Hi, On 20/09/18 17:03, Ian Goldberg wrote: > To be clear, the place this is used in otr is exactly to build the > released *source tarball* from git, so that even the source tarball is > reproducible. The binary package builders then build (reproducible) > binaries from the reproducible source tarball.
I guess this is less bad. Still it is nice to have a backup mechanism in place to allow for things to work when git isn't around. I notice that tor's changelogs do have dates. Can we reliably parse that out and set it to midnight or midday or whatever for time if git information isn't around (which would likely be the case when you're looking at a release not in between releases where the date might still be ??)? Thanks, Iain.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev