Re: unexpected reproducibility of reproducible blog post?

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: unexpected reproducibility of reproducible blog post?

From:	Ludovic Courtès
Subject:	Re: unexpected reproducibility of reproducible blog post?
Date:	Tue, 05 May 2020 12:06:22 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

Hi,

Konrad Hinsen <address@hidden> skribis:

> I looked a bit at grafts. The documentation at
>
>   https://guix.gnu.org/manual/en/html_node/Security-Updates.html
>
> isn't very explicit about the reproducibility of grafts. In particular,
> it doesn't say if a package containing patched binaries retains its
> original hash, or receives a new unique one. With a unique hash, grafts
> would just be a tweak in the build system, and no less reproducible than
> standard builds. It looks like I have to dive into the source code to
> find out!

Grafts are normal derivations, and they’re deterministic: it’s just
about replacing a set of strings by another set of strings.

On the implementation, see also
<https://guix.gnu.org/blog/2016/timely-delivery-of-security-updates/>.
I’m also preparing a post of the recent (pre-1.1.0) changes in that
area.

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: unexpected reproducibility of reproducible blog post?, Konrad Hinsen, 2020/05/04
- Re: unexpected reproducibility of reproducible blog post?, zimoun, 2020/05/04
- Re: unexpected reproducibility of reproducible blog post?, Ludovic Courtès <=
  - Re: unexpected reproducibility of reproducible blog post?, Konrad Hinsen, 2020/05/05

Prev by Date: Re: 18/36: services: hurd: Add dummy loopback.
Next by Date: Re: Packaging ‘clang-tools-extra’ (‘clang-tidy’, etc.)
Previous by thread: Re: unexpected reproducibility of reproducible blog post?
Next by thread: Re: unexpected reproducibility of reproducible blog post?
Index(es):
- Date
- Thread