Possible new category for non-reproducible builds: --build-id=sha1

Roland Clobus rclobus at rclobus.nl
Sat Apr 24 15:59:07 UTC 2021

Hello list,

I've looked the reproducible report for apt-cacher-ng [1].
It looks like it is caused by a linker flag: -Wl,--build-id=sha1

I did not see a category for this type of difference. There are 31
packages [2] that use the same linker flag.

How to fix this category of issue? As I understand it, this linker flag
was introduced at Red Hat [3] to have unique identifier for builds of a
package. The formula appears not to be very clear [4].

It could be solved by changing the linker, or by changing the build
configuration of each package.

With kind regards,
Roland Clobus

[2] https://codesearch.debian.net/search?q=-Wl%2C--build-id%3Dsha1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20210424/b8c8bda1/attachment.sig>

More information about the rb-general mailing list