[ipxe-devel] reproducible builds, what if

Neil Roza neil at rtr.ai
Mon May 4 01:10:07 UTC 2020


On Sun, May 3, 2020, 16:29 Geert Stappers <stappers at stappers.nl> wrote:

> On Sun, May 03, 2020 at 12:18:26PM +0900, Christian Nilsson wrote:
> > What if there is any local non commited changes, or config file changes,
> or
> > embedded script changes. The checksum over linked solves the hash, but is
> > it actually correct to use git as a source for BUILD_TIMESTAMP when there
> > is local changes?
>
> I see the warning, but I don't see the problem.
> In case that doesn't answer the "What if question",
> please elaborate what the hidden danger is.
>

No, I get it: a pristine HEAD and a dirty HEAD don't deserve the same
source date epoch. There's some ways to disambiguate these with `git
stash`, but this is starting to get complicated. It could become an ugly
`$(shell ...)` in the Makefile.housekeeping, or I could put it in a helper
shell script. What's the right decision for ipxe?

>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20200503/e35e292d/attachment.htm>


More information about the ipxe-devel mailing list