Collaborative Working Sessions - Guix To-Do's
Long term goals:
- All packages build reproducibly
- Benefits security
- Future proofing
- K of N trust in substitutes (where K > 1)
- Benefits security
Things related to reproducible builds
- The data service info
guix challengeguix build --checkandguix build --rounds
TODO list: - build with disorderfs - linter for matching substitutes (to flag non reproducible packages) - QA checking reproducibility in patches/branches - User submitted build results - Prioritised list of packages/issues to fix
Actionable items
Some kind of guix buildinfo
That you can submit to the data service to describe a build you’ve done. Would be useful from the build coordinator but also submitted from users. This would help to find non-reproducible packages.
QA doing builds to test reproducibility
Improve qa.guix.gnu.org/reproducible-builds
Check and prioritise issues.
Track package reproducibility percentage over time
And backfill data.
Implement K of N trust in substitutes
See https://lists.gnu.org/archive/html/guix-devel/2020-06/msg00179.html
Follow us on Twitter @ReproBuilds, Mastodon @reproducible_builds@fosstodon.org & Reddit and please consider making a donation. • Content licensed under CC BY-SA 4.0, style licensed under MIT. Templates and styles based on the Tor Styleguide. Logos and trademarks belong to their respective owners. • Patches for this website welcome via our Git repository (instructions) or via our mailing list. • Full contact info
