-images/issues/16044
@@ -463,6 +463,16 @@ if (sourceDateEpoch != null) {
def extendedTimestamp = buildInstant.toString()
```
+### R
+
+```r
+if (Sys.getenv("SOURCE_DATE_EPOCH") == "") {
+ current_date <- Sys.Date()
+} else {
+ current_date <- as.Date(as.numeric(Sys.getenv("SOURCE_DATE_EPOCH")) / 86400, "1970-01-01")
+}
+```
+
### Last-resort using faketime
=====================================
_reports/2025-01.md
=====================================
@@ -0,0 +1,300 @@
+---
+layout: report
+year: "2025"
+month: "01"
+title: "Reproducible Builds in January 2025"
+draft: true
+---
+
+[![]({{ "/images/reports/2025-01/reproducible-builds.png#right" | relative_url }})]({{ "/" | relative_url }})
+
+**Welcome to the first report in 2025 report from the [Reproducible Builds]({{ "/" | relative_url }}) project!**
+
+Our monthly reports outline what we've been up to over the past month and highlight items of news from elsewhere in the world of software supply-chain security when relevant. As usual, though, if you are interested in contributing to the Reproducible Builds project, please visit our [*Contribute*]({{ "/contribute/" | relative_url }}) page on our website.
+
+<!--
+
+**Table of contents:**
+
+FIXME
+
+-->
+
+---
+
+### [*reproduce.debian.net*](https://reproduce.debian.net/)
+
+[![]({{ "/images/reports/2025-01/reproduce.png#right" | relative_url }})](https://reproduce.debian.net)
+
+The last few months saw the introduction of [*reproduce.debian.net*](https://reproduce.debian.net). Announced at the recent [Debian MiniDebConf in Toulouse](https://toulouse2024.mini.debconf.org/), *reproduce.debian.net* is an instance of [*rebuilderd*](https://github.com/kpcyrd/rebuilderd) operated by the Reproducible Builds project. Powering that is *rebuilderd*, our server designed monitor the official package repositories of Linux distributions and attempt to reproduce the observed results there.
+
+This month, however, we are pleased to announce that in addition to the existing [*amd64.reproduce.debian.net*](https://amd64.reproduce.debian.net) and [*i386.reproduce.debian.net*](https://i386.reproduce.debian.net) architecture-specific pages, we now build for a three more architectures (for a total of five) — [`arm64`](https://arm64.reproduce.debian.net/) [`armhf`](https://armhf.reproduce.debian.net/) and [`riscv64`](https://riscv64.reproduce.debian.net/).
+
+<br>
+
+### Two new academic papers
+
+[![]({{ "/images/reports/2025-01/icse25_rb.png#right" | relative_url }})](https://www.cs.cmu.edu/~ckaestne/pdf/icse25_rb.pdf)
+
+Giacomo Benedetti, Oreofe Solarin, Courtney Miller, Greg Tystahl, William Enck, Christian Kästner, Alexandros Kapravelos, Alessio Merlo and Luca Verderame published an interesting article recently. Titled [*An Empirical Study on Reproducible Packaging in Open-Source Ecosystem*](https://www.cs.cmu.edu/~ckaestne/pdf/icse25_rb.pdf), the abstract outlines its optimistic findings:
+
+> [We] identified that with relatively straightforward infrastructure configuration and patching of build tools, we can achieve very high rates of reproducible builds in all studied ecosystems. We conclude that if the ecosystems adopt our suggestions, the build process of published packages can be independently confirmed for nearly all packages without individual developer actions, and doing so will prevent significant future software supply chain attacks.
+
+The [entire PDF](https://www.cs.cmu.edu/~ckaestne/pdf/icse25_rb.pdf) is available online to view.
+
+<br>
+
+[![]({{ "/images/reports/2025-01/2025-MSR-reproducibility.png#right" | relative_url }})](https://hal.science/hal-04913007)
+
+In addition, Julien Malka, Stefano Zacchiroli and Théo Zimmermann of Télécom Paris’ in-house research laboratory, the [Information Processing and Communications Laboratory](https://www.telecom-paris.fr/en/research/labs/information-processing-ltci) (LTCI) published an article asking the question: [*Does Functional Package Management Enable Reproducible Builds at Scale?*](https://hal.science/hal-04913007).
+
+Answering strongly in the affirmative, the article's abstract reads as follows:
+
+> In this work, we perform the first large-scale study of bitwise reproducibility, in the context of the [Nix functional package manager](https://nixos.org/), rebuilding 709,816 packages from historical snapshots of the [`nixpkgs`](https://github.com/NixOS/nixpkgs) repository[. We] obtain very high bitwise reproducibility rates, between 69 and 91% with an upward trend, and even higher rebuildability rates, over 99%. We investigate unreproducibility causes, showing that about 15% of failures are due to embedded build dates. We release a novel dataset with all build statuses, logs, as well as full [*diffoscopes*](https://diffoscope.org/): recursive diffs of where unreproducible build artifacts differ.
+
+As above, the [entire PDF](https://hal.science/hal-04913007v1/file/2025-MSR-reproducibility.pdf) of the article is available to view online.
+
+<br>
+
+### Distribution work
+
+There as been the usual work in various distributions this month, such as:
+
+* [Arch Linux](https://archlinux.org/) developer *kpcyrd* has provided a [status report for January 2025](https://lists.reproducible-builds.org/pipermail/rb-general/2025-January/003641.html) related to [Arch's progress towards full reproducibility](https://reproducible.archlinux.org/). *kpcyrd* notes in particular progress towards to making a "minimal reproducible bootable system" — that is, an Arch installation containing only reproducible packages.
+
+[![]({{ "/images/reports/2025-01/debian.png#right" | relative_url }})](https://debian.org/)
+
+* 10+ reviews of Debian packages were added, 11 were updated and 10 were removed this month adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html). A number of issue types were updated also.
+
+* The [FreeBSD](https://www.freebsd.org/) Foundation announced that "a planned project to deliver zero-trust builds has begun in January 2025". Supported by the [Sovereign Tech Agency](https://www.sovereign.tech/), this project is centered on the various build processes, and that the "primary goal of this work is to enable the entire release process to run without requiring root access, and that build artifacts build reproducibly – that is, that a third party can build bit-for-bit identical artifacts." The [full announcement](https://freebsdfoundation.org/blog/zero-trust-builds-for-freebsd/) can be found online, which includes an estimated schedule and other details.
+
+[![]({{ "/images/reports/2025-01/opensuse.png#right" | relative_url }})](https://www.opensuse.org/)
+
+* Finally, for openSUSE, Bernhard M. Wiedemann [published another report](https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/PPDVJBF22DYFYI6BT7ONGHQLHUUJU7W3/) for that distribution.
+
+<br>
+
+### On our mailing list…
+
+On [our mailing list](https://lists.reproducible-builds.org/listinfo/rb-general/) this month:
+
+* Following-up to a substantial amount of previous work pertaining the [Sphinx](https://www.sphinx-doc.org/en/master/) documentation generator, [James Addison asked a question](https://lists.reproducible-builds.org/pipermail/rb-general/2025-January/003623.html) pertaining to the relationship between [`SOURCE_DATE_EPOCH`](https://reproducible-builds.org/docs/source-date-epoch/) environment variable and testing that generated a number of replies.
+
+* Adithya Balakumar of Toshiba asked a question about whether it is possible to make [`ext4`](https://en.wikipedia.org/wiki/Ext4) filesystem images reproducible. Adithya's issue is that even the smallest amount of post-processing of the filesystem results in the modification of the "Last mount" and "Last write" timestamps.
+
+* James Addison also [investigated an interesting issue](https://lists.reproducible-builds.org/pipermail/rb-general/2025-January/003637.html) surrounding our [*disorderfs*](https://salsa.debian.org/reproducible-builds/disorderfs) filesystem. In particular:
+
+ > [FUSE (Filesystem in USErspace)](https://en.wikipedia.org/wiki/Filesystem_in_Userspace) filesystems such as *disorderfs* do not delete files from the underlying filesystem when they are deleted from the overlay. This can cause seemingly straightforward tests — for example, cases that expect directory contents to be empty after deletion is requested for all files listed within them — to fail.
+
+<br>
+
+
+### Upstream patches
+
+The Reproducible Builds project detects, dissects and attempts to fix as many currently-unreproducible packages as possible. We endeavour to send all of our patches upstream where appropriate. This month, we wrote a large number of such patches, including:
+
+* Bernhard M. Wiedemann:
+
+ * [`Komikku`](https://build.opensuse.org/request/show/1238506) (nocheck)
+ * [`abseil-cpp`](https://bugzilla.opensuse.org/show_bug.cgi?id=1235867) (race)
+ * [`dunst`](https://github.com/dunst-project/dunst/pull/1435) (date)
+ * [`eclipse-egit`](https://build.opensuse.org/request/show/1239889) (jar-mtime minor)
+ * [`exaile`](https://github.com/exaile/exaile/pull/956) (race)
+ * [`gawk`](https://build.opensuse.org/request/show/1240443) (bug)
+ * [`gimp3`](https://gitlab.gnome.org/GNOME/gimp-data/-/issues/7) (png date)
+ * [`intel`](https://github.com/intel/intel-graphics-compiler/issues/359) ([ASLR](https://en.wikipedia.org/wiki/Address_space_layout_randomization))
+ * [`ioquake3`](https://github.com/ioquake/ioq3/pull/704) (`debugsource` contains date and time)
+ * [`joker`](https://build.opensuse.org/request/show/1240514) (sort)
+ * [`libchardet`](https://build.opensuse.org/request/show/1240682)
+ * [`llama.cpp`](https://github.com/ggerganov/llama.cpp/issues/11306) (random)
+ * [`llama.cpp`](https://github.com/ggerganov/llama.cpp/pull/11366) (`-march=native`-related issue)
+ * [`nethack`](https://build.opensuse.org/request/show/1234705) (race)
+ * [`netrek-client-cow`](https://build.opensuse.org/request/show/1234274) (date)
+ * [`nvidia-modprobe`](https://build.opensuse.org/request/show/1239739) (date)
+ * [`nvidia-persistenced`](https://build.opensuse.org/request/show/1239742) (date)
+ * [`obs-build`](https://github.com/openSUSE/obs-build/pull/1047) (toolchain bug, mis-parses changelog)
+ * [`perl-libconfigfile`](https://build.opensuse.org/request/show/1236852) (race)
+ * [`pgvector`](https://github.com/pgvector/pgvector/pull/764) (CPU)
+ * [`python-Django4`](https://build.opensuse.org/request/show/1240318) (FTBFS-2038)
+ * [`python-python-datamatrix`](https://bugzilla.opensuse.org/show_bug.cgi?id=1236437) (FTBFS)
+ * [`qore-ssh2-module`](https://build.opensuse.org/request/show/1240681) (GIGO-bug)
+ * [`rpm`](https://github.com/rpm-software-management/rpm/discussions/3547) (UID in `cpio` header from `rpmbuild`)
+ * [`zig`](https://github.com/ziglang/zig/issues/22663) (CPU-related issue)
+
+* Chris Lamb:
+
+ * [#1092251](https://bugs.debian.org/1092251) filed against [`kmetronome`](https://tracker.debian.org/pkg/kmetronome).
+ * [#1092917](https://bugs.debian.org/1092917) filed against [`rust-xh`](https://tracker.debian.org/pkg/rust-xh).
+ * [#1093198](https://bugs.debian.org/1093198) filed against [`parser`](https://tracker.debian.org/pkg/parser).
+ * [#1093199](https://bugs.debian.org/1093199) filed against [`parser`](https://tracker.debian.org/pkg/parser).
+ * [#1093201](https://bugs.debian.org/1093201) filed against [`rsync`](https://tracker.debian.org/pkg/rsync).
+ * [#1094611](https://bugs.debian.org/1094611) filed against [`wasistlos`](https://tracker.debian.org/pkg/wasistlos).
+
+* Egbert Eich:
+
+ * [`apptainer`](https://github.com/apptainer/apptainer/pull/2699) (randomness)
+ * [`spack`](https://build.opensuse.org/request/show/1235522) (core-count and date)
+
+* Valentin Lefebvre:
+
+ * [`uki-tool`](https://build.opensuse.org/request/show/1234742) (toolchain)
+
+* Marvin Friedrich:
+
+ * [`cargo-packaging/rusty_v8`](https://build.opensuse.org/request/show/1235463) ([upstream](https://github.com/openSUSE-Rust/cargo-packaging/pull/10) toolchain [bugfix](https://bugzilla.opensuse.org/show_bug.cgi?id=1231548))
+
+* James Addison:
+
+ * [#1092870](https://bugs.debian.org/1092870) filed against [`binutils`](https://tracker.debian.org/pkg/binutils).
+
+* Pol Dellaiera:
+
+ * PHP Ecosystem: [composer/composer#12090](https://github.com/composer/composer/pull/12090) which was then gracefully fixed by [Jordi Boggiano](https://github.com/seldaek) at [composer/composer#12263](https://github.com/composer/composer/pull/12263).
+
+<br>
+
+### [*diffoscope*](https://diffoscope.org)
+
+[![]({{ "/images/reports/2025-01/diffoscope.png#right" | relative_url }})](https://diffoscope.org/)
+
+[diffoscope](https://diffoscope.org) is our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues. This month, Chris Lamb made the following changes, including preparing and uploading versions `285`, `286` and `287` to Debian:
+
+* Security fixes:
+
+ * Validate the `--css` command-line argument to prevent a potential [Cross-site scripting](https://en.wikipedia.org/wiki/Cross-site_scripting) (XSS) attack. Thanks to Daniel Schmidt from SRLabs for the report. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/a36ee4eb)]
+ * Prevent XML entity expansion attacks. Thanks to Florian Wilkens from SRLabs for the report.. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/889597c9)][[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/c8cd8ee4)]
+ * Print a warning if we have disabled XML comparisons due to a potentially vulnerable version of `pyexpat`. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/53ac5370)]
+
+* Bug fixes:
+
+ * Correctly identify changes to only the line-endings of files; don't mark them as *Ordering differences only*. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/2236701a)]
+ * When passing files on the command line, don't call `specialize(…)` before we've checked that the files are identical or not. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/5b187ad5)]
+ * Do not exit with a traceback if paths are inaccessible, either directly, via symbolic links or within a directory. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/a5486ebd)]
+ * Don't cause a traceback if `cbfstool` extraction failed.. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/e2c21172)]
+ * Use the `surrogateescape` mechanism to avoid a `UnicodeDecodeError` and crash when any decoding `zipinfo` output that is not UTF-8 compliant. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/9a0faeed)]
+
+* Testsuite improvements:
+
+ * Don't mangle newlines when opening test fixtures; we want them untouched. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/9fa3171f)]
+ * Move to `assert_diff` in `test_text.py`. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/e20a5055)]
+
+* Misc improvements:
+
+ * Drop unused subprocess imports. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/5f3df08f)][[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/28a9d61f)]
+ * Drop an unused function in `iso9600.py`. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/061514a1)]
+ * Inline a call and check of `Config().force_details`; no need for an additional variable in this particular method. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/d4fb5f17)]
+ * Remove an unnecessary return value from the `Difference.check_for_ordering_differences` method. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/f9aced5c)]
+ * Remove unused logging facility from a few comparators. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/2836c788)]
+ * Update copyright years. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/82467745)][[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/2343ac8f)]
+
+In addition, fridtjof added support for the [ASAR](https://github.com/electron/asar) `.tar`-like archive format. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/9b426d27)][[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/92a2e60e)][[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/b8b99410)][[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/01f0189b)]
+
+<br>
+
+[*strip-nondeterminism*](https://salsa.debian.org/reproducible-builds/strip-nondeterminism) is our sister tool to remove specific non-deterministic results from a completed build. This month version `1.14.1-1` was [uploaded to Debian unstable](https://tracker.debian.org/news/1607484/accepted-strip-nondeterminism-1141-1-source-into-unstable/) by Chris Lamb, making the following the changes:
+
+* Clarify the `--verbose` and non `--verbose` output of `bin/strip-nondeterminism` so we don't imply we are normalizing files that we are not. [[…](https://salsa.debian.org/reproducible-builds/strip-nondeterminism/commit/17a5bed)]
+* Bump Standards-Version to 4.7.0. [[…](https://salsa.debian.org/reproducible-builds/strip-nondeterminism/commit/b9e5fcb)]
+
+<br>
+
+### Website updates
+
+[![]({{ "/images/reports/2025-01/website.png#right" | relative_url }})]({{ "/" | relative_url }})
+
+There were a large number of improvements made to our website this month, including:
+
+* Arnout Engelen:
+
+ * Update the link to [NixOS' reproducibility-related issue template](https://github.com/NixOS/nixpkgs/issues/new?template=10_unreproducible_package.yml) on the [NixOS-specific contribute page]({{ "/contribute/nixos/" | relative_url }}) [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/2f3a8adf)] and remove an outdated link. [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/791c3bec)]
+
+* Holger Levsen:
+
+ * Check, deduplicate, update and generally cleanup a number of presentations linked on our [*Talks & Resources*]({{ "/resources/" | relative_url }}) page. [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/2282c7bb)][[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/9c9e6a0b)][[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/5a3582e0)][[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/439f6234)]
+
+* James Addison:
+
+ * Add some file permissions hints and guidance on the [*Archive metadata*]({{ "/docs/archives/" | relative_url }}) page. [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/35ed63bc)]
+
+* Michael R. Crusoe:
+
+ * Add an [R](https://en.wikipedia.org/wiki/R_(programming_language)) example to the [`SOURCE_DATE_EPOCH` documentation]({{ "/docs/source-date-epoch/" | relative_url }}). [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/2d425f72)]
+ * Update the website's [`README`](https://salsa.debian.org/reproducible-builds/reproducible-website#readme) to make the setup command copy & paste friendly. [[…](https://salsa.debian.org/reproducible-builds/reproducible-website/commit/4cbc0195)]
+
+<br>
+
+### Reproducibility testing framework
+
+[![]({{ "/images/reports/2025-01/testframework.png#right" | relative_url }})](https://tests.reproducible-builds.org/)
+
+The Reproducible Builds project operates a comprehensive testing framework running primarily at [*tests.reproducible-builds.org*](https://tests.reproducible-builds.org) in order to check packages and other artifacts for reproducibility. In January, a number of changes were made by Holger Levsen, including:
+
+* [*reproduce.debian.net*](https://reproduce.debian.net)-related:
+
+ * **Add support for rebuilding the `armhf` architecture**. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/9cfe1429a)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/6a101d8b5)]
+ * **Add support for rebuilding the `arm64` architecture**. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/2da411c81)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/619b476e5)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/412559291)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/89f472e34)]
+ * **Add support for rebuilding the `riscv64` architecture**. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/6f78d2dac)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/6abdc5f61)]
+ * Move the `i386` builder to the `osuosl5` node. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/b4b78f803)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/c547e8fb7)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/97552fbae)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/c03f53db8)]
+ * Don't run our rebuilders on a public port. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/c1c34d03a)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/8a2b0507c)]
+ * Add database backups on all builders and add links. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/5e4605e9b)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/c673acf32)]
+ * Rework and dramatically improve the statistics collection and generation. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/8fc2409ce)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/bb79085d4)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/38d5f77ef)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/816dd47ae)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/4b88bc73e)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/61f2f9a7e)]
+ * Add contact info to the [main page](https://reproduce.debian.net) [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/ef2a8456c)], thumbnails [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/a7b01e978)] as well as the new, missing architectures. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/d46b1b0ba)]
+ * Move the `amd64` worker to the `osuosl4` and node. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/e2ab2a608)]
+ * Run the underlying `debrebuild` script under [`nice`](https://en.wikipedia.org/wiki/Nice_(Unix)). [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/6b10da810)]
+ * Try to use `TMPDIR` when calling `debrebuild`. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/ce8f11462)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/6e512cd04)]
+
+* [*buildinfos.debian.net*](https://buildinfos.debian.net/)-related:
+
+ * Stop creating `buildinfo-pool_${suite}_${arch}.list` files. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/43111425b)]
+ * Temporarily disable automatic updates of pool links. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/730869a41)]
+
+* [FreeBSD](https://www.freebsd.org/)-related:
+
+ * Fix the `sudoers` to actually permit builds. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/e6e206c61)]
+ * Disable debug output for FreeBSD rebuilding jobs. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/275c545ff)]
+ * Upgrade to FreeBSD 14.2 [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/0a1a6f9f4)] and document that `bmake` was installed on the underlying FreeBSD virtual machine image [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/572110855)].
+
+* Misc:
+
+ * Update the 'real' year to 2025. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/38492eca6)]
+ * Don't try to install a Debian *bookworm* kernel from 'backports' on the `infom08` node which is running Debian *trixie*. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/6cbac8da4)]
+ * Don't warn about system updates for systems running Debian *testing*. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/154a6b4cb)]
+ * Fix a typo in the `ZOMBIES` definition. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/a000d82d1)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/5cffecd97)]
+
+In addition:
+
+* Ed Maste modified the [FreeBSD](https://www.freebsd.org/) build system to the clean the object directory before commencing a build. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/f0497b83a)]
+
+* Gioele Barabucci updated the rebuilder stats to first add a category for network errors [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/c67beb170)] as well as to categorise failures without a [*diffoscope*](https://diffoscope.org) log [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/05c2495fa)].
+
+* Jessica Clarke also made some [FreeBSD](https://www.freebsd.org/)-related changes, including:
+
+ * Ensuring we clean up the object directory for second build as well. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/08542a237)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/9741a36b0)]
+ * Updating the `sudoers` for the relevant `rm -rf` command. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/0b246f80e)]
+ * Update the `cleanup_tmpdirs` method to to match other removals. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/259366b4e)]
+
+* Jochen Sprickerhof:
+
+ * Fix logic for old files saved on [*buildinfos.debian.net*](https://buildinfos.debian.net/). [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/554b65a01)]
+ * Rework and simplify the generation of statistics linked from [*reproduce.debian.net*](https://reproduce.debian.net). [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/293129600)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/9b2d37718)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/d6934d2a5)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/54cdd5ac8)]
+
+* Roland Clobus:
+
+ * Update the `reproducible_debstrap` job to call Debian's `debootstrap` with the full path [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/43cf9ff6a)] and to use `eatmydata` as well [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/8d3c7dc56)][[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/df5091791)].
+ * Make some changes to deduce the CPU load in the `debian_live_build` job. [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/253bfa5e1)]
+
+Lastly, both Holger Levsen [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/9170361b4)] and Vagrant Cascadian [[…](https://salsa.debian.org/qa/jenkins.debian.net/commit/665bd43de)] performed some node maintenance.
+
+
+<br>
+
+If you are interested in contributing to the Reproducible Builds project, please visit our [*Contribute*]({{ "/contribute/" | relative_url }}) page on our website. However, you can get in touch with us via:
+
+ * IRC: `#reproducible-builds` on `irc.oftc.net`.
+
+ * Mastodon: [@reproducible_builds at fosstodon.org](https://fosstodon.org/@reproducible_builds)
+
+ * Mailing list: [`rb-general at lists.reproducible-builds.org`](https://lists.reproducible-builds.org/listinfo/rb-general)
+
+ * Twitter: [@ReproBuilds](https://twitter.com/ReproBuilds)
+
=====================================
_reports/2025-02.md
=====================================
@@ -0,0 +1,16 @@
+---
+layout: report
+year: "2025"
+month: "02"
+title: "Reproducible Builds in February 2025"
+draft: true
+---
+
+* [FIXME](https://social.treehouse.systems/@marcan/113914172433692339)
+
+* FIXME: FOSDEM2025
+ * https://fosdem.org/2025/schedule/event/fosdem-2025-6479-a-tale-of-several-distros-joining-forces-for-a-common-goal-reproducible-builds/
+ * https://fosdem.org/2025/schedule/event/fosdem-2025-4430-how-reproducible-is-nixos-/
+ * https://fosdem.org/2025/schedule/event/fosdem-2025-4072-rewriting-pyc-files-for-fun-and-reproducibility//
+
+
=====================================
contribute/nixos.md
=====================================
@@ -19,7 +19,7 @@ For real-time conversations, join the [`#reproducible-builds:nixos.org`](https:/
### Reporting Issues
-Use the [issue template](https://github.com/NixOS/nixpkgs/issues/new?assignees=&labels=0.kind%3A+enhancement%2C6.topic%3A+reproducible+builds&template=unreproducible_package.md&title=) on GitHub to report your issues and hopefully, your solution.
+Use the [issue template](https://github.com/NixOS/nixpkgs/issues/new?template=10_unreproducible_package.yml) on GitHub to report your issues and hopefully, your solution.
### Additional Projects
=====================================
images/reports/2025-01/2025-MSR-reproducibility.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/2025-MSR-reproducibility.png differ
=====================================
images/reports/2025-01/debian.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/debian.png differ
=====================================
images/reports/2025-01/diffoscope.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/diffoscope.png differ
=====================================
images/reports/2025-01/icse25_rb.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/icse25_rb.png differ
=====================================
images/reports/2025-01/opensuse.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/opensuse.png differ
=====================================
images/reports/2025-01/reproduce.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/reproduce.png differ
=====================================
images/reports/2025-01/reproducible-builds.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/reproducible-builds.png differ
=====================================
images/reports/2025-01/testframework.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/testframework.png differ
=====================================
images/reports/2025-01/website.png
=====================================
Binary files /dev/null and b/images/reports/2025-01/website.png differ
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/compare/ceee7b280fdf3ac8817e3b749eb80f2a9956a9dc...baa910b3a63e2e04865aa3c3ffafa9dbc8d16052
--
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/compare/ceee7b280fdf3ac8817e3b749eb80f2a9956a9dc...baa910b3a63e2e04865aa3c3ffafa9dbc8d16052
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20250203/7b202400/attachment.htm>
More information about the rb-commits
mailing list