Possible new category for non-reproducible builds: --build-id=sha1

Roland Clobus rclobus at rclobus.nl
Sat Apr 24 15:59:07 UTC 2021


Hello list,

I've looked the reproducible report for apt-cacher-ng [1].
It looks like it is caused by a linker flag: -Wl,--build-id=sha1

I did not see a category for this type of difference. There are 31
packages [2] that use the same linker flag.

How to fix this category of issue? As I understand it, this linker flag
was introduced at Red Hat [3] to have unique identifier for builds of a
package. The formula appears not to be very clear [4].

It could be solved by changing the linker, or by changing the build
configuration of each package.

With kind regards,
Roland Clobus

[1]
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/i386/diffoscope-results/apt-cacher-ng.html
[2] https://codesearch.debian.net/search?q=-Wl%2C--build-id%3Dsha1
[3]
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/developer_guide/compiling-build-id
[4]
https://stackoverflow.com/questions/41743295/elf-build-id-is-there-a-utility-to-recompute-it

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20210424/b8c8bda1/attachment.sig>


More information about the rb-general mailing list