GNU bug report logs - #30109
[core-updates] shishi 1.0.2 not reproducible

Previous Next

Package: guix;

Reported by: Gábor Boskovits <boskovits <at> gmail.com>

Date: Sun, 14 Jan 2018 11:30:01 UTC

Severity: normal

Done: Danny Milosavljevic <dannym <at> scratchpost.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Gábor Boskovits <boskovits <at> gmail.com>
Subject: bug#30109: closed (Re: bug#30109: [PATCH] gnu: shishi: Make
 shishi keys and database administrator-modifiable.)
Date: Sat, 20 Apr 2019 15:20:02 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#30109: [core-updates] shishi 1.0.2 not reproducible

which was filed against the guix package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 30109 <at> debbugs.gnu.org.

-- 
30109: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=30109
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Danny Milosavljevic <dannym <at> scratchpost.org>
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: 30109-done <at> debbugs.gnu.org
Subject: Re: bug#30109: [PATCH] gnu: shishi: Make shishi keys and database
 administrator-modifiable.
Date: Sat, 20 Apr 2019 17:19:31 +0200

[Message part 3 (text/plain, inline)]
Hi Maxim,

> I've applied and tried your proposed fix, and it made shishi
> reproducible; so LGTM!  Could you apply your fix to core-updates?

Thanks for the test!

I've pushed the fix to core-updates.

[Message part 4 (application/pgp-signature, inline)]
[Message part 5 (message/rfc822, inline)]
From: Gábor Boskovits <boskovits <at> gmail.com>
To: bug-guix <at> gnu.org
Subject: [core-updates] shishi 1.0.2 not reproducible
Date: Sun, 14 Jan 2018 12:29:33 +0100

[Message part 6 (text/plain, inline)]
It seems, that the shishi build generates keys which end up in the store,
making the build unreproducible. Can the key generation be extracted from
the build?

If yes, then are we able to do the following: use a reproducible substitute
without the key, generate the key afterwards, and store it somewhere else.

diffoscope output attached.

[Message part 7 (text/html, inline)]
[diffoscope-shishi (application/octet-stream, attachment)]
This bug report was last modified 6 years and 88 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.