[PATCH] reproducible Debian: filter Environment section from buildinfo files
HW42
hw42 at ipsumj.de
Mon Nov 7 14:14:00 UTC 2016
Mattia Rizzolo:
> On Mon, Nov 07, 2016 at 01:41:00PM +0000, HW42 wrote:
>> I removed the filter from Reiner and replaced it with a 'sed' filtering
>> out the .buildinfo entries from the .changes file. So diffoscope should
>> not compare the .buildinfos (and the files refered by them) at all.
>
> Ah, right, I missed the filter_buildinfo_files → filter_changes_files
> change… sorry
> (this still feels "unclean", same as removing fields from .buildinfo, so
> no increase in the "dirt count")
I think it's cleaner since it represents better what we want: All
produced binary artifacts should be identical. But .buildinfos document
part of the build environment and therefore are not identical by design.
(In the old version we would need to start filter Build-Path for
example, or keep it in /tmp)
A diffoscope option would be of course better than sed.
> btw, I need to check that again (didn't have the right tuit to do it),
> but comparing .changes with different .buildinfo but otherwise
> reproducible .deb, diffoscope should already return 0 and no diffs (we
> could argue whether this should have be better as an opt-in option
> rather than hardcoded, but well…
> See c61f41c5128094508d6fff8b746cecc3841f6b27 in diffoscope.git
IIRC somebody mentioned that this does not work as intended. If somebody
confirms that it works we can just drop the filter function.
> but:
>
>>> I'll file a diffoscope bug after this email.
>>
>> Once diffoscope has a --ignore-buildinfo options for comparing .changes
>> you can just drop the filter_changes_files function and pass the option
>> to diffoscope.
>
> personally I'd prefer to see .buildinfo differences together with the
> .deb diffs. They can provide useful insight (that currently we also
> have because the 2 build environments are documented elsewhere). Just
> that diffoscope should really not compare files that have already been
> compared. It's just very hard to do, on the same level of the parallel
> diffoscope one maybe…
I can understand very well why you think it's useful but I also see two
problems:
1) Currently the diff contains only stuff which should be fixed. If we
include .buildinfo differences it will include stuff which should not
be "fixed" (and can't be by the package maintainer).
2) The .buildinfo differences are a very incomplete documentation of
what has been varied so we need some other documentation anyway
(unless somebody thinks extending .buildinfo to this extend would be
a good idea).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 825 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20161107/035748f7/attachment.sig>
More information about the Reproducible-builds
mailing list