Package: zip
Version: 3.0-15
Severity: wishlist
X-Debbugs-Cc: feder...@kircheis.it
Dear Maintainer,
It does not seem to be possible to create a reproducible zip archive
with the zip utility.
Even when using --no-extra / -X the ordering of the files is not
ensured, and the timestamp of the files is not fixed.
I tried, for example, to use
find <dir> -name '*' -print0 | sort -z | xargs -0 zip -X test.zip
to ensure consistent ordering between files, but found no way to ensure
that the timestamps in the zip archive are fixed.
The environment variable SOURCE_DATE_EPOCH seem to get ignored.
I would have expected that --no-extra / -X would cover it, would it be
possible to extend it?
Would it also be possible to respect SOURCE_DATE_EPOCH?
-- System Information:
Debian Release: 13.0
APT prefers testing
APT policy: (400, 'testing'), (50, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.27-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages zip depends on:
ii libbz2-1.0 1.0.8-6
ii libc6 2.41-8
Versions of packages zip recommends:
ii unzip 6.0-29
zip suggests no packages.
-- no debconf information
