33 points | by foresto a day ago ago
3 comments
What goes into achieving this other than making sure builds don't include timestamps somewhere?
Here's a good summary: https://reproducible-builds.org/docs/commandments/
No internet access during builds, no timestamps on anything, well defined compiler/linker options, sandboxed filesystem preferably
This is just things I know Nix does to their build sandbox but it's definitely not an exhaustive list.
What goes into achieving this other than making sure builds don't include timestamps somewhere?
Here's a good summary: https://reproducible-builds.org/docs/commandments/
No internet access during builds, no timestamps on anything, well defined compiler/linker options, sandboxed filesystem preferably
This is just things I know Nix does to their build sandbox but it's definitely not an exhaustive list.