Source: yaramod Version: 3.21.0-1.1 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: filesystem X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
Hi, Whilst working on the Reproducible Builds effort [0], we noticed that yaramod could not be built reproducibly. This is because it dynamically generated a list of modules by iterating over the filesystem without sorting that first, thereby inheriting the nondetermistic ordering of the underlying filesystem. Patch attached that adds a simple sorted(...) to the os.listdir call. [0] https://reproducible-builds.org/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
--- a/debian/patches/0004-Reproducible-build.patch 1970-01-01 01:00:00.000000000 +0100 --- b/debian/patches/0004-Reproducible-build.patch 2025-03-10 10:43:53.802043891 +0000 @@ -0,0 +1,15 @@ +Description: Make the build reproducible +Author: Chris Lamb <la...@debian.org> +Last-Update: 2025-03-10 + +--- yaramod-3.21.0.orig/scripts/json_to_array.py ++++ yaramod-3.21.0/scripts/json_to_array.py +@@ -56,7 +56,7 @@ def main(argv): + ''') + module_names = [] + +- for file in os.listdir(input_directory): ++ for file in sorted(os.listdir(input_directory)): + filename, extension = os.path.splitext(file) + if extension != ".json": + continue --- a/debian/patches/series 2025-03-10 10:28:27.468230893 +0000 --- b/debian/patches/series 2025-03-10 10:43:52.834040543 +0000 @@ -1,3 +1,4 @@ 0001-Build-Python-module-together.patch 0002-Build-shared-library.patch 0003-Use-system-packages.patch +0004-Reproducible-build.patch
