Debian Bug report logs -
#1034200
lomiri: reproducible builds: results.txt contains arbitrary data
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, reproducible-bugs@lists.alioth.debian.org, Debian UBports Team <team+ubports@tracker.debian.org>:
Bug#1034200; Package src:lomiri.
(Mon, 10 Apr 2023 23:21:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Vagrant Cascadian <vagrant@reproducible-builds.org>:
New Bug report received and forwarded. Copy sent to reproducible-bugs@lists.alioth.debian.org, Debian UBports Team <team+ubports@tracker.debian.org>.
(Mon, 10 Apr 2023 23:21:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Source: lomiri
Severity: normal
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: randomness
X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org
The data in the shipped results.txt file contains arbitrary data:
https://tests.reproducible-builds.org/debian/rb-pkg/bookworm/amd64/diffoscope-results/lomiri.html
/usr/share/doc/lomiri/html/results.txt.gz
DUPTYPE_FIRST_OCCURRENCE·516·0·32·33·982296778·3·./classlomiri_1...
vs.
DUPTYPE_FIRST_OCCURRENCE·516·0·32·34·1071371337·3·./classlomiri_1...
The attached patch to debian/rules fixes this by removing the
results.txt from a dh_installdocs override.
The results.txt file appears to be an artifact from generating the
documentation and does not appear to be referenced from the produced
documentation, though someone familiar with using the documentation
should verify this before applying the patch!
According to my local tests, applying this patch (and another soon to be
submitted) should make lomiri build reproducibly on
tests.reproducible-builds.org once lomiri lands in debian testing!
(tests for debian unstable/experimental also test build path variations,
which introduce additional issues)
Thanks for maintaining lomiri!
live well,
vagrant
[0001-debian-rules-Add-dh_installdocs-override-to-remove-r.patch (text/x-diff, inline)]
From 20c863bb5459c89656db9ec726d8e975fb5e761c Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Mon, 10 Apr 2023 14:13:05 -0700
Subject: [PATCH 1/4] debian/rules: Add dh_installdocs override to remove
results.txt.
This file contains variable information which breaks reproducible
builds.
The results.txt file appears to be a leftover build artifact from, as
it is not obviously referrenced from the documentation itself.
---
debian/rules | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/debian/rules b/debian/rules
index 641f27c..0424204 100755
--- a/debian/rules
+++ b/debian/rules
@@ -64,6 +64,11 @@ override_dh_install:
cd debian/tmp/usr/share/doc/lomiri/html/ && symlinks -rc .
dh_install
+override_dh_installdocs:
+ dh_installdocs
+ # Remove results.txt for reproducible builds
+ rm -vf debian/lomiri-doc/usr/share/doc/lomiri/html/results.txt
+
# use private lib directories
override_dh_makeshlibs:
dh_makeshlibs -Nlomiri-tests
--
2.39.2
[signature.asc (application/pgp-signature, inline)]
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed May 17 11:43:51 2023;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.