Roast topics
Find topics
Roast it!
Roast topics
Find topics
Find it!
Login
From:
Simon Josefsson's blog
(Uncensored)
subscribe
Reproducible Software Releases
https://blog.josefsson.org/2025/03/24/reproducible-software-releases/
links
backlinks
Tagged with:
gitlab
gnu
guix
libidn
bootstrappable
git-archive
libtasn1
Around a year ago I discussed two concerns with software release archives (tarball artifacts) that could be improved to increase confidence in the supply-chain security of software releases. Repeating the goals for simplicity:
