From mboxrd@z Thu Jan 1 00:00:00 1970 From: Danny Milosavljevic Subject: bug#27563: [PATCH v3 0/2] Make ghostscript reproducible. Date: Thu, 6 Jul 2017 12:32:14 +0200 Message-ID: <20170706103216.25939-1-dannym@scratchpost.org> References: <20170703200844.3f6d9e19@scratchpost.org> Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:40057) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dT45p-0004mn-Ry for bug-guix@gnu.org; Thu, 06 Jul 2017 06:33:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dT45m-0007M3-8k for bug-guix@gnu.org; Thu, 06 Jul 2017 06:33:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:51573) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dT45m-0007Lv-5e for bug-guix@gnu.org; Thu, 06 Jul 2017 06:33:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dT45l-0006LY-WB for bug-guix@gnu.org; Thu, 06 Jul 2017 06:33:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <20170703200844.3f6d9e19@scratchpost.org> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: 27563@debbugs.gnu.org So this is what's needed to finally make ghostscript, netpbm and groff reproducible. Groff just finished its 38th build on my machine and it finally compared the rounds as equal. I'm posting those here in order to make sure we all agree that this is the way to go. The patchset patches PDF creation in ghostscript. It's for core-updates. The PDF file has a trailer field "/ID" which is required only when encrypting. But ghostscript derives it from the current time. So I figured leaving it off if allowed would be the easiest fix. If it's not there then it can't change :P Also, newer PDF files have an RDF header specifying some extra information in an XML-like format. For example there's an instance UUID (PDF/A specifies that it's recommended to set this to an empty string), and a document UUID. The latter again is time-based. This patchset * removes the RDF tag which contains the document UUID and * sets the instance UUID to "" and * removes the ID tag if allowed (i.e. if not encrypting). Because of the printf-style functions, it has to split up the printfs a bit, but really it just makes one of the parts printed optional - in multiple places (because PDF trailers can be chained). Danny Milosavljevic (2): gnu: ghostscript: Don't write document UUID; use "" as instance UUID. gnu: ghostscript: Write document ID only when encrypting. gnu/local.mk | 2 + gnu/packages/ghostscript.scm | 4 +- .../patches/ghostscript-no-header-id.patch | 47 ++++++++++++++++++++++ .../patches/ghostscript-no-header-uuid.patch | 28 +++++++++++++ 4 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/ghostscript-no-header-id.patch create mode 100644 gnu/packages/patches/ghostscript-no-header-uuid.patch