Source: ruby-babosa Version: 2.0.0-1 Severity: wishlist Tags: patch User: [email protected] Usertags: buildpath X-Debbugs-Cc: [email protected]
Hi, Whilst working on the Reproducible Builds effort [0], we noticed that ruby-babosa could not be built reproducibly. This is because the rendered .gemspec file expands the unreproducible __dir__ variable to be included in a "cert_chain" attribute. However, this is not needed in the package, and is probably only needed if you are making releases of the package (like the 'signing_key') attribute. A patch is attached that moves the assignment of cert_chain to match the conditional of signing_key, thereby excluding it from the binary package and thus making the package reproducible. [0] https://reproducible-builds.org/ Regards, -- ,''`. : :' : Chris Lamb `. `'` [email protected] / chris-lamb.co.uk `-
--- a/debian/patches/reproducible-build.patch 1970-01-01 01:00:00.000000000 +0100 --- b/debian/patches/reproducible-build.patch 2023-07-24 09:03:51.786257737 +0100 @@ -0,0 +1,16 @@ +Description: Make the build reproducible +Author: Chris Lamb <[email protected]> +Last-Update: 2023-07-24 + +--- ruby-babosa-2.0.0.orig/babosa.gemspec ++++ ruby-babosa-2.0.0/babosa.gemspec +@@ -26,8 +26,8 @@ Gem::Specification.new do |s| + s.add_development_dependency "rubocop", ">= 0.93.0" + s.add_development_dependency "simplecov" + +- s.cert_chain = [File.expand_path("certs/parndt.pem", __dir__)] + if $PROGRAM_NAME.end_with?("gem") && ARGV.include?("build") && ARGV.include?(__FILE__) ++ s.cert_chain = [File.expand_path("certs/parndt.pem", __dir__)] + s.signing_key = File.expand_path("~/.ssh/gem-private_key.pem") + end + end --- a/debian/patches/series 2023-07-24 08:59:47.532270584 +0100 --- b/debian/patches/series 2023-07-24 09:03:50.114246613 +0100 @@ -1 +1,2 @@ remove-bundler.patch +reproducible-build.patch
_______________________________________________ Pkg-ruby-extras-maintainers mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
