"Reproducible build" definition in OpenSSF glossary
Ismael Luceno
ismael at iodev.co.uk
Wed Jul 2 14:38:12 UTC 2025
On 02/Jul/2025 09:34, Simon Josefsson via rb-general wrote:
<...>
> The Debian LiveCD doesn't fulfil your requirements. It is built from
> pre-built binaries, some of them cannot be rebuilt reproducible, and
> some of them we don't have source code for. This is not a bug that
> Debian community desire to see fixed, it is is encoded in the social
> contract (which of course could be modified again, but that's another
> discussion..).
>
> I think the Debian LiveCD build process is reproducible enough to be
> allowed to use some reproducibility term. We've seen a lot of
> fragmentation in the FOSS community over the years on fairly minor
> philosophical grounds, while strongly proprietary systems like iPhone or
> Windows wins ground. I'm hoping we can defragment the reproducible
> build situation by inventing terminology that covers different
> situations.
Or we could do productive things like moving blobs somewhere else.
What are the technical limitations preventing blobs to live in a
secondary image?
More information about the rb-general
mailing list