home.social
Sign in Create account

#reproducible — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #reproducible, aggregated by home.social.

  1. kpcyrd 🏴 @[email protected] ·

    Dear opensource developers,

    I added an "adoption" list to the repro-env README, if you publish pre-compiled binaries and you successfully adopted it to allow anyone to reproduce them from source code to prove the absense of a build server compromise, you are very welcome to add yourself to the list. 😺

    github.com/kpcyrd/repro-env#ad

    #reproducible #reproduciblebuilds #supplychainsecurity #rust

    #reproducible #reproduciblebuilds #supplychainsecurity #rust
  2. Gea-Suan Lin @[email protected] ·

    blog.gslin.org/archives/2026/0

    Debian 下一版 (forky) 將會強制要求 reproducible packaging

    #build #chain #debian #integrity #linux #package #packaging #reproducible #security #software #trust

    #build #chain #debian #integrity #linux #package
  3. Aptivi @[email protected] ·

    Debian 14 will only contain reproducible packages

    Reproducible builds are a set of rules that apply to software development, including applications and libraries, to create a verifiable path from the source code to the binary code. It allows you to build the library or the application bit-for-bit. Reproducible builds tend to have great features, including, but not limited to:

    • Security and trust: Allows third-parties to make sure that the software hasn’t been altered or tampered with.
    • Transparency in development: Makes sure that developers’ code always works the same way.
    • Resilience against attacks: Allows third-parties to verify the developers’ software to prevent your projects from being compromised.

    Half way through the development cycle of the upcoming Debian release expected in 2027, Debian 14 Forky, the Debian release team has made a decision regarding the reproducible builds effort. Over the years with the Reproducible Builds effort that makes sure that packages get built consistently bit-for-bit, the Debian release team has decided that reproducible builds must be satisfied for the Debian packages to be approved.

    A new mandate for Debian 14 Forky states that the reproducible packages, which are packages that build consistently and with confidence bit-for-bit, must be shipped. The migration software will reject the package addition or update if said package no longer becomes reproducible.

    The Debian release team has also provided a link that allows you to check the package reproducibility status for the upcoming version of Debian via https://reproduce.debian.net/.

    Via: Phoronix

    #Debian #Debian14 #Debian14Forky #DebianForky #news #Reproducible #ReproducibleBuilds #ReproduciblePackages #Tech #Technology #update
    #debian #debian14 #debian14forky #debianforky #news #reproducible
  4. Aptivi @[email protected] ·

    Debian 14 will only contain reproducible packages

    Reproducible builds are a set of rules that apply to software development, including applications and libraries, to create a verifiable path from the source code to the binary code. It allows you to build the library or the application bit-for-bit. Reproducible builds tend to have great features, including, but not limited to:

    • Security and trust: Allows third-parties to make sure that the software hasn’t been altered or tampered with.
    • Transparency in development: Makes sure that developers’ code always works the same way.
    • Resilience against attacks: Allows third-parties to verify the developers’ software to prevent your projects from being compromised.

    Half way through the development cycle of the upcoming Debian release expected in 2027, Debian 14 Forky, the Debian release team has made a decision regarding the reproducible builds effort. Over the years with the Reproducible Builds effort that makes sure that packages get built consistently bit-for-bit, the Debian release team has decided that reproducible builds must be satisfied for the Debian packages to be approved.

    A new mandate for Debian 14 Forky states that the reproducible packages, which are packages that build consistently and with confidence bit-for-bit, must be shipped. The migration software will reject the package addition or update if said package no longer becomes reproducible.

    The Debian release team has also provided a link that allows you to check the package reproducibility status for the upcoming version of Debian via https://reproduce.debian.net/.

    Via: Phoronix

    #Debian #Debian14 #Debian14Forky #DebianForky #news #Reproducible #ReproducibleBuilds #ReproduciblePackages #Tech #Technology #update
    #debian #debian14 #debian14forky #debianforky #news #reproducible
  5. Aptivi @[email protected] ·

    Debian 14 will only contain reproducible packages

    Reproducible builds are a set of rules that apply to software development, including applications and libraries, to create a verifiable path from the source code to the binary code. It allows you to build the library or the application bit-for-bit. Reproducible builds tend to have great features, including, but not limited to:

    • Security and trust: Allows third-parties to make sure that the software hasn’t been altered or tampered with.
    • Transparency in development: Makes sure that developers’ code always works the same way.
    • Resilience against attacks: Allows third-parties to verify the developers’ software to prevent your projects from being compromised.

    Half way through the development cycle of the upcoming Debian release expected in 2027, Debian 14 Forky, the Debian release team has made a decision regarding the reproducible builds effort. Over the years with the Reproducible Builds effort that makes sure that packages get built consistently bit-for-bit, the Debian release team has decided that reproducible builds must be satisfied for the Debian packages to be approved.

    A new mandate for Debian 14 Forky states that the reproducible packages, which are packages that build consistently and with confidence bit-for-bit, must be shipped. The migration software will reject the package addition or update if said package no longer becomes reproducible.

    The Debian release team has also provided a link that allows you to check the package reproducibility status for the upcoming version of Debian via https://reproduce.debian.net/.

    Via: Phoronix

    #Debian #Debian14 #Debian14Forky #DebianForky #news #Reproducible #ReproducibleBuilds #ReproduciblePackages #Tech #Technology #update
    #debian #debian14 #debian14forky #debianforky #news #reproducible
  6. Aptivi @[email protected] ·

    Debian 14 will only contain reproducible packages

    Reproducible builds are a set of rules that apply to software development, including applications and libraries, to create a verifiable path from the source code to the binary code. It allows you to build the library or the application bit-for-bit. Reproducible builds tend to have great features, including, but not limited to:

    • Security and trust: Allows third-parties to make sure that the software hasn’t been altered or tampered with.
    • Transparency in development: Makes sure that developers’ code always works the same way.
    • Resilience against attacks: Allows third-parties to verify the developers’ software to prevent your projects from being compromised.

    Half way through the development cycle of the upcoming Debian release expected in 2027, Debian 14 Forky, the Debian release team has made a decision regarding the reproducible builds effort. Over the years with the Reproducible Builds effort that makes sure that packages get built consistently bit-for-bit, the Debian release team has decided that reproducible builds must be satisfied for the Debian packages to be approved.

    A new mandate for Debian 14 Forky states that the reproducible packages, which are packages that build consistently and with confidence bit-for-bit, must be shipped. The migration software will reject the package addition or update if said package no longer becomes reproducible.

    The Debian release team has also provided a link that allows you to check the package reproducibility status for the upcoming version of Debian via https://reproduce.debian.net/.

    Via: Phoronix

    #Debian #Debian14 #Debian14Forky #DebianForky #news #Reproducible #ReproducibleBuilds #ReproduciblePackages #Tech #Technology #update
    #update #technology #tech #reproduciblepackages #reproduciblebuilds #reproducible
  7. Aptivi @[email protected] ·

    Debian 14 will only contain reproducible packages

    Reproducible builds are a set of rules that apply to software development, including applications and libraries, to create a verifiable path from the source code to the binary code. It allows you to build the library or the application bit-for-bit. Reproducible builds tend to have great features, including, but not limited to:

    • Security and trust: Allows third-parties to make sure that the software hasn’t been altered or tampered with.
    • Transparency in development: Makes sure that developers’ code always works the same way.
    • Resilience against attacks: Allows third-parties to verify the developers’ software to prevent your projects from being compromised.

    Half way through the development cycle of the upcoming Debian release expected in 2027, Debian 14 Forky, the Debian release team has made a decision regarding the reproducible builds effort. Over the years with the Reproducible Builds effort that makes sure that packages get built consistently bit-for-bit, the Debian release team has decided that reproducible builds must be satisfied for the Debian packages to be approved.

    A new mandate for Debian 14 Forky states that the reproducible packages, which are packages that build consistently and with confidence bit-for-bit, must be shipped. The migration software will reject the package addition or update if said package no longer becomes reproducible.

    The Debian release team has also provided a link that allows you to check the package reproducibility status for the upcoming version of Debian via https://reproduce.debian.net/.

    Via: Phoronix

    #Debian #Debian14 #Debian14Forky #DebianForky #news #Reproducible #ReproducibleBuilds #ReproduciblePackages #Tech #Technology #update
    #debian #debian14 #debian14forky #debianforky #news #reproducible
  8. 52°North @52North ·

    💁‍♂️ Want to know how to make computational research more reusable❓
    👍 Join our short course on Supporting the understanding and reuse of analysis workflows.

    📅 Friday, May 8
    🕓 8:30-10:15

    Check out the poster:
    From Data Rocks to Peaks: With NFDI4Earth’s services towards Harmonized Metadata and User-Centered Tools for Earth System Research.

    📅 Friday, May 8
    🕓 16:15–18:00

    👉 52north.org/events/egu-general

    #reproducible #nfdi4earth #fair #reproducibleresearch #datadiscovery #egu26
  9. Arch Linux :archlinux: @archlinux ·

    [arch-dev-public] Arch Linux now has a bit-for-bit reproducible Docker image

    lists.archlinux.org/archives/l

    #linux #archlinux #reproduciblebuilds #reproducible
  10. gary @[email protected] ·

    @nickbearded i think older cheap pc platform is probably better value once prices crash and they will eventually selling the sw but also the hw you know it runs really well on is a key uniter point and then you have the total package, repeat for pihole, open source pineapple, kismet, ssl/tls proxy, squid caching proxy, web server and lamp stack, etc dedicated monitoring and analytics is another, central logging is another #bashcore modules #extensions #plugins #sbom #reproducible builds #ansible playbooks

    #bashcore #extensions #plugins #sbom #reproducible #ansible
  11. F-Droid @[email protected] ·

    @besendorf
    > #FDroid is an App Store that does not allow developers to sign their own apps

    Why lie though? Developers can always sign their own #FLOSS verified #reproducible built apps, we host almost 1000 of those.

    Many developers choose not to submit to #Google, hence no matter if they sign or not, it does not matter if you download via Github, Obtainium or Accrescent, their apps won't be installable anyway.

    If the #keepandroidopen site does not make this clear, please say so.

    #fdroid #floss #reproducible #google #keepandroidopen
  12. Unattributed 𓂃✍︎ @[email protected] ·

    Testing Fountain Pen Inks

    Question: has anyone done extensive testing on any fountain pen inks?

    I don’t mean the standard Mountain of Ink style, sample card, writing sample, etc. visual comparisons. (I’d like to call this subjective measurement, but chromatographic measurements aren’t subjective if done in a controlled manner.)

    I am thinking more objective testing: viscosity, density, flow rate @ a given line width, etc.

    I was thinking about this type of testing tonight, and it seems to me that there are a lot of factors that would need to be controlled: temperature, air pressure / barometric pressure, nib consistency, friction (aka heat), etc. Given what I was thinking this could be an interesting experiment, if someone wanted to undertake controlling all the variables, and implementing the controls necessary for consistent results.

    #measurement #inks #fountainpenink #scientific #reproducible #objective
  13. Unattributed 𓂃✍︎ @[email protected] ·

    Testing Fountain Pen Inks

    Question: has anyone done extensive testing on any fountain pen inks?

    I don’t mean the standard Mountain of Ink style, sample card, writing sample, etc. visual comparisons. (I’d like to call this subjective measurement, but chromatographic measurements aren’t subjective if done in a controlled manner.)

    I am thinking more objective testing: viscosity, density, flow rate @ a given line width, etc.

    I was thinking about this type of testing tonight, and it seems to me that there are a lot of factors that would need to be controlled: temperature, air pressure / barometric pressure, nib consistency, friction (aka heat), etc. Given what I was thinking this could be an interesting experiment, if someone wanted to undertake controlling all the variables, and implementing the controls necessary for consistent results.

    #measurement #inks #fountainpenink #scientific #reproducible #objective
  14. Unattributed 𓂃✍︎ @[email protected] ·

    Testing Fountain Pen Inks

    feddit.online/c/fountainpens/p

    #measurement #inks #fountainpenink #scientific #reproducible #objective
  15. Unattributed 𓂃✍︎ @[email protected] ·

    Testing Fountain Pen Inks

    feddit.online/c/fountainpens/p

    #objective #reproducible #scientific #fountainpenink #inks #measurement
  16. Unattributed 𓂃✍︎ @[email protected] ·

    Testing Fountain Pen Inks

    feddit.online/c/fountainpens/p

    #measurement #inks #fountainpenink #scientific #reproducible #objective
  17. Arik Grahl @[email protected] ·

    From #ContainerDays London to Barcelona: big thanks to the #DevOps BCN #Meetup for having me!

    I revisited my talk on moving beyond imperative #Docker builds toward #Declarative, #Reproducible and #Secure #OCI #Containers with #Nix:
    Hermetic, network-isolated builds, clearer dependency graphs, better layer reuse across images, and a stronger supply-chain story (#SBOM + #SLSA provenance).

    You can find the slides, transcript and more information at my website: arik-grahl.de/talks/devops-bcn

    #containerdays #devops #meetup #docker #declarative #reproducible
  18. Arik Grahl @[email protected] ·

    What a great first day at #ContainerDays London.

    Looking forward to see you tomorrow at 09:40 at my talk "Beyond #Docker Builds: #Declarative, #Reproducible and #Secure #OCI #Containers with #Nix".

    arik-grahl.de/talks/container-

    #CDSLondon

    #containerdays #docker #declarative #reproducible #secure #oci
  19. Max @[email protected] ·

    After dithered images my next obsession is 'workflow managers' 🎈Yesterday night I binged some videos from #riffomonas about #reproducible research (CC248 to CC256). He used #snakemake , which looked very nice! Now I also looked up #nextflow It looks fierce!
    I am going to learn one of them, and snakemake currently feels more approachable... But what do you think? Any advice? I want to use it in my #bioinformatics #pipeline s; I mainly write in R
    #rstats #tidyverse
    riffomonas.org

    #riffomonas #reproducible #snakemake #nextflow #bioinformatics #pipeline
  20. Luca Di Maio @89luca89 ·

    The recording of my talk is now available!

    fosdem.org/2026/schedule/event

    #fosdem #linux #filesystem #xfs #reproducible #builds
  21. Bioninformatician_next_door @[email protected] ·

    Well after quite some months a new release has landed on main branch with git commit: codeberg.org/stagex/stagex/com
    With this release #StageX brings more freedom to everybody by using `natively` #llvm to build the complete tree (full source #bootstrapped and #reproducible as always), initializing the era of cross-compiling "easily" for any other CPU architecture.If that doesn't excites you, then get prepared for other even better things coming into the next release!
    See you at #FOSSDEM26 for stickers!

    #stagex #llvm #bootstrapped #reproducible #fossdem26
  22. GNU Guix @[email protected] ·

    @momo hi!

    Yes you can see what's available as a package locally using the 'guix search' command or the package browser:

    packages.guix.gnu.org/search/?

    In Guix 'substitutes' is the term we use for #nix precompiled binaries. Most people use them. You can check if a substitute is available like this:

    guix weather --substitute-urls=ci.guix.gnu.org --system=x86_64-linux [email protected]

    The installer asks the user if they want to enable substitutes so it's easy to set-up.

    The manual has more
    details on ways to enable other channels and substitute servers. It also covers how to check a build against multiple substitute servers for #reproducible software and potentially a #security #supplychain indication.

    #nix #reproducible #security #supplychain
  23. GNU Guix @[email protected] ·

    Interested in #declarative computing, #linux or #reproducible software? #Guix is going to be at #FOSDEM for lots of goodness on #guile #scheme and the #nix approach to packaging #FreeSoftware - check out the talks various people are giving:

    guix.gnu.org/blog/2026/meet-gu

    As usual the Declarative and Minimalist computing track will have lots of interesting #lisp #spritely and #nrepl talks!

    #declarative #linux #reproducible #guix #fosdem #guile
  24. gabber @[email protected] ·

    In case you haven't heard it already: we at @fsi have started packaging software, to make awesome #FLOSS available to you #electronics and #chip #designers
    Highlight so far include klayout and magic, which are now easily available to you #Guix users through simple invokations, like:

    guix shell klayout -- klayout

    or

    guix shell magic -- magic

    #GNU Guix not only allows for most up-to-date packages, #reproducible development and build environments and an absolute dedication to #freesoftware, it also eases contribution, extension and enhancement of already available solutions.

    Check it out! Don't hesitate to reach out if you have questions!

    f-si.org
    guix.gnu.org

    #silicon #freesilicon #FOSS #chipdesign #EDA #electronicdesignautomation

    #floss #electronics #chip #designers #guix #gnu
  25. Dom Somma @[email protected] ·

    We built a containerised workflow that handles QC, doublet detection, CITE‑seq for scRNA‑seq data, and outputs a ready‑to‑use #Seurat object. One command, #reproducible results—ideal for labs without dedicated bioinformatics support.

    #seurat #reproducible
  26. Dutch Reproducibility Network @[email protected] ·

    #Workshop Announcement:
    #Galaxy is an online platform for #reproducible #workflows. Learn how to create your own workflow and see if this is a tool that you can use for your own work.

    This workshop is an entrance level, hands-on workshop. Bring your own laptop if you would like to type and click along or follow the demo on the screen.
    The workshop is organize by Kees den Heijer and Mirela Minkova from SURF.

    Photo by NASA on Unsplash

    #workshop #galaxy #reproducible #workflows
  27. Bioninformatician_next_door @[email protected] ·

    @fasterthanlime
    There is a #bounty of $1000 to solve for #reproducible #rust to build x86_64-linux-gnu libstd for rust 1.91 with #stagex and be able to compile a dynamically linked rust binary with it that runs on #Debian.
    Would you be interested to take the challenge?

    #containers #linux

    #stagex #bounty #reproducible #rust #debian #containers
  28. blake shaw @[email protected] ·

    I take that back, a (ideally #bootstrappable) #reproducible declaratively defined OS distribution like #guix is the best means to maintain a global perspective of your OS. But unless you are a minimal uptime warrior that keeps everything in a /tmp-like directory that is flushed on shutdown, you still need email to keep track with whats going on! (and you can't convince me that setting up prometheus compares to working directly with the plumbing! at least for monolithic desktop user systems)

    #bootstrappable #reproducible #guix
  29. Vivekanandan KS :nixos:(vivek) @[email protected] ·

    @codemonkeymike
    Awesome 🔥❤️
    Also instead of downloading an ISO like that, any way to build the exact ISO locally?😁
    So that u can just push the flake and I'll fetch the latest one with caching.

    Not sure if even the official nixos is doing this.
    #nixbook #nix #os #iso #image #installation #reproducible #builds

    #nixbook #nix #os #iso #image #installation
  30. Francesco P Lovergine :debian: @[email protected] ·

    Some notes about the whole #reproducible #computing environments idea and #guix implementation.

    lovergine.com/about-computing-

    #reproducible #computing #guix
  31. The Turing Way Project @turingway ·

    👀 Are you interested in ? and research? ?

    🤲 Have you contributed before to The Turing Way? If not, are you curious about it?

    #datascience #open #reproducible #researchcommunities
  32. Josep Bigorra (jjba23) @[email protected] ·

    A minimal, declarative setup for productive Rust 🦀 hacking on Emacs + Guix

    jointhefreeworld.org/blog/arti

    I noticed there was a blatant lack of resources and documentation on this particular setup.

    With a tiny manifest and a small Emacs configuration, you get a powerful, reproducible, elegant Rust development environment.

    #rust #guix #emacs #dev #manifest #shell #development #environment #ide #clippy #lsp #gnu #reproducible #direnv #eglot

    #rust #guix #emacs #dev #manifest #shell
  33. GNU Guix @[email protected] ·

    Thanks to the @fsf for promoting GNU Guix's fundraising.

    Like many other Free Software project's we depend on our users and fans support to pay for the project's expenses.

    We're running a campaign to 'sustain and strengthen' Guix. As a #linux distribution we have a lot of #packages which costs quite a bit to build and distribute to users. And, as we use the declarative and reproducible system pioneered by #Nix we rebuild packages whenever there's a change.

    If you'd like to know more about what we're doing, or support the project you can check out the blog post:

    guix.gnu.org/en/blog/2025/fund

    We appreciate any support that people can give!

    #linux #guix #gnuguix #scheme #guile #freesoftware #declarative #reproducible

    #linux #packages #nix #guix #scheme #guile
  34. gary @[email protected] ·

    @zed @paulasadoorian paul may run arch btw, salt is really rough on lawns - try to use calcium chloride #salt vs salt instead? #reproducible builds #emba

    #salt #reproducible #emba
  35. F-Droid @[email protected] ·

    This week in #FDroid (TWIF) is live:

    * #Nextcloud store shenanigans
    * #Cheogram in Space-s
    * #DeltaChat and #ArcaneChat fork
    * #FluffyChat feature full
    * #Tachiyomi successor #Kahon
    * #Inure #reproducible
    * #PasswordStore fork
    * #ReplicantOS and #NGI
    * #NewPipe out of the 360p jail
    + 12 new apps
    + 195 updates

    Go beyond clouds in f-droid.org/2025/05/15/twif.ht

    #fdroid #nextcloud #cheogram #deltachat #arcanechat #fluffychat
  36. F-Droid @[email protected] ·

    This week in #FDroid (TWIF) is live:

    * #Nextcloud store shenanigans
    * #Cheogram in Space-s
    * #DeltaChat and #ArcaneChat fork
    * #FluffyChat feature full
    * #Tachiyomi successor #Kahon
    * #Inure #reproducible
    * #PasswordStore fork
    * #ReplicantOS and #NGI
    * #NewPipe out of the 360p jail
    + 12 new apps
    + 195 updates

    Go beyond clouds in f-droid.org/2025/05/15/twif.ht

    #fdroid #nextcloud #cheogram #deltachat #arcanechat #fluffychat
  37. F-Droid @[email protected] ·

    This week in #FDroid (TWIF) is live:

    * #Nextcloud store shenanigans
    * #Cheogram in Space-s
    * #DeltaChat and #ArcaneChat fork
    * #FluffyChat feature full
    * #Tachiyomi successor #Kahon
    * #Inure #reproducible
    * #PasswordStore fork
    * #ReplicantOS and #NGI
    * #NewPipe out of the 360p jail
    + 12 new apps
    + 195 updates

    Go beyond clouds in f-droid.org/2025/05/15/twif.ht

    #fdroid #nextcloud #cheogram #deltachat #arcanechat #fluffychat
  38. F-Droid @[email protected] ·

    This week in #FDroid (TWIF) is live:

    * #Nextcloud store shenanigans
    * #Cheogram in Space-s
    * #DeltaChat and #ArcaneChat fork
    * #FluffyChat feature full
    * #Tachiyomi successor #Kahon
    * #Inure #reproducible
    * #PasswordStore fork
    * #ReplicantOS and #NGI
    * #NewPipe out of the 360p jail
    + 12 new apps
    + 195 updates

    Go beyond clouds in f-droid.org/2025/05/15/twif.ht

    #newpipe #ngi #replicantos #passwordstore #reproducible #inure
  39. F-Droid @[email protected] ·

    This week in #FDroid (TWIF) is live:

    * #Nextcloud store shenanigans
    * #Cheogram in Space-s
    * #DeltaChat and #ArcaneChat fork
    * #FluffyChat feature full
    * #Tachiyomi successor #Kahon
    * #Inure #reproducible
    * #PasswordStore fork
    * #ReplicantOS and #NGI
    * #NewPipe out of the 360p jail
    + 12 new apps
    + 195 updates

    Go beyond clouds in f-droid.org/2025/05/15/twif.ht

    #fdroid #nextcloud #cheogram #deltachat #arcanechat #fluffychat
  40. gary @[email protected] ·
    CW: re: Release notes for v25.04.1 of Malcolm, a powerful, easily deployable network traffic analysis tool suite for network security monitoring

    @mmguero the only minor quibble i have is if you upgrade you have to reinstall - overall it works great #deps #datastore #reproducible builds #arkime

    #deps #datastore #reproducible #arkime
  41. 💧🌏 Greg Cocks @[email protected] ·

    The Affordable DIY Mandeye Lidar System For Surveying Caves, And How To Convert 3D Clouds Into Traditional Cave Ground Plans And Extended Profiles
    --
    doi.org/10.5038/1827-806X.53.3 <-- shared paper
    --
    #GIS #spatial #mapping #LiDAR #cave #cavediving #cavemapping #speleology #workflow #survey #remotesensing #pointcloud #mobilemapping #3Dmapping #profile #model #modeling #3dmodel #opensource #openhardware #reproducible #affordable #DIY #Mandeye

    #gis #spatial #mapping #lidar #cave #cavediving
  42. Gea-Suan Lin @[email protected] ·

    Debian 的 Live Image 可以重現構建了 (reproducible build)

    在 Hacker News 上看到「Debian bookworm live images now reproducible (lwn.net)」,在 Debian 上的 Live Image 可以重現了構建了:「Debian bookworm live images now fully reproducible」。 Reproducible builds 可以證明 build 出來的東西沒有被「私下」加料,因為其他人也可以拿一樣的 source 編出同樣的 binary。 因為這是 OS 層的東西,算是 chain of trust 非常前端的一環,對於很在意安全性的人來說,這點讓 Debian 變成了可被稽核驗證的項目,而非單純相信原廠…

    blog.gslin.org/archives/2025/0

    #builds #chain #debian #image #linux #live #reproducible #trust

    #builds #chain #debian #image #linux #live
  43. Hacker News @[email protected] ·

    NixOS and reproducible builds could have detected the xz backdoor

    luj.fr/blog/how-nixos-could-ha

    #HackerNews #NixOS #reproducible #builds #xz #backdoor #security #technews

    #hackernews #nixos #reproducible #builds #xz #backdoor
  44. gary @[email protected] ·

    @axel all i am saying is don't underestimate the mkt, also don't overestimate it. what other tools do you think clients would benefit from? I'd say faster networking, nvme, more ram, pihole and various lamp scripts modded and tweaked, toplists, osint, analytic suite, seo, 24/7pkt cap. also would add r proxy from a vps - no quotas #wildcards #iaas #howtoforge #reproducible builds #tls proxy

    #wildcards #iaas #howtoforge #reproducible #tls
  45. Robin Lovelace @robinlovelace ·

    Looking forward to upcoming session by @loreabad6. Excellent slides: github.com/loreabad6/post .

    #sdsl2024 #reproducible #sdsl #geocompx
  46. Robin Lovelace @robinlovelace ·

    Coinciding with the Spatial Data Sciences across Languages () workshop, I've released a new template for creating, auto-deploying and sharing slides. Works with , and more thanks to Quarto! See buff.ly/3zqQj8D and talk incoming 🚀

    #sdsl #opensource #reproducible #rstats #python
  47. Lance R. Vick @[email protected] ·

    Wanted to share that [Stageˣ] is now full source bootstrapped, 100% reproducible, signed by 2-3 independent reviewers/reproducers on every release, and can build itself.

    It can be the base of reproducible build containers for most projects written in c, c++, nodejs, go, php, ocaml, rust, or zig.

    I am thankful for the efforts of our team, and the patient advice and tireless debugging of people in the #reproducible-builds and #bootstrappable projects <3

    codeberg.org/stagex/stagex

    #reproducible #bootstrappable
  48. Leonardo Lenoci ✅ @[email protected] ·

    Are your #software environments truly #reproducible? Can the data obtained using complex software pipelines really pass the proof of time? Is your #research transparent and its results reproducible? Have a look at this nice article: nature.com/articles/s41597-022 . The approach outlined in the article goes beyond research. I use #GNU #Guix in my daily work to test software. Try to replicate my bit-to-bit reproducible @irods test environment at github.com/ll4strw/irods_guix
    #FreeSoftware #GNUGuix #iRODS

    #software #reproducible #research #gnu #guix #freesoftware
  49. Christophe Bousquet @[email protected] ·

    Four #principles for improved #statistical #ecology

    #OpenAccess
    @MethodsEcolEvol

    "(1) define a focussed #ResearchQuestion, then plan #sampling and #analysis to answer it; (2) develop a #model that accounts for the #distribution and #dependence of your #data; (3) emphasise #EffectSizes to replace #StatisticalSignificance with #EcologicalRelevance; and (4) report your #methods and #findings in sufficient detail so that your research is valid and #reproducible"

    besjournals.onlinelibrary.wile

    #reproducible #findings #methods #ecologicalrelevance #statisticalsignificance #effectsizes
  50. Esther Plomp @[email protected] ·

    The programme of today's event organised by the scientific network on #Open and #Reproducible #DataScience and #Statistics #ORDSMV is already going on strong!

    In half an hour I'll talk about my five selfish reasons to join #OpenScience initatives!

    You can find my slides here:
    doi.org/10.5281/zenodo.1011422

    #openscience #ordsmv #statistics #datascience #reproducible #open