[rb-general] Reproducible builds required for CII Best Practices gold badge

[David A. Wheeler]

I think most of you know that the Linux Foundation runs the Core Infrastructure Initiative (CII).  The CII has done a number of things, including creating a "best practices badge" where FLOSS projects that do certain good practices can earn a badge.  If your project doesn't have a badge, I urge you to get one, but that's not why I'm posting.

The "CII Best Practices" badge has 3 badge levels: passing, silver, and gold. I thought you might like to know that the "gold" level requires reproducible builds.  You can see the details here:
https://github.com/coreinfrastructure/best-practices-badge/blob/master/doc/other.md#build_reproducible

This is yet another argument that people think that reproducible builds are a good thing! You might want to use that as an additional argument for creating reproducible builds.

Here are some more details, in case you find them useful:

* The "silver" level requires a "repeatable" build, which is a weaker requirement than a reproducible build and is intended to be a stepping stone towards a fully reproducible build: https://github.com/coreinfrastructure/best-practices-badge/blob/master/doc/other.md#build_repeatable
* People can get a badge by starting at the badge website: https://bestpractices.coreinfrastructure.org
* You can see lots of best practices details on its project page: https://github.com/coreinfrastructure/best-practices-badge/

Thanks for all your hard work!  I look forward to seeing more binaries that are reproducible.

--- David A. Wheeler