Hi, Quoting Johannes Schauer Marin Rodrigues (2021-12-28 09:38:51) > since this bug has not seen maintainer action for several months now and > because fontconfig is one of the last remaining bits that make a > Priority:Standard chroot unreproducible, I'd like to propose to NMU > fontconfig with the attached patch. > > Essentially, I took the patch by Chris Lamb and modified it so that > uuid_generate_sha1() will be used if SOURCE_DATE_EPOCH is set. The original > behaviour is retained without SOURCE_DATE_EPOCH being set. This should be the > solution with zero impact on normal installations while making those > installations that care (like reproducible chroot or image creation) > reproducible. > > If I don't get a NACK from you on this, I plan to upload to DELAYED/10 in two > weeks.
I just uploaded fontcontig to DELAYED/10 with the attached debdiff. Thanks! cheers, josch
diff -Nru fontconfig-2.13.1/debian/changelog fontconfig-2.13.1/debian/changelog --- fontconfig-2.13.1/debian/changelog 2020-05-15 12:55:02.000000000 +0200 +++ fontconfig-2.13.1/debian/changelog 2022-01-12 07:49:42.000000000 +0100 @@ -1,3 +1,10 @@ +fontconfig (2.13.1-4.3) unstable; urgency=medium + + * Non-maintainer upload. + * Make cache files reproducible if SOURCE_DATE_EPOCH is set (closes: #864082) + + -- Johannes Schauer Marin Rodrigues <jo...@debian.org> Wed, 12 Jan 2022 07:49:42 +0100 + fontconfig (2.13.1-4.2) unstable; urgency=medium * Non-maintainer upload. diff -Nru fontconfig-2.13.1/debian/patches/0001-Make-the-cache-filenames-determinstic.patch fontconfig-2.13.1/debian/patches/0001-Make-the-cache-filenames-determinstic.patch --- fontconfig-2.13.1/debian/patches/0001-Make-the-cache-filenames-determinstic.patch 1970-01-01 01:00:00.000000000 +0100 +++ fontconfig-2.13.1/debian/patches/0001-Make-the-cache-filenames-determinstic.patch 2022-01-12 07:49:31.000000000 +0100 @@ -0,0 +1,49 @@ +From 70565e0f73d116a2a9523146228efcca1e76b016 Mon Sep 17 00:00:00 2001 +From: Chris Lamb <ch...@chris-lamb.co.uk> +Date: Mon, 29 Oct 2018 15:48:51 -0400 +Subject: [PATCH] Make the cache filenames determinstic + +Whilst working on the Reproducible Builds[0] effort, we noticed that +fontconfig generates cache files with unreproducible/non-deterministic +filenames. + +This is a supplement to the changes added in f098adac54ab where we +ensured that the checksums themselves were determistic but the files +that were stored in the cache directory are currently being given +"random" names via uuid(3)'s uuid_generate_random function, thus +any images that generate such files have different contents on every +build. + +This patch changes the behaviour of the cache directory filename +calculation to be based on the "source" directory name, rather than +being entirely random. + +An alternative solution could be to continue to use the previous +uuid_generate_random function but use this alternative codepath if the +SOURCE_DATE_EPOCH[1] environment variable was determined to be +present via getenv(3). + +This work was sponsored by Tails[2] and tracked in Debian in #864082[3]. + + [0] https://reproducible-builds.org/ + [1] https://reproducible-builds.org/specs/source-date-epoch/ + [2] https://tails.boum.org/ + [3] https://bugs.debian.org/864082 +--- + src/fccache.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/fccache.c ++++ b/src/fccache.c +@@ -101,7 +101,10 @@ FcDirCacheCreateUUID (FcChar8 *dir, + ret = FcFalse; + goto bail3; + } +- uuid_generate_random (uuid); ++ if (getenv("SOURCE_DATE_EPOCH")) ++ uuid_generate_sha1 (uuid, target, target, strlen(target)); ++ else ++ uuid_generate_random (uuid); + if (force) + hash_add = FcHashTableReplace; + else diff -Nru fontconfig-2.13.1/debian/patches/series fontconfig-2.13.1/debian/patches/series --- fontconfig-2.13.1/debian/patches/series 2020-05-13 12:18:40.000000000 +0200 +++ fontconfig-2.13.1/debian/patches/series 2022-01-12 07:49:31.000000000 +0100 @@ -6,3 +6,4 @@ 0001-fix-memory-leaks.patch 0002-more-memory-leaks.patch 0003-Set-name_mapping-to-NULL-after-freeing.patch +0001-Make-the-cache-filenames-determinstic.patch diff -Nru fontconfig-2.13.1/debian/po/pt.po fontconfig-2.13.1/debian/po/pt.po --- fontconfig-2.13.1/debian/po/pt.po 2020-05-13 15:16:46.000000000 +0200 +++ fontconfig-2.13.1/debian/po/pt.po 2022-01-12 07:49:42.000000000 +0100 @@ -87,21 +87,18 @@ #. Type: select #. Description #: ../fontconfig-config.templates:3002 -#| msgid "Font tuning method for screen (system default):" msgid "Automatic font hinting style:" msgstr "Estilo de desenho do tipo de letra automático:" #. Type: select #. Description #: ../fontconfig-config.templates:3002 -#| msgid "" -#| "Please select the preferred method for tuning fonts for screen rendering." msgid "" "Please select the preferred automatic font hinting style to be used as the " "system default." msgstr "" -"Por favor seleccione o estilo de desenho do tipo de letra automático a " -"ser usado como predefinição do sistema." +"Por favor seleccione o estilo de desenho do tipo de letra automático a ser " +"usado como predefinição do sistema." #. Type: select #. Description @@ -114,8 +111,8 @@ "shape. \"Slight\" is the default setting." msgstr "" "O estilo de desenho do tipo de letra é a parte de redesenhamento efectuado " -"de modo a encaixar na grelha. \"Ligeiro\" tornará o tipo de letra mais" -" desfocado de modo a encaixar na grelha mas manterá mais fielmente o formato " +"de modo a encaixar na grelha. \"Ligeiro\" tornará o tipo de letra mais " +"desfocado de modo a encaixar na grelha mas manterá mais fielmente o formato " "do tipo de letra. O \"Total\" será um tipo de letra mais contundente que se " "adapta melhor à grelha do pixel mas perderá uma grande parte do formato do " "tipo de letra. \"Ligeiro\" é a configuração predefinida." diff -Nru fontconfig-2.13.1/debian/rules fontconfig-2.13.1/debian/rules --- fontconfig-2.13.1/debian/rules 2020-05-13 12:15:26.000000000 +0200 +++ fontconfig-2.13.1/debian/rules 2022-01-12 07:49:42.000000000 +0100 @@ -31,3 +31,8 @@ # Do not ship 10-hinting-slight.conf symlink by default, let debconf handle # that so the administrator can configure it. Still default to slight hinting. rm debian/fontconfig-config/etc/fonts/conf.d/10-hinting-slight.conf + +# one of the tests makes sure that the uuid changes, so we have to run tests +# without SOURCE_DATE_EPOCH set +override_dh_auto_test: + env --unset=SOURCE_DATE_EPOCH dh_auto_test
signature.asc
Description: signature
