Web lists-archives.com

Re: Debian Buster will only be 54% reproducible (while we could be at >90%)

On Sat, Mar 09, 2019 at 09:15:34PM +0000, Dimitri John Ledkov wrote:
[packages uploaded before December 2016, which didnt see binNMU since
then, dont have a .buildinfo file (and were built with a dpkg which
produces unreproducible packages]
> So I guess after we release buster, we should do a mass-source-nmu
> no-change uploads to make the .deb reproducible as shipped in the
> archive.


I think I first want to have the numbers right (and then current) to see
how many packages are affected.

Also: a not so low percentages of packages is still uploaded as
non-source-only upload. I *believe* this should be fine (as nowadays the
upload contains the .buildinfo file of that developer build, so if a
package is reproducible this .buildinfo file can be taken).

> Is this thus then an effectively a maas bug-file request to
> sourcefully rebuild packages?

no, at least not yet.


       PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

Attachment: signature.asc
Description: PGP signature