Journal article in reproducible builds
Ludovic Courtès
ludo at gnu.org
Fri Dec 2 13:53:30 UTC 2022
Hi,
Simon Butler via rb-general <rb-general at lists.reproducible-builds.org>
skribis:
> I'm pleased to announce that Software Quality Journal have published a
> article on reproducible builds. The article is open access and is at
> https://link.springer.com/article/10.1007/s11219-022-09607-z
Thanks for the well-documented and insightful read!
In the “Findings” section, you write:
We identified three areas in which R-Bs are or may be of value as
day-to-day software engineering practices within the six businesses.
The first is the verification of software binaries distributed by OSS
projects. Much of the OSS used in systems we develop is built from
source, in some cases we are building on the software before
contributing revisions upstream, or there is a need to audit the
source code for reasons including licensing and security.
Would you be able to estimate, within those companies, the extent to
which engineers resort to building from source as opposed to fetching
pre-built binaries from Debian, PyPI, Conda, DockerHub, etc.?
Thanks,
Ludo’.
More information about the rb-general
mailing list