On 2022-10-11, Michael Prokop wrote: > * Vagrant Cascadian [Sun Oct 09, 2022 at 05:41:19PM -0700]: > >> The date is embedded in /usr/share/man/man1/guymager.1.gz: >> >> >> https://tests.reproducible-builds.org/debian/rb-pkg/bookworm/amd64/diffoscope-results/guymager.html >> >> TH·guymager·1·"2023-11-10"·"version·0.8.13-1 >> vs. >> TH·guymager·1·"2022-10-09"·"version·0.8.13-1 >> >> The attached patch to the upstream manuals/rebuild.sh file fixes this by >> using SOURCE_DATE_EPOCH to determine the date to embed in the manpage. >> >> According to my local tests, with this patch applied guymager should >> build reproducibly on tests.reproducible-builds.org once it migrates to >> bookworm/testing! There are other outstanding issues with build-paths, >> which are only tested on unstable/experimental. > > Thanks for your patch, Vagrant. I applied it and added another > change on top of yours, so manually invoking manuals/rebuild.sh > still works, and converted it into a quilt patch. > > Would you mind taking a quick look at > https://salsa.debian.org/pkg-security-team/guymager/-/merge_requests/1 > to check, whether this makes sense for you?
Nice! Looks good to me! > (The failing reprotest in the pipeline seems to come from the > guymager binary itself, AFAICS) This is probably due to the build paths. I didn't figure out exactly what was triggering that or how to avoid it in this case; it seemed to be passing the -ffile-prefix-map build flag in at least some compiler invocations, but maybe there are some corner-cases which ignore the relevent *FLAGS variables. Long-term, it would be nice to avoid embedding build paths too, but for now fixing at least timestamps will help! You can probably configure your salsa-ci reprotest job to exclude build paths for now, as tests.reproducible-builds.org will catch that when testing unstable or experimental: https://salsa.debian.org/salsa-ci-team/pipeline#adding-extra-arguments-to-reprotest At least, until we figure that part out... :) live well, vagrant
signature.asc
Description: PGP signature
