Will Ubuntu use "reproducible builds" as debian is planning to do?
Braiam Miguel Peguero Novo
braiamp at gmail.com
Wed Sep 11 16:26:28 UTC 2013
Hi all,
This is a question that was brought up at AskUbuntu[1], and I think
this is the authoritative list that can answer it.
So, what are reproducible builds? I don't have the less idea... The
Debian wiki [2] is still a work-in-progress as far I can tell, but
seems like they are trying to "predict" the binaries from the change
in the sources and verify that the build bots are not compromised. I
believe this is trying to be a layer of protection against attacks to
the build bots in the attempt to compromise with foreign code the
packages.
The question is: will Canonical support this feature in the future? is
this being discussed? if it is, what is the status?
Any other question that derive from this is welcomed.
Just as a kind reminder, but I'm not subscribed to the list, so any
response has to include me in the sender value.
[1]: http://askubuntu.com/q/344296/169736
[2]: https://wiki.debian.org/ReproducibleBuilds
--
Braiam Peguero
More information about the ubuntu-devel
mailing list