Collaborative Working Sessions - Born Reproducible II
Notes
This session is a follow-up on session from day 2 “Born Reproducible”
- Step #0 - Have a clean and defined build environment
- Step #1 - Know/Define:
- input
- output
- Step #2 - Record build metadata (e.g., buildinfo)
- Step #3 - Try to rebuild in a similar environment
- Step #4 - Analyse any differences
- Step #5 - Try to rebuild in a different enviroment
- Step #6 - Make it possible for users to rebuild/validate
- Step #7 - Define policy if build is unreproducible
- Step #8 - Collect build attestations
- Step #9 - Diversify Builders (e.g., identities, data centers, possibly users)
- Step #10 - Implement / Deploy Policy
- Profit! - Announce reproducibility Communicate on every step!
Follow us on Twitter @ReproBuilds, Mastodon @reproducible_builds@fosstodon.org & Reddit and please consider making a donation. • Content licensed under CC BY-SA 4.0, style licensed under MIT. Templates and styles based on the Tor Styleguide. Logos and trademarks belong to their respective owners. • Patches for this website welcome via our Git repository (instructions) or via our mailing list. • Full contact info
