Idea: Reproducible-ish builds

Question

Idea: Reproducible-ish builds

Opened this issue 7 months ago · 0 comments

Reproducible builds offer several advantages: See, e.g., https://reproducible-builds.org/ and https://reproducible-builds.org/docs/buy-in/.

It's not a requirement for us (yet) and it would currently require major changes but we could implement a few low hanging fruits to improve consistency/QA.

It might be nice to support SOURCE_DATE_EPOCH and limit network access during builds (https://reproducible-builds.org/docs/volatile-inputs/; we have both checksums and backups of the specified sources but content fetched from the Internet during builds could change or disappear at any time).