From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id SNHkAeLCDWahygAAqHPOHw:P1 (envelope-from ) for ; Wed, 03 Apr 2024 22:58:10 +0200 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id SNHkAeLCDWahygAAqHPOHw (envelope-from ) for ; Wed, 03 Apr 2024 22:58:10 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b=m2ERkBYQ; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1712177889; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=fJJ1MSwOXc/nlXX72ErvAQ07W3rIihJ2KP5rXpG62ak=; b=txb7lIf7mstFbbDPuOPGs+kirp87BWtJ8JJBh/q6qidF+Ft1YoR+/ucmVPaBWQWLknYlCM 79wV+bD4JXF3XWWtXwkF0kFDeqCFOgGd2a2TtlbuyuLIN4yhteVV3d7RhbFAAAbi5tyK7L yEXrJGJRLoaEDjB6hHNvfj6NL+72PyhxFp0scTQ6OtnVB55NIFlOOL+wQui8KD4ORwT3/u XI71xN6ge2qOlxC0MZ7UjpuyguXCUA8kflJ8DF/48QllbcdjmLeTxtFYwCPGNujf3o45mi iorPe056maZ8ddwgUX/rzwByyqUODFlwLuFhVzBlsyZvfeJHB09doMEriHfGgQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1712177889; a=rsa-sha256; cv=none; b=BF5EEEMm6sRc9U8bp2l011CVNUYTaMZiBdBf3x2PNCrEUiMV3EF8hfwXQDX3641Z/htif/ jd6xYiyhkY9NbQvxdC3hCKiTJzP27Rn/eq1UnPXYhKejIX9SP+f9DnOb1ESk2EZP5+H2lu s8B5eIB9pS/gfKitvP0xy3ufhs7zxPhCmaZt3U8Y5fOnBLBwsvqsvzVwIADygGPF2o0swt 9mFQFJAfKEf8WSm1hOkeBFmGUY1ehuMm2WhIGx7evCSbpCJBmv+CWfYC2Nt3ABYhwRE62B 46jXlmQE0LS6sYUJzgOO3NC7iL3DkihIlcl0g6HYrYDlg8wcT+axavKyGetebA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b=m2ERkBYQ; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id AEB2422C37 for ; Wed, 3 Apr 2024 22:58:09 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rs7gF-0007Wm-43; Wed, 03 Apr 2024 16:57:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rs7gD-0007WT-Hc for guix-patches@gnu.org; Wed, 03 Apr 2024 16:57:57 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rs7gD-0005QP-92 for guix-patches@gnu.org; Wed, 03 Apr 2024 16:57:57 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1rs7gH-0005Gc-Ip for guix-patches@gnu.org; Wed, 03 Apr 2024 16:58:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#70169] [PATCH 0/7] Reproducible `make dist' tarball in defiance of Autotools and Gettext Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 03 Apr 2024 20:58:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70169 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Janneke Nieuwenhuizen Cc: 70169@debbugs.gnu.org Received: via spool by 70169-submit@debbugs.gnu.org id=B70169.171217788020239 (code B ref 70169); Wed, 03 Apr 2024 20:58:01 +0000 Received: (at 70169) by debbugs.gnu.org; 3 Apr 2024 20:58:00 +0000 Received: from localhost ([127.0.0.1]:59800 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rs7gD-0005G1-Ro for submit@debbugs.gnu.org; Wed, 03 Apr 2024 16:58:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39690) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rs7g8-0005Ej-RM for 70169@debbugs.gnu.org; Wed, 03 Apr 2024 16:57:56 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rs7fw-0005Kf-9S; Wed, 03 Apr 2024 16:57:41 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=fJJ1MSwOXc/nlXX72ErvAQ07W3rIihJ2KP5rXpG62ak=; b=m2ERkBYQuMxNfQyfe6uM fOwueb0HVEr1ASqF+7OLQfgUFibAQIZrlRjmuAfgCPe/C4lVTLX4ngPI2t6Z6pqg/ToGtI1kKQChk mhUi8IHwSZQ1rowQTu9xAw98/iLM/UEf3tsRwGlqGpxreVelffHkDPP26iAZdFLTj/tu3yqhsAhz7 Wn7Eo0Zz5ryxFf2rlI/6kIvfXTcFD0zATOCyTs7O0tHM3Wxw4Q52MjyktUZH8YIGgP9M31jySxWQn NGo424kBAc+vdeWReubM8iESxiVwboVvFGHOL3N32FLR8kDJZFt6artZoj4gteGGEOI1dfvrsCogz ycGpF6AG1VX9JA==; From: Ludovic =?UTF-8?Q?Court=C3=A8s?= In-Reply-To: (Janneke Nieuwenhuizen's message of "Wed, 3 Apr 2024 21:08:40 +0200") References: Date: Wed, 03 Apr 2024 22:57:36 +0200 Message-ID: <87wmpew4e7.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Migadu-Spam-Score: -7.06 X-Spam-Score: -7.06 X-Migadu-Queue-Id: AEB2422C37 X-Migadu-Scanner: mx12.migadu.com X-TUID: T4XB7QXwjJ2f Hi! Janneke Nieuwenhuizen skribis: > The recent XZ-utils > debacle inspired me to resurrect and finish my patch set for creating a > reproducible source tarball for Guix, i.e., finally have `make dist' be > reproducible (when run from Git). I've been using a version of these pat= ches > in simpler projects for some years now and stole one from Timothy Samplet= 's > Gash project. Yay, kudos to you and Timothy! > Autotools and Gettext still make it harder than necessary to do reproduci= ble > (responsible?) computing, which is especially sad given the fact that the > Reproducible Builds project recently had their 10th birthday > . > > Gettext tooling embeds timestamps found in the file-system, fails to resp= ect > SOURCE_DATE_EPOCH, and lacks options like `--pot-creation-date' so that we > have to resort to SED to fixup. The caching of all sorts of information,= in > separate build stages, also doesn't help. Sadness indeed. Hopefully things will improve in the coming weeks, now that there=E2=80=99s an impetus. > To create a reproducible source tarball, having a reproducible build > environment is a prerequitite, so this would have to be recorded too. > Using this patch set, I created a tarball doing something like > > guix pull --commit=3D1dbe492b993a7629df3b35146ce0272b52913776 > guix shell > bootstrap && ./configure --localstatedir=3D/var --sysconfdir=3D/etc && ma= ke dist > guix hash guix-1.3.0.57425-80a228.tar.gz > 0mk59ay5k2dxmjni9fx4i8qyfhvlgxbhqzsjpg2pbw381nskkxbj I applied the whole series on top of df64d48e6f9f648044aa5279c045b8d6f7bee604 (the =E2=80=98base-commit=E2=80=99= at the bottom of your message). Thus I got the same content as you but with a different commit ID. =E2=80=9Cmake dist=E2=80=9D gave me guix-1.3.0.57425-9f4a4a.tar.gz. The na= me indeed corresponds to the tip of my tree: --8<---------------cut here---------------start------------->8--- $ guix hash guix-1.3.0.57425-9f4a4a.tar.gz 0z3c4f8g6rsi9n0j8cwzwvw4bc59srg6bl3jj8yi60hbr9vrz5ql $ git log |head commit 9f4a4adfa778b281b794b61014e06dad98b6c945 Author: Janneke Nieuwenhuizen Date: Wed Apr 3 21:11:09 2024 +0200 maint: Ensure generated file reproducibility for dist. =20=20=20=20 * doc/local.mk (override $(srcdir)/doc/stamp-vti): New target override. (doc-clean, man-clean): New targets. (auto-clean): Depend on it in new target. (DIST_CONFIGURE_FLAGS): New variable. --8<---------------cut here---------------end--------------->8--- But as a result, I get a different hash, and since the directory in the tarball has a different name, =E2=80=98diffoscope=E2=80=99 isn=E2=80=99t ve= ry helpful. There=E2=80=99s at least one relevant difference in the gzip metadata: --8<---------------cut here---------------start------------->8--- --- guix-1.3.0.57425-9f4a4a.tar.gz +++ /tmp/guix-1.3.0.57425-80a228.tar.gz =E2=94=9C=E2=94=80=E2=94=80 filetype from file(1) =E2=94=82 @@ -1 +1 @@ =E2=94=82 -gzip compressed data, from Unix, original size modulo 2^32 20813= 8240 gzip compressed data, rese rved method, ASCII, extra field, encrypted, from FAT filesystem (MS-DOS, OS= /2, NT) =E2=94=82 +gzip compressed data, from Unix, original size modulo 2^32 22250= 4960 gzip compressed data, rese rved method, ASCII, has CRC, was "", has comment, encrypted, from FAT files= ystem (MS-DOS, OS/2, NT --8<---------------cut here---------------end--------------->8--- (Your tarball has a CRC and comment, mine doesn=E2=80=99t.) Maybe we=E2=80=99ll have to iterate once you=E2=80=99ve pushed a first vers= ion, so we can truly build the same thing. Or we should push the branch somewhere (or use the one from once it=E2=80=99s been created). Thanks! Ludo=E2=80=99.