** Description changed:
- This package is required by newer debhelper versions.
+ Rationale:
+ - This package is required by newer debhelper versions. In Debian it has been
developed separately from the debhelper source for historical reasons, but
debhelper depends on it now, and all Debian builds have run wit it since
https://anonscm.debian.org/cgit/debhelper/debhelper.git/commit/?id=2a1dc83a0
(August 2015).
+ - While we don't currently invest development into reproducible builds in
Ubuntu, this is a highly valuable goal, and we certainly want to make use of
Debian's work there.
- MIR research/info will follow, this is a stub for now.
+ Security: This package is still fairly young, but the security surface
+ is rather small. It only runs during package build and does things like
+ removing timestamps and sorting files, it has zero installed/runtime
+ effect on binaries and only these kind of "predictable metadata" effect
+ on other files shipped by packages. Anything dh_strip_nondeterminism can
+ potentially be exploited to do is much easier done with direct commands
+ in debian/rules.
+
+ QA:
+ - Not necessary to configure; dh calls this automatically when available
+ - No debconf questions
+ - No major bugs in Debian/no bugs in Ubuntu; package is actively being
developed and used in Debian
+ - Package has tests which run during build.
+ - All dependencies are already in main
+ - We don't expect Ubuntu specific maintenance here, we just sync from Debian
and thus get gradual improvements on package build reproducibility.
+ - I subscribed the Ubuntu Foundations Team to bug reports, who will care
about reviewing bugs.
** Changed in: strip-nondeterminism (Ubuntu)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1508999
Title:
MIR: strip-nondeterminism
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strip-nondeterminism/+bug/1508999/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
