From mboxrd@z Thu Jan 1 00:00:00 1970 From: Thomas Petazzoni Date: Mon, 10 Sep 2018 21:37:56 +0200 Subject: [Buildroot] [PATCH v5 0/3] Add tainting support to buildroot In-Reply-To: <20180910180705.GF2674@scaer> References: <20180909133341.GJ2841@scaer> <20180909142019.GK2841@scaer> <20180909185518.GA2409@scaer> <20180910150009.GA2674@scaer> <20180910180705.GF2674@scaer> Message-ID: <20180910213756.49d85d30@windsurf> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: buildroot@busybox.net Hello, On Mon, 10 Sep 2018 20:07:05 +0200, Yann E. MORIN wrote: > If you are going so far as to explicitly write this line, just hide the > package behing BR2_REPRODUCIBLE instead, yes. I think BR2_REPRODUCIBLE is not the same thing. BR2_REPRODUCIBLE means "assuming we have the same source code and configuration, we guarantee that the binary results will be bit-to-bit identical". While the reproducibility issue we are talking about in this thread is about having the same source code each time the build is done. It's obviously a requirement for BR2_REPRODUCIBLE to work, but the fact that we build with the same source code each time the build is done is a property of Buildroot regardless of whether BR2_REPRODUCIBLE is enabled or not. So I'm sorry, but this suggestion to hide a package behind BR2_REPRODUCIBLE because the *source* is not guaranteed to be the same each time is not a good suggestion IMO, as it's confusing two different "reproducible" properties. Best regards, Thomas -- Thomas Petazzoni, CTO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com