[Git][reproducible-builds/reproducible-website][master] 2024-12: small fixes

FC (Fay) Stegerman (@obfusk) gitlab at salsa.debian.org
Tue Jan 7 01:41:21 UTC 2025 


FC (Fay) Stegerman pushed to branch master at Reproducible Builds / reproducible-website


Commits:
652914da by FC (Fay) Stegerman at 2025-01-07T01:41:20+00:00
2024-12: small fixes
- - - - -


1 changed file:

- _reports/2024-12.md


Changes:

=====================================
_reports/2024-12.md
=====================================
@@ -48,7 +48,7 @@ On [our mailing list](https://lists.reproducible-builds.org/listinfo/rb-general/
 
 * Longstanding contributor [David A. Wheeler](https://dwheeler.com) wrote to our list announcing the release of the "[Census III of Free and Open Source Software: Application Libraries](https://www.linuxfoundation.org/research/census-iii)" report written by Frank Nagle, Kate Powell, Richie Zitomer and David himself. As [David writes in his message](https://lists.reproducible-builds.org/pipermail/rb-general/2024-December/003604.html), the report attempts to "answer the question 'what is the most popular Free and Open Source Software (FOSS)?'".
 
-* Lastly, `kpcyrd` followed-up to [a post from September 2024](https://lists.reproducible-builds.org/pipermail/rb-general/2024-September/003530.html) which mentioned their desire for "someone" to implement of a "feature would be a hashset of allowed module hashes that is generated during the kernel build and then embedded in the kernel image", thus enabling a deterministic and reproducible build. However, they are now reporting that "somebody implemented the hash-based allow list feature and [submitted it to the Linux kernel mailing list](https://lore.kernel.org/lkml/20241225-module-hashes-v1-0-d710ce7a3fd1@weissschuh.net/)". Like, `kpcyrd`, we hope it gets merged.
+* Lastly, `kpcyrd` followed-up to [a post from September 2024](https://lists.reproducible-builds.org/pipermail/rb-general/2024-September/003530.html) which mentioned their desire for "someone" to implement "a hashset of allowed module hashes that is generated during the kernel build and then embedded in the kernel image", thus enabling a deterministic and reproducible build. However, they are now reporting that "somebody implemented the hash-based allow list feature and [submitted it to the Linux kernel mailing list](https://lore.kernel.org/lkml/20241225-module-hashes-v1-0-d710ce7a3fd1@weissschuh.net/)". Like, `kpcyrd`, we hope it gets merged.
 
 <br>
 
@@ -71,8 +71,8 @@ A PDF of [Mehdi's entire thesis](https://research.tudelft.nl/files/221939594/meh
 [diffoscope](https://diffoscope.org) is our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues. This month, Chris Lamb made the following changes, including preparing and uploading versions `283` and `284` to Debian:
 
 * Update copyright years. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/d6868b26)]
-* Update tests to support file 5.46. (Closes: reproducible-builds/diffoscope#395). [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/06f00adc)]
-* Simplify tests_quines.py::test_{differences,differences_deb} to simply use assert_diff and not mangle the test fixture. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/fef20236)]
+* Update tests to support file 5.46. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/-/issues/395)][[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/06f00adc)]
+* Simplify `tests_quines.py::test_{differences,differences_deb}` to simply use assert_diff and not mangle the test fixture. [[…](https://salsa.debian.org/reproducible-builds/diffoscope/commit/fef20236)]
 
 <br>
 
@@ -82,7 +82,7 @@ A PDF of [Mehdi's entire thesis](https://research.tudelft.nl/files/221939594/meh
 
 A significant supply-chain attack impacted [Solana](https://solana.com/), an ecosystem for decentralised applications running on a blockchain.
 
-Hackers targeted the [@solana/web3.js](https://solana-labs.github.io/solana-web3.js/) JavaScript library and embedded malicious code that extracted private keys and drained funds from cryptocurrency wallets. According to some reports, about [$160,000 worth of assets](https://solscan.io/account/FnvLGtucz4E1ppJHRTev6Qv4X7g8Pw6WPStHCcbAKbfx#portfolio) were stolen, not including including SOL tokens and other crypto assets.
+Hackers targeted the [@solana/web3.js](https://solana-labs.github.io/solana-web3.js/) JavaScript library and embedded malicious code that extracted private keys and drained funds from cryptocurrency wallets. According to some reports, about [$160,000 worth of assets](https://solscan.io/account/FnvLGtucz4E1ppJHRTev6Qv4X7g8Pw6WPStHCcbAKbfx#portfolio) were stolen, not including SOL tokens and other crypto assets.
 
 <br>
 
@@ -200,7 +200,7 @@ The Reproducible Builds project detects, dissects and attempts to fix as many cu
 reprotest version `0.7.29` was [uploaded to Debian unstable](https://tracker.debian.org/news/1597407/accepted-reprotest-0729-source-into-unstable/) by Vagrant Cascadian. It [included contributions already covered in previous months](https://salsa.debian.org/reproducible-builds/reprotest/commits/debian/0.7.29) as well as new ones from Rebecca N. Palmer in particular, such as:
 
 * as_file is not a method. [[…](https://salsa.debian.org/reproducible-builds/reprotest/commit/8e3b98a)]
-* Stop using pkg_resources. (Closes: #1083743). [[…](https://salsa.debian.org/reproducible-builds/reprotest/commit/ef549aa)]
+* Stop using pkg_resources. [[…](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083743)][[…](https://salsa.debian.org/reproducible-builds/reprotest/commit/ef549aa)]
 * tests: use a non-constant-address object to test address capture. [[…](https://salsa.debian.org/reproducible-builds/reprotest/commit/690daaf)]
 
 <br>



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/652914da99528122512f513798060ba33b80cf13

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/652914da99528122512f513798060ba33b80cf13
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20250107/17e75157/attachment.htm>

More information about the rb-commits mailing list