Package: gitpkg
Version: 0.26
Severity: wishlist
The tarballs created by gitpkg are not reproducible. I am running
gitpkg against tuptime here, and it gives me this:
[1022]anarcat@angela:test$ diffoscope 3.3.0.tar.gz deb-packages/tuptime/
build-tuptime_3.3.0-1_20160412+19.53.log tuptime_3.3.0-1_amd64.deb
tuptime_3.3.0-1.dsc
tuptime_3.3.0-1_amd64.changes tuptime_3.3.0-1.debian.tar.xz
tuptime_3.3.0.orig.tar.gz
[1022]anarcat@angela:test$ diffoscope 3.3.0.tar.gz
deb-packages/tuptime/tuptime_3.3.0.orig.tar.gz
--- 3.3.0.tar.gz
+++ deb-packages/tuptime/tuptime_3.3.0.orig.tar.gz
├── metadata
│ @@ -1 +1 @@
│ -gzip compressed data, from Unix
│ +gzip compressed data, last modified: Tue Apr 12 19:53:23 2016, from Unix
╵
To reproduce this:
1014 wget https://github.com/rfrail3/tuptime/archive/3.3.0.tar.gz
1015 git clone g...@github.com:anarcat/tuptime.git
1016 cd tuptime/
1017 ~/dist/gitpkg/gitpkg --exit-hook=dpkg-buildpackage-exit-hook 3.3.0-1
3.3.0
1018 gitpkg --exit-hook=dpkg-buildpackage-exit-hook 3.3.0-1 3.3.0
1019 pwd
1020 cd ../
1021 ls
1022 diffoscope 3.3.0.tar.gz deb-packages/tuptime/tuptime_3.3.0.orig.tar.gz
To fix this:
diff --git a/gitpkg b/gitpkg
index cfb0b7c..ba0a38c 100755
--- a/gitpkg
+++ b/gitpkg
@@ -680,9 +680,9 @@ build_with_exported_orig()
# handles making tarballs badly anyhow and will leave the .orig suffix
# in the path inside them.
- echo "tar cf - $DEB_PACKAGE(.orig) | $ORIG_COMPRESSOR$ORIG_COMPRESS_LEVEL
> $DEB_ORIG"
+ echo "tar cf - $DEB_PACKAGE(.orig) | $ORIG_COMPRESSOR -n
$ORIG_COMPRESS_LEVEL > $DEB_ORIG"
tar --transform "s,^$DEB_PACKAGE.orig,$DEB_PACKAGE," \
- -cf - "$DEB_PACKAGE.orig" | $ORIG_COMPRESSOR $ORIG_COMPRESS_LEVEL >
"$DEB_ORIG"
+ -cf - "$DEB_PACKAGE.orig" | $ORIG_COMPRESSOR -n $ORIG_COMPRESS_LEVEL >
"$DEB_ORIG"
if ! format3_lameness; then
echo "dpkg-source" "${DPKG_SOURCE_OPTS[@]}" "-b -ss $DEB_PACKAGE"
@@ -885,9 +885,9 @@ else
) || exit 1
else
printf "git archive --prefix=$DEB_PACKAGE/ $GITPKG_ORIG_TREEISH"
- printf " | $ORIG_COMPRESSOR$ORIG_COMPRESS_LEVEL > $DEB_ORIG\n"
+ printf " | $ORIG_COMPRESSOR -n $ORIG_COMPRESS_LEVEL > $DEB_ORIG\n"
git archive --format=tar --prefix="$DEB_PACKAGE/"
"$GITPKG_ORIG_TREEISH" |
- $ORIG_COMPRESSOR $ORIG_COMPRESS_LEVEL \
+ $ORIG_COMPRESSOR -n $ORIG_COMPRESS_LEVEL \
> "$DEB_DIR/$DEB_SOURCE/$DEB_ORIG"
(
cd "$DEB_DIR/$DEB_SOURCE"
Then it all feels fuzzy and warm.
Of course this assumes upstreams have clues.
-- System Information:
Debian Release: 8.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable'), (1, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.2.0-0.bpo.1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages gitpkg depends on:
ii dpkg-dev 1.17.26
ii git 1:2.1.4-2.1+deb8u2
gitpkg recommends no packages.
Versions of packages gitpkg suggests:
ii devscripts 2.15.3
-- no debconf information
