[Rpm-ecosystem] Reproducible Builds

Florian Festi ffesti at redhat.com
Tue Mar 1 21:51:57 UTC 2016

On 03/01/2016 05:18 PM, Neal Gompa wrote:
> One important aspect that would make reproducible builds more
> trustworthy in the RPM world would be some capability to indicate
> checksums for sources and patches so that rpmbuild can verify them.

While this is an interesting topic it is a different one. Reproducible
builds are about proving that the binary package was actually generated
from a given srpm (and build environment).



Red Hat GmbH, http://www.de.redhat.com/ Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael Cunningham, Michael
O'Neill, Charles Peters

More information about the Rpm-ecosystem mailing list