Techly NewsGet the app

Get the latest tech news

Towards Idempotent Rebuilds?


After rebuilding all added/modified packages in Trisquel, I have been circling around the elephant in the room: 99% of the binary packages in Trisquel comes from Ubuntu, which to a large extent are built from Debian source packages. Is it possible to rebuild the official binary packages identically? Does anyone make an effort to do so? Does anyone care about going through the differences between the official package and a rebuilt version? Reproducible-build.org‘s effort to track reproducibility bugs in Debian (and other systems) is amazing.

During my earlier work I created a project called debdistreproduce which performs rebuilds of the difference between two distributions in a GitLab pipeline, and display diffoscope output for further analysis. Debdistrebuild has rebuilt the top-50 popcon packages from Debian bullseye, bookworm and trixie, on amd64 and arm64, as well as Ubuntu jammy and noble on amd64, see the summary status page for links. This entry was posted in general and tagged bootstrappable, debian, gitlab, gnu, guix, pureos, reproducible, supply-chain, trisquel, ubuntu by simon.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Idempotent Rebuilds

Idempotent Rebuilds

« ‘This American Life’ Shifts Podcast Ad Sales to National Public Media
Using the 5S Principle in Coding »