There should be no reproducibility issues for the Firefox part of Tor Browser anymore with the switch to ESR 45. Thus, we can get rid of libfaketime for building it.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Child items 0
Show closed items
No child items are currently assigned. Use child items to break down this issue into smaller parts.
Linked items 0
Link issues together to show that they're related.
Learn more.
Thanks. One thing I think we should keep are notes about which parts of our toolchains (and our other artifacts even if they are not exposed in the sha256sums.txt) are still not reproducible. This might make debugging issues in the future easier and leaves the ToDos obvious. Parts of the comment in the Windows gitian-utils descriptor could be resurrected for that. I know GCC is affected, too, and I bet clang as well.
Trac: Keywords: TorBrowserTeam201605R deleted, TorBrowserTeam201605 added Status: needs_review to needs_revision
diff --git a/gitian/descriptors/linux/gitian-utils.yml b/gitian/descriptors/linux/gitian-utils.ymlindex 723cd1842d6e..0adcf5d43532 100644--- a/gitian/descriptors/linux/gitian-utils.yml+++ b/gitian/descriptors/linux/gitian-utils.yml@@ -125,6 +125,10 @@ script: | cd .. # Grabbing the remaining results and making sure timestamps don't spoil them+ # Since we stopped using libfaketime, the binutils, gcc, openssl,+ # libevent archives are no longer reproducible. The main reason+ # is that they include some .a archives which include timestamps.+ # Those files are however not part of the files we ship. cd $INSTDIR ~/build/dzip.sh binutils-$BINUTILS_VER-linux$GBUILD_BITS-utils.zip binutils ~/build/dzip.sh gcc-$GCC_VER-linux$GBUILD_BITS-utils.zip gccdiff --git a/gitian/descriptors/mac/gitian-utils.yml b/gitian/descriptors/mac/gitian-utils.ymlindex 63babd7eef5a..33db2e8925a2 100644--- a/gitian/descriptors/mac/gitian-utils.yml+++ b/gitian/descriptors/mac/gitian-utils.yml@@ -54,6 +54,10 @@ script: | make $MAKEOPTS make install cd $INSTDIR+ # Since we stopped using libfaketime, the clang archive is no longer+ # reproducible. The reason is that it includes some .a archives and+ # other files which include timestamps.+ # Those files are however not part of the files we ship. ~/build/dzip.sh clang-$CLANG_VER-linux64-wheezy-utils.zip clang cp *utils.zip $OUTDIR/ else@@ -106,6 +110,10 @@ script: | cd .. # Grabbing the results+ # Since we stopped using libfaketime, the openssl archive is no+ # longer reproducible. The main reason is that it includes some .a+ # archives which include timestamps.+ # Those files are however not part of the files we ship. cd $INSTDIR ~/build/dzip.sh openssl-$OPENSSL_VER-mac64-utils.zip openssl ~/build/dzip.sh libevent-${LIBEVENT_TAG#release-}-mac64-utils.zip libeventdiff --git a/gitian/descriptors/windows/gitian-utils.yml b/gitian/descriptors/windows/gitian-utils.ymlindex 8c77c8d62cea..0876bff114b5 100644--- a/gitian/descriptors/windows/gitian-utils.yml+++ b/gitian/descriptors/windows/gitian-utils.yml@@ -180,6 +180,10 @@ script: | cd .. # Grabbing the remaining results+ # Since we stopped using libfaketime, the gcc, gmp, zlib, openssl,+ # libevent, mingw-w64 archives are no longer reproducible. The main+ # reason is that they include some .a archives which include timestamps.+ # Those files are however not part of the files we ship. cd $INSTDIR # We might want to bump binutils independent of bumping mingw-w64. touch binutils-$BINUTILS_VER-win32-utils.zip
+ # Those files are however not part of the files we ship.
maybe, it's better instead of adding comments like
+ # Since we stopped using libfaketime, the gcc, gmp, zlib, openssl,+ # libevent, mingw-w64 archives are no longer reproducible. The main+ # reason is that they include some .a archives which include timestamps.