Collaborative Working Sessions - Born Reproducible I
- Who is running it
- Who is running builds
- At what granularity are build steps defined
- What os/platform are necessary to support
- How (or if) non-owned build inputs are fetched/supported
- What are the different “stacks” that run builders
- How closely does “build input” reflect the full set of things that can inpact output
-
How “explicit” is the build definition
- Rebuild evidence
- (re)builder indentity
- Both successes and failures to rebuild
What are we trying to do?
- Understand build diffs
- Build integrity <- many similar builders
- Build malice <- many different builders
- Rebuild debugging/detection
- Transient mismatch
- Deterministic mismatch
- Rebuild smells <- environment variation injector (e.g., build diversity fuzzer)
What are the techniques that can help?
- File system isolation
- Ephemeral environment
- Deterministic Scheduling
- Multiple sequential rebuilds
Follow us on Twitter @ReproBuilds, Mastodon @reproducible_builds@fosstodon.org & Reddit and please consider making a donation. • Content licensed under CC BY-SA 4.0, style licensed under MIT. Templates and styles based on the Tor Styleguide. Logos and trademarks belong to their respective owners. • Patches for this website welcome via our Git repository (instructions) or via our mailing list. • Full contact info
