[Git][reproducible-builds/reproducible-presentations][nevermind-the-checkboxes] 9 commits: nevermind the checkboxes: tweak a lot of slides.

Vagrant Cascadian (@vagrant) gitlab at salsa.debian.org
Thu Jul 24 22:04:40 UTC 2025 


Vagrant Cascadian pushed to branch nevermind-the-checkboxes at Reproducible Builds / reproducible-presentations


Commits:
45a73987 by Vagrant Cascadian at 2025-07-24T14:26:40-07:00
nevermind the checkboxes: tweak a lot of slides.

- - - - -
ef869b98 by Vagrant Cascadian at 2025-07-24T14:27:29-07:00
nevermind the checkboxes: add a goal in the comment

- - - - -
f5d52f60 by Vagrant Cascadian at 2025-07-24T14:29:24-07:00
nevermind the checkboxes: obsessively whitespaced.

- - - - -
3fa850ae by Vagrant Cascadian at 2025-07-24T14:37:01-07:00
nevermind the checkboxes: bullet points gradually revealed.

- - - - -
c857d6fc by Vagrant Cascadian at 2025-07-24T14:38:15-07:00
nevermind the checkboxes: They might be punks?

- - - - -
89eb1301 by Vagrant Cascadian at 2025-07-24T14:38:52-07:00
nevermind the checkboxes: More overlaying.

- - - - -
4c6fd90c by Vagrant Cascadian at 2025-07-24T14:55:39-07:00
nevermind the checkboxes: Move reproducible builds definition later,
expand on it and the relationship to free software.

- - - - -
7842c723 by Vagrant Cascadian at 2025-07-24T14:57:22-07:00
nevermind the checkboxes: fix image link

- - - - -
ff5bcaf2 by Vagrant Cascadian at 2025-07-24T14:57:41-07:00
nevermind the checkboxes: started text for reg'lr BOM.

- - - - -


1 changed file:

- 2025-08-02-fossy-nevermind-the-checkboxes/Nevermind-the-Checkboxes-heres-Reproducible-Builds.org


Changes:

=====================================
2025-08-02-fossy-nevermind-the-checkboxes/Nevermind-the-Checkboxes-heres-Reproducible-Builds.org
=====================================
@@ -41,6 +41,16 @@ security benefits, and remove the need to trust arbitrary software
 vendors.
 #+END_comment
 
+#+BEGIN_comment
+The goal of this talk is...
+
+To describe how elements of the punk movement (autonomy and
+independence, DIY ethic, mutual aid and community) can be applied to
+various compliance regimes (CRA, ISO9000, Whitehouse Executive order
+???) are in many ways thoroughly and practically addressed by the use
+Reproducible Builds and FOSS.
+#+END_comment
+
 * Cover Art
 
 ** image
@@ -73,48 +83,44 @@ FIXME
 	:BEAMER_col: 0.3
 	:END:
 
-FIXME We do reproducible builds.
+FIXME We do reproducible builds. Maybe punks, Maybe not.
 
 
-* Reproducible Builds
-** text
-    :PROPERTIES:
-    :BEAMER_col: 0.7
-    :END:
-
-https://reproducible-builds.org/docs/definition/
+* What the punk
 
-\vspace{\baselineskip}
+Autonomy
 
-A build is reproducible if given the same source code, build
-environment and build instructions, any party can recreate bit-by-bit
-identical copies of all specified artifacts.
 
-** image
-    :PROPERTIES:
-    :BEAMER_col: 0.3
-    :END:
+* What the punk
 
-[[./images/reproducible-builds.png]]
+Independence
 
 
 * What the punk
 
-Autonomy
-Independence
-DIY
 Mutual Aid
+
+
+* What the punk
+
 Community
 
 
+* What the punk
+
+DIY
+
+
 * Physical Supply chains
 
+Objects moving through space, from location to location
+
 ** img
     :PROPERTIES:
     :BEAMER_col: 0.7
     :END:
 
-[[./images/Supply_and_demand_network_(en).svg]]
+[[./images/Supply_and_demand_network.png]] FIXME
 
 
 * Chained to your Supply
@@ -125,9 +131,41 @@ A software supply chain is the components, libraries, tools, and
 processes used to develop, build, and publish a software artifact.
 
 
-* SBOM
+* Virtually Supplied Chains?
+
+Electrons moving across wires
+
+#+ATTR_BEAMER: :overlay <+->
+- ...
+- near instantaneous delivery
+- trivially duplicated
+
+
+* Straining the Supply Chain Anology
+
+** text
+	:PROPERTIES:
+	:BEAMER_col: 0.4
+	:END:
+
+Software is nearly infinitely and instantaneously duplicated and transmitted
+
+** text
+	:PROPERTIES:
+	:BEAMER_col: 0.4
+	:END:
+
+Hardware gets moved around slowly, requires many steps to duplicate
+
+
+* Billy O Material
+
+A Bill of Materials (BOM) declares... FIXME
+
+
+* Software Bill Of imMaterials
 
-A software bill of materials (SBOM) declares the inventory of
+A Software Bill of Materials (SBOM) declares the inventory of
 components used to build a software artifact, including any open
 source and proprietary software components. It is the software
 analogue to the traditional manufacturing BOM, which is used as part
@@ -139,18 +177,86 @@ of supply chain management.
 https://en.wikipedia.org/wiki/Cyber_Resilience_Act
 https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=OJ:L_202402847
 
+#+ATTR_BEAMER: :overlay <+->
+- ...
+- Voluntary self assessment
+
+
+* ISO9000 and OpenChain
+
+ISO9000
+
+openchain.com
+
+So. Many. Checkboxes.
+
+
+* Executively Ordered
+
+whitehouse executive order firmly establishing concepts like SBOM
+
 
 * The Materiality of Software
 
 SBOM
 
+#+ATTR_BEAMER: :overlay <+->
+- ...
 - list of software dependencies
 - may be obfuscated!!!
 
+* Reproducible Builds Defined
+** text
+    :PROPERTIES:
+    :BEAMER_col: 0.7
+    :END:
+
+https://reproducible-builds.org/docs/definition/
+
+\vspace{\baselineskip}
+
+A build is reproducible if given the same source code, build
+environment and build instructions, any party can recreate bit-by-bit
+identical copies of all specified artifacts.
+
+** image
+    :PROPERTIES:
+    :BEAMER_col: 0.3
+    :END:
+
+[[./images/reproducible-builds.png]]
+
+
+* What is needed for Reproducible Builds
+
+A build is reproducible if given the same source code, build
+environment and build instructions, any party can recreate bit-by-bit
+identical copies of all specified artifacts.
+
+#+ATTR_BEAMER: :overlay <+->
+- ...
+- Source Code
+- Software used during build (build environment)
+- Instructions on how to perform the build
+- Any party (e.g. any third party)
+
+
+* Have I heard this before
+
+Requirements for Reproducible Builds and Free and Open Source Software
+overlap!
+
 
 * Reproducible Builds
 
-Allows Independent verification of SBOM
+Reproducible builds of Free and Open Source Software
+
+#+ATTR_BEAMER: :overlay <+->
+- ...
+- Autonomy and Independence
+- Mutual Aid
+- DIY
+- Community
 
 
 * Thanks
@@ -176,3 +282,7 @@ https://reproducible-builds.org/who/sponsors
 
   To view a copy of this license, visit
   https://creativecommons.org/licenses/by-sa/4.0/
+
+  FIXME covert art derived from wikipedia nevermind the bollocks here's the sex pistols
+
+  FIXME from wikipedia Supply_and_demand_network_(en).???



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-presentations/-/compare/b81b94c5fc14a76c2e0c8411942947cbe7a2523e...ff5bcaf263bfec036bf36d31f919d2866d9d1663

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-presentations/-/compare/b81b94c5fc14a76c2e0c8411942947cbe7a2523e...ff5bcaf263bfec036bf36d31f919d2866d9d1663
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20250724/d6280bef/attachment.htm>

More information about the rb-commits mailing list