Wednesday, 11 September 2013

Will Ubuntu use "reproducible builds" as debian is planning to do?

Hi all,

This is a question that was brought up at AskUbuntu[1], and I think
this is the authoritative list that can answer it.

So, what are reproducible builds? I don't have the less idea... The
Debian wiki [2] is still a work-in-progress as far I can tell, but
seems like they are trying to "predict" the binaries from the change
in the sources and verify that the build bots are not compromised. I
believe this is trying to be a layer of protection against attacks to
the build bots in the attempt to compromise with foreign code the
packages.

The question is: will Canonical support this feature in the future? is
this being discussed? if it is, what is the status?

Any other question that derive from this is welcomed.

Just as a kind reminder, but I'm not subscribed to the list, so any
response has to include me in the sender value.

[1]: http://askubuntu.com/q/344296/169736
[2]: https://wiki.debian.org/ReproducibleBuilds

--
Braiam Peguero

--
ubuntu-devel mailing list
[email protected]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel