What happened in the reproducible builds effort this week: Toolchain fixes
- Scott Kitterman uploaded python3-defaults/3.4.3-7 which changes
py3versions to list versions in a consistent order. Issue reported by Santiago Vila with a tentative patch by Chris Lamb. Sadly, it appears the problem is not entirely solved.
- Martin Pitt uploaded init-system-helpers/1.24 which makes the order of unit files in maintainer scripts stable. Original patch by Reiner Herrmann.
- Niko Tyni uploaded libextutils-xsbuilder-perl/0.28-3 which makes the generated XS code reproducible.
Pod::Man. This would complement or replace the previously implemented
POD_MAN_DATEenvironment variable in a more generic way. Niko Tyni proposed a fix to prevent mtime variation in directories due to debhelper usage of
cp --parents -p. Packages fixed The following 119 packages became reproducible due to changes in their build dependencies: aac-tactics, aafigure, apgdiff, bin-prot, boxbackup, calendar, camlmix, cconv, cdist, cl-asdf, cli-common, cluster-glue, cppo, cvs, esdl, ess, faucc, fauhdlc, fbcat, flex-old, freetennis, ftgl, gap, ghc, git-cola, globus-authz-callout-error, globus-authz, globus-callout, globus-common, globus-ftp-client, globus-ftp-control, globus-gass-cache, globus-gass-copy, globus-gass-transfer, globus-gram-client, globus-gram-job-manager-callout-error, globus-gram-protocol, globus-gridmap-callout-error, globus-gsi-callback, globus-gsi-cert-utils, globus-gsi-credential, globus-gsi-openssl-error, globus-gsi-proxy-core, globus-gsi-proxy-ssl, globus-gsi-sysconfig, globus-gss-assist, globus-gssapi-error, globus-gssapi-gsi, globus-net-manager, globus-openssl-module, globus-rsl, globus-scheduler-event-generator, globus-xio-gridftp-driver, globus-xio-gsi-driver, globus-xio, gnome-control-center, grml2usb, grub, guilt, hgview, htmlcxx, hwloc, imms, kde-l10n, keystone, kimwitu++, kimwitu-doc, kmod, krb5, laby, ledger, libcrypto++, libopendbx, libsyncml, libwps, lprng-doc, madwimax, maria, mediawiki-math, menhir, misery, monotone-viz, morse, mpfr4, obus, ocaml-csv, ocaml-reins, ocamldsort, ocp-indent, openscenegraph, opensp, optcomp, opus, otags, pa-bench, pa-ounit, pa-test, parmap, pcaputils, perl-cross-debian, prooftree, pyfits, pywavelets, pywbem, rpy, signify, siscone, swtchart, tipa, typerep, tyxml, unison2.32.52, unison2.40.102, unison, uuidm, variantslib, zipios++, zlibc, zope-maildrophost. The following packages became reproducible after getting fixed:
- autoconf2.13/2.13-67 uploaded by Ben Pfaff, original patch by Santiago Vila.
- ding/1.8-3 by Roland Rosenfeld.
- dropbear/2015.68-1 by Guilhem Moulin. First set of patches (#777324, #793006) by Chris Lamb and akira.
- nvram-wakeup/1.1-3 by Tobias Grimm.
- original-awk/2012-12-20-5 by Santiago Vila.
- resiprocate/1:1.10.0-1 uploaded by Daniel Pocock, patch by Reiner Herrmann merged upstream.
- sbuild/0.66.0-5 by Johannes Schauer, reported by Jakub Wilk.
- scribus/1.4.5+dfsg1-4 by Mattia Rizzolo.
- sgmltools-lite/18.104.22.168.cvs.20010909-19 by Santiago Vila.
- unicode-data/8.0-2 uploaded by Alastair McKinstry, original patch by Esa Peuha.
- xmoto/0.5.11+dfsg-3 by Stephen Kitt.
- mp4h/1.3.1-11 by Axel Beckert (shared memory issue on
- nvidia-graphics-drivers-legacy-304xx/304.128-5 by Andreas Beckmann (non-free).
- #801520 on libapache2-mod-perl2 by Niko Tyni: sort the list of files used to build the documentation.
- #801523 on perl by Niko Tyni: sort the list of input files in
PPPort_xs.PL. Forwarded upstream.
- #801864 on ncurses by Esa Peuha: use C locale when sorting the list of keys.
- #802042 on libchado-perl by Niko Tyni: sort keys in installed configuration file.
amd64packages has been lowered from 14 to 7 days, thanks to the increase of hardware resources sponsored by ProfitBricks last week. (h01ger) diffoscope development diffoscope version 37 has been released on October 15th. It adds support for two new file formats (CBFS images and Debian
.dscfiles). After proposing the required changes to TLSH, fuzzy hashes are now computed incrementally. This will avoid reading entire files in memory which caused problems for large packages. New tests have been added for the command-line interface. More character encoding issues have been fixed. Malformed
md5sumswill now be compared as binary files instead of making diffoscope crash amongst several other minor fixes. Version 38 was released two days later to fix the versioned dependency on python3-tlsh. strip-nondeterminism development strip-nondeterminism version 0.013-1 has been uploaded to the archive. It fixes an issue with nonconformant PNG files with trailing garbage reported by Roland Rosenfeld. disorderfs development disorderfs version 0.4.1-1 is a stop-gap release that will disable lock propagation, unless
--share-locks=yesis specified, as it still is affected by unidentified issues. Documentation update Lunar has been busy creating a proper website for
reproducible-builds.orgthat would be a common location for news, documentation, and tools for all free software projects working on reproducible builds. It's not yet ready to be published, but it's surely getting there. Package reviews 103 reviews have been removed, 394 added and 29 updated this week. 72 FTBFS issues were reported by Chris West and Niko Tyni. New issues: random_order_in_static_libraries, random_order_in_md5sums.