From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms1.migadu.com with LMTPS id 8EUIDfsxLGaK7QAAqHPOHw:P1 (envelope-from ) for ; Sat, 27 Apr 2024 01:00:11 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:4876::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id 8EUIDfsxLGaK7QAAqHPOHw (envelope-from ) for ; Sat, 27 Apr 2024 01:00:11 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=reproducible-builds.org header.s=1.vagrant header.b=XEzC7Qzo; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1714172411; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=7nmX7xCUKZZLG1F/2kw0q6TNAY0jHq4Yk6l7yvwe4EU=; b=gusySFbHDBznpRxF+hH5QHyHc6t5Ae1/YHtOn1tELMoVgsBIh4Dxw8oDIl5kP8Tml/mqi8 7K2f4ABWwLewxqcyHSzwmnY49q4R8/IzuNBzZuuLuicj63YrC6JRqDNl66Es5KLZ9Pb8Tv 5csohiT/lE9SoWMajRZ4LLlJCqe6OpAQOjk0klmf0OHM/SSjgAwnStAz+bu08dQ0zRQ8XG UN1BLf4Wo52J97C45Vg8sFUs0MsfW1vJ7UhnQ7TvL22dx4Q8RTd3AIPoJdwl+F4lk5d+a5 +XB7LxL+cEoemWcCsiduBQZMJJ5dMA0qST9amBU8gAMHG6E7vF4qL9aGQM7XVA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=reproducible-builds.org header.s=1.vagrant header.b=XEzC7Qzo; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1714172411; a=rsa-sha256; cv=none; b=iHB8W5oZR+fADRCSsHGkfKWcWypqlaLpvSWTHwCrGOyy8VpTFxQmCL2LU49QVezI+pym5x KB87zy5gXKRSFxQnSGKpVgqKsjuw8wbhringVwjJuzsEJD+v9UhIhHuHVbguDnd34vIWXh MZtVka+i9Op7z/2mK0H4Neqw0Q5RXyi7MkMNrcpv/dIBJIL4U0iLZ+hxdZGNe62gYqJOW7 AlEO9nLiARg7TMJF/y/Jo7fkxV8+MPVwwOH8r0K4bkQZdE0WUaIl1bck2j15qt6sXFe37g cvyQT4N1N+sJ4aaFvdo1ecUxMs0G/fXpLSb282vehtAt6x3hl2gv1NoPsxDdcw== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id A878E26EED for ; Sat, 27 Apr 2024 01:00:10 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1s0UXr-0006z1-VA; Fri, 26 Apr 2024 18:59:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1s0UXq-0006yk-Bw for bug-guix@gnu.org; Fri, 26 Apr 2024 18:59:54 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1s0UXq-0003ln-3P for bug-guix@gnu.org; Fri, 26 Apr 2024 18:59:54 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1s0UY8-00030q-6p for bug-guix@gnu.org; Fri, 26 Apr 2024 19:00:12 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#40316: [PATCH 3/6] gnu: nss: Make reproducible. Resent-From: Vagrant Cascadian Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 26 Apr 2024 23:00:11 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 40316 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Christina O'Donnell , 40316@debbugs.gnu.org Cc: Christina O'Donnell , zhengjunjie@iscas.ac.cn, steve@futurile.net Received: via spool by 40316-submit@debbugs.gnu.org id=B40316.171417237011095 (code B ref 40316); Fri, 26 Apr 2024 23:00:11 +0000 Received: (at 40316) by debbugs.gnu.org; 26 Apr 2024 22:59:30 +0000 Received: from localhost ([127.0.0.1]:38634 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s0UXM-0002sP-GA for submit@debbugs.gnu.org; Fri, 26 Apr 2024 18:59:29 -0400 Received: from cascadia.aikidev.net ([2600:3c01:e000:267:0:a171:de7:c]:48070) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1s0UXC-0002p8-7O for 40316@debbugs.gnu.org; Fri, 26 Apr 2024 18:59:20 -0400 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:7:77:0:50]) (Authenticated sender: vagrant@aikidev.net) by cascadia.aikidev.net (Postfix) with ESMTPSA id 838921AD8F; Fri, 26 Apr 2024 15:58:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=reproducible-builds.org; s=1.vagrant; t=1714172326; bh=Tbw64BBC8fYR2g+jA1viVzCp4Ifey88cp9QsCRb2i88=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=XEzC7QzoA4C6ClSfxhNUaoN7TFrLfDb63IZ7cs4jhgv/aMQZB5aZvqGo5u/LapCcT vlZUL8GwiSZlq4bxysMfxarSPmZToVsNp6N8KCIKZU5LpyW/g5J1hYr1252v1p1O6S kAKlewvYPllOmI0DK2y/WjTyOJoAdSzMZPSVZwYSHcqh4hAaAWtOq9As06QTvzduZg sc34OF8EQpsE1kapnuSBE6Dj/ZmOPqUNI83E0RQ/Sz/BMGwFypeheId7miOkPcqsk8 6iXLjTaUSuzMa4ua1FWW6RfBTs0QUpwUEh4VbE76z4QzEOkVuGjKC4K8QdWG41rGLo TaCxDY5tprwtg== From: Vagrant Cascadian In-Reply-To: References: Date: Fri, 26 Apr 2024 15:58:40 -0700 Message-ID: <87o79vybmn.fsf@wireframe> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: bug-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Spam-Score: -3.99 X-Migadu-Queue-Id: A878E26EED X-Migadu-Scanner: mx10.migadu.com X-Migadu-Spam-Score: -3.99 X-TUID: 3xosiRVRAkQx --=-=-= Content-Type: text/plain On 2024-04-26, Christina O'Donnell wrote: > gnu/packages/patches/nss-Disable-library-signing.patch: Disable library > signing to make the build reproducible. > gnu/packages/nss.scm (nss): Apply this new patch. Nice! > diff --git a/gnu/packages/patches/nss-Disable-library-signing.patch b/gnu/packages/patches/nss-Disable-library-signing.patch > new file mode 100644 > index 00000000000..b488d29dcad > --- /dev/null > +++ b/gnu/packages/patches/nss-Disable-library-signing.patch > @@ -0,0 +1,67 @@ > +From 4734b834755822f962af29e9395daa7338084e21 Mon Sep 17 00:00:00 2001 > +Message-ID: <4734b834755822f962af29e9395daa7338084e21.1714059680.git.cdo@mutix.org> > +From: Christina O'Donnell > +Date: Thu, 25 Apr 2024 16:35:50 +0100 > +Subject: [PATCH] nss: Disable library signing. > + > +--- > + nss/cmd/shlibsign/Makefile | 32 +------------------------------- > + 1 file changed, 1 insertion(+), 31 deletions(-) I think it would be good to explain why this patch is included, not just in the git commit message, but in the patch comments itself. I realize the patch actually includes a comment about non-determinism, but it is a bit lost in the diff. Also, might be worth briefly explaining why disabling this feature is unlikely to break anything, etc. Curious if there might be some way to leave most of the code in place, disable it... otherwise on version updates it is more likely to result in conflicts with even minor changes... live well, vagrant --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCZiwxoAAKCRDcUY/If5cW qsQ5AQDJ/1xNdBXkWi9aT/MbiZO30A0F22MvfMv5LLUbX5WIXAEAxXLjwe8V188l hwmE+P+mEqzNrlOzfqveZAXd/xk63gQ= =tJPX -----END PGP SIGNATURE----- --=-=-=--