From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id wrM1Ac3Zo2J5cQAAbAwnHQ (envelope-from ) for ; Sat, 11 Jun 2022 01:54:53 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id gCPbOszZo2JpLQAAG6o9tA (envelope-from ) for ; Sat, 11 Jun 2022 01:54:52 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 857F029009 for ; Sat, 11 Jun 2022 01:54:52 +0200 (CEST) Received: from localhost ([::1]:35342 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nzoSp-0000rV-DA for larch@yhetil.org; Fri, 10 Jun 2022 19:54:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:57174) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nzoSE-0000rN-Kt for guix-devel@gnu.org; Fri, 10 Jun 2022 19:54:14 -0400 Received: from cascadia.aikidev.net ([2600:3c01:e000:267:0:a171:de7:c]:57618) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nzoSC-0000m9-OM for guix-devel@gnu.org; Fri, 10 Jun 2022 19:54:14 -0400 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:7:77:0:20]) (Authenticated sender: vagrant@aikidev.net) by cascadia.aikidev.net (Postfix) with ESMTPSA id 8DA4E1AB68 for ; Fri, 10 Jun 2022 16:54:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=reproducible-builds.org; s=1.vagrant; t=1654905247; bh=Cke9u1TUjyLf8le/DJgJcOWdzNK9Lr/t5RXubqp5Rjk=; h=From:To:Subject:Date:From; b=ur4Xrk/JL7HYg073QZ2OCA2l1yLCOVFTJiKsxN1bIVpC76Bqm87dSaavqHWbzqLz6 JnypUBlijhia5MzV6HH4eO1M23ITlnQFGkRmG8naF5kIUtP8Rf+w6uAO6r+oRJ5Lmb CKgAMxLQWMDDfIBWbOqOfe6kdernpYYVBMriDQpb4Jq1emu8eVaZk0g3U9wjv2Gl+M 96LgLcAkY4kbRS55l0nWRpCw8U691ngXeqhmRleaKZY7joiK5Soy+c1ZDiF1ml7JMi 1oNYAHTUeLywJibQE+V1nU0WsEsVQXxEBA1sWUc5qBolylTkcfL2IV50MEFS/Vb5Iz 9DvKTukukecDg== From: Vagrant Cascadian To: Guix Devel Subject: Set FORCE_SOURCE_DATE=1 by default Date: Fri, 10 Jun 2022 16:53:59 -0700 Message-ID: <87bkv0f52g.fsf@contorta> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: none client-ip=2600:3c01:e000:267:0:a171:de7:c; envelope-from=vagrant@reproducible-builds.org; helo=cascadia.aikidev.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1654905292; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=DvzVLgDbJeOazvFLFUk1TuoyDIh/w2uddqw68AJOzwY=; b=LrAJrqx393oYKeKk4DFcX7hYTIw9guFp286oQSdOIWSRjol9BPqY8fVxXWf212tnBWE0iG qz9+8JVGvgdAnta4O5sPs/F4V3SjG9sy3rOni4bXM33nn8grI/YvkOkxcbTpsazMZAtuIz 3JaKZO3MSIZdizTSuU9nJOD3y5JsVdS050GxlXd7lmNDKmHVuzqSKpaF9FeSe5q9BNl4tn ai+j24EuMM/5vn3RMByX5/73KiJgEl2nNmd/4EbQCxn6axQN8ic0bHNT4dfffDZdZgXLfO hJw0UT0iFCsDvWQoUWap18sk0Q4vabzTDZRLL4up8SAskUcuSz8WIb8o0LUvhA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1654905292; a=rsa-sha256; cv=none; b=CXe5Bk6gCbkvDqKLQoLatkbN9wTTNX860F2g80ziI17I+lYEgLTtoBDoviwSxloRBZ1EiE SwnLtLIR8otty7kNs66OXR6suC7rHFAlRV/Xvuu/Ig/UZ8aZVhfwsc+CCjOw6g+SwlEeWp V+uylWiPziIqNTFfaju4ZptBjk64fU25pJT9bDB7EMq6EHi1rOwRnwgJvc8G3OW/7OGXDO N89pBatHEVmnLYl8duCyOCF3lr0HVgijONOmLis9idJysAbYarNWGBAQsYfKAFRaOqmXAX pfIeNdoMqD/Hcwv3rfU5xiCdw857NFd63No9xd35lxrbQoIm/8N123JeILc97w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=reproducible-builds.org header.s=1.vagrant header.b="ur4Xrk/J"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -8.58 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=reproducible-builds.org header.s=1.vagrant header.b="ur4Xrk/J"; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 857F029009 X-Spam-Score: -8.58 X-Migadu-Scanner: scn0.migadu.com X-TUID: M5e76S+aEWse --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain So, guix sets SOURCE_DATE_EPOCH=1 by default in guix/build/gnu-build-system.scm, which is great! This allows guix packages in many cases to build packages reproducibly, with a curious side-effect that takes us all back to the early 70s in some corner-cases (or even late 60s, dependent on timezone). That said, some projects (such as texlive) might be worried about messing with time too much (I get it, lots of cautionary sci-fi stories!), and so you *also* need FORCE_SOURCE_DATE=1 to be set in order to respect SOURCE_DATE_EPOCH. I am quite biased on the subject and always felt that setting SOURCE_DATE_EPOCH wouldn't happen by accident and it alone should be sufficient to say "please use this for your timestamps, really." I am not aware of use-cases where SOURCE_DATE_EPOCH is intentially set but FORCE_SOURCE_DATE is intentionally not set... in order to embed the current time. But that is kind of neither here nor there. Setting this on a package-by-package basis can be a bit tedious, wastes precious lines that could be spent on more useful code, and needs to be done for every existing and new package that might need it, such as: 964cdd57fa037fec4917ac76725b0a65d47483bc gnu: discrover: Use reproducible timestamps. a04a987450908a84fa5fde0caa25a6a50027c73c gnu: itpp: Avoid embedding build dates. I haven't done a full inventory, but many texlive packages should become considerably more reproducible with FORCE_SOURE_DATE=1 set, as well as other packages that use texlive to generate documentation in various formats. FORCE_SOURCE_DATE is mentioned in the documentation about SOURCE_DATE_EPOCH: https://reproducible-builds.org/docs/source-date-epoch/ I am making the modest proposal of Guix setting this variable by default! Patch attached for your perusal. I'm guessing this would be world-rebuild endeavor, hello core-updates! Thoughts? live well, vagrant --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0001-guix-gnu-build-system-Set-FORCE_SOURCE_DATE-in-set-S.patch Content-Transfer-Encoding: quoted-printable From=207a39330b56934accef14b5e2ac003e211c7c6c5b Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Fri, 10 Jun 2022 16:12:59 -0700 Subject: [PATCH] guix: gnu-build-system: Set FORCE_SOURCE_DATE in set-SOURCE-DATE-EPOCH phase. * guix/build/gnu-build-system.scm (set-SOURCE-DATE-EPOCH): Set FORCE_SOURCE_DATE=3D1. Update URL. =2D-- guix/build/gnu-build-system.scm | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/guix/build/gnu-build-system.scm b/guix/build/gnu-build-system.= scm index d84411c090..42a6041798 100644 =2D-- a/guix/build/gnu-build-system.scm +++ b/guix/build/gnu-build-system.scm @@ -56,10 +56,11 @@ (define time-monotonic time-tai)) (else #t)) =20 (define* (set-SOURCE-DATE-EPOCH #:rest _) =2D "Set the 'SOURCE_DATE_EPOCH' environment variable. This is used by to= ols =2Dthat incorporate timestamps as a way to tell them to use a fixed timesta= mp. =2DSee https://reproducible-builds.org/specs/source-date-epoch/." =2D (setenv "SOURCE_DATE_EPOCH" "1")) + "Set the 'SOURCE_DATE_EPOCH' and 'FORCE_SOURCE_DATE' environment variabl= es. +This is used by tools that incorporate timestamps as a way to tell them to= use +a fixed timestamp. See https://reproducible-builds.org/docs/source-date-e= poch/." + (setenv "SOURCE_DATE_EPOCH" "1") + (setenv "FORCE_SOURCE_DATE" "1")) =20 (define (first-subdirectory directory) "Return the file name of the first sub-directory of DIRECTORY or false, = when =2D-=20 2.35.1 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCYqPZmAAKCRDcUY/If5cW qhW6AP4ysYxCqQS83LV6TYqPRiv5mbRnzJovgoBYPtM962UXRwEA+XCsO/J3XFpV w8HZeCXFTmb/w1Vfv+/hA3/fmxmLzwI= =PMcx -----END PGP SIGNATURE----- --==-=-=--