On 1 February 2018 at 23:54, Petr Viktorin <[email protected]> wrote: > Honestly, I'm not sure we want to use this in Fedora. Is anyone here into > reproducible builds, to make a better argument for this?
I believe rpmbuild (et al) all set SOURCE_DATE_EPOCH in the environment, so Fedora's likely to get the new CHECKED_HASH behaviour by default: https://docs.python.org/dev/library/py_compile.html#py_compile.compile Given that SELinux typically won't allow user applications to rewrite the bytecode anyway, we may want to specify the use of UNCHECKED_HASH at build time instead - with that setting, Python will ignore source file changes entirely, and trust that RPM will keep the source and pyc files consistent. Cheers, Nick. -- Nick Coghlan | [email protected] | Brisbane, Australia _______________________________________________ python-devel mailing list -- [email protected] To unsubscribe send an email to [email protected]
