Hi! On Wed, 2023-08-09 at 19:55:41 +0200, Johannes Schauer Marin Rodrigues wrote: > I would only consider switching the default if at the same time, some checks > were done that made sure that the result is bit-by-bit identical to the > original. > > The source package is the *input* to sbuild not its output. If sbuild builds > the source package it can happen that the resulting source package is not what > was given to sbuild to get built before. > > So if the source package gets rebuilt and checked whether it is bit-by-bit > identical to what was given to sbuild before, then essentially we would've > enforced reproducible source packages. If I remember correctly, reproducible > source packages are something that the reproducible builds team discarded as a > concept many years ago.
I think I've mentioned this before, but dpkg-source is supposed to be generating reproducible source packages since around the time dpkg-deb has been generating reproducible binary packages. If that's not the case in some circumstance I'd consider that a bug worth fixing (or at least pondering whether it makes sense to support :). Thanks, Guillem
