[Feature Request] Reproducible builds #625
Comments
|
A similar request came up here recently: It looks like mksquashfs got patches that can do it: |
|
Helpful resources for this topic: |
|
@probonopd according to https://sourceforge.net/p/squashfs/mailman/message/35503759/, the only real blocker for this issue is the If we decide we don't need that value at all, though (i.e., we're not interested in when an AppImage's squashfs filesystem was created), we can just set it to some fixed value, too. As far as I can see, there's no side effects in using either method. Our tools don't depend on this value, neither do third parties'. I'll check out how we can use the patches suggested in the squashfs mailing list, and am going to build a PR demonstrating this. |
See issue #625. Uses fixed timestamp "0" for now.
|
Thanks for picking this up @TheAssassin. Do we want this to be applied all the time or just under certain circumstances? |
|
I don't see any use in the timestamp, and I think we can safely overwrite it. The remaining question is, shall we continue to use |
|
Well, if I get this right, we need to set the timestamp to a fixed value that does not change, so 0 should be as good as any other, shouldn't it? |
|
I had read this, which led my to my comment. Then let's go for 0. |
|
Alright. I'll merge the PR. |
|
Reopening as the topic is re-discussed in #695. |
I would like to see "reproducible builds" for AppImages.
When I use
appimagetoolto convert an AppDir into an AppImage, the md5 or shaX hashes change after every run, even if the AppDir didn't change.I think this has to do with some timestamps being automatically set to current by
mksquashfs.Is there a way to avoid this?
It would be very beneficial to only have changing md5/shaX hashes if and only if some "meaty" content of the AppDir changed!
The text was updated successfully, but these errors were encountered: