Re: when will we finally throw away binary uploads (Re: Please upgrade your build environment when you are affected by transition
How many uploaded binaries might include malware?
A lack of binary determinism in the build process basically ensures
that it isn't feasible to discover an answer to this question. :(
All the best,
On 2/13/14, Holger Levsen <firstname.lastname@example.org> wrote:
> On Donnerstag, 13. Februar 2014, Ondřej Surý wrote:
>> this is just a pledge to you all fellow debian developers to update your
>> build environment before you build a package.
> I want all binary packages to be rebuild on *.debian.org hosts. Everything
> else is just an ugly workaround.
> P.S.: and reproducible builds after that, then...