Package: jenkins.debian.org Severity: important X-Debbugs-Cc: vagr...@reproducible-builds.org
Apparently, diffoscope has issues that both cause it to fail to build, but more importantly for jenkins, fails to actually execute in a sid environment... leading to all packages that successfully build to be marked as unreproducible, even if the .deb files are bit-for-bit identical. At least for the moment, diffoscope is still working fine on trixie, so a possible workaround is to run diffoscope from a trixie (or bookworm?) environment. Longer-term, it might be worth comparing the hashes of the various files directly, so that the reproducible builds jobs in jenkins do not inappropriately mark something as unreproducible just because diffoscope unexpectedly failed. I noticed this when Diziet was asking why vtwm was marked as unreproducible: https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/vtwm.html ... I went and downloaded the vtwm artifacts only to find that they were bit-for-bit reproducible. live well, vagrant
signature.asc
Description: PGP signature
