[rb-general] Change front page definition

David A. Wheeler dwheeler at dwheeler.com
Thu Apr 18 23:03:18 CEST 2019

> On Thu, Apr 04, 2019 at 11:25:25AM -0400, David A. Wheeler wrote:
> > The front page has this definition:
> > > Reproducible builds are a set of software development practices that create an independently-verifiable path from source to binary code.
> > The word "path" here is confusing.  A "path" can be interpreted as being a "process", so it sounds like the only requirement is that you can rerun the *process*.  But that's not enough to be reproducible - you have to have identical *results*!  That is not at all clear from this definition.

On Thu, 18 Apr 2019 19:44:04 +0000, Holger Levsen <holger at layer-acht.org> wrote:
> it's a front page, the details are somewhere else. As you are well
> aware, reproducible-builds are full of details.


True, but I think it can be improved.

> > That front page links to a different definition:
> > > A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.
> > I like this definition much more; it is much less ambiguous.  You could add "(e.g., executables)." after "artifacts" if you think that artifacts is too abstract.
> > 
> > Can we simply copy this definition to the front page & use this definition instead on https://reproducible-builds.org/ ?
> maybe. though I do like 'a set of software development practices' on the
> frontpage, as it implies that there are (or can be) several practices
> which lead to r-b results.

Okay.  I think part of the problem is that "reproducible builds" is one thing,
the *reason* they exist is another,
and the "reproducible builds project" is yet something else.  How about this?:

A build is reproducible if given the same source code, build environment, and build instructions, any party can independently verify all specified artifacts it produces (e.g., executables) by recreating bit-by-bit identical copies.  Reproducible builds help counter both unintentional errors and malicious builds.  The reproducible builds project is developing a set of recommended software development practices and tools to enable all builds to be reproducible.

--- David A. Wheeler

More information about the rb-general mailing list