You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be nice if Zeek supported reproducible builds - so compiling the same Zeek source always results in exactly the same binary. This would allow users to verify that Zeek binary versions of Zeek that are distributed have not been tampered with.
I am admittedly not sure where we are here - so part of the task here would be to figure out if we are already reproducible, given the settings that, e.g., Debian uses. It would also be neat if the reproducible builds hold true given the settings that we use for binary distributions, which statically link CAF and Broker - so both of these probably have to support this too.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
It would be nice if Zeek supported reproducible builds - so compiling the same Zeek source always results in exactly the same binary. This would allow users to verify that Zeek binary versions of Zeek that are distributed have not been tampered with.
Several operating systems have ongoing efforts to make as many of their packages as possible reproducible - see e.g. https://wiki.debian.org/ReproducibleBuilds for Debian. https://reproducible-builds.org/ has a bunch more general background information.
I am admittedly not sure where we are here - so part of the task here would be to figure out if we are already reproducible, given the settings that, e.g., Debian uses. It would also be neat if the reproducible builds hold true given the settings that we use for binary distributions, which statically link CAF and Broker - so both of these probably have to support this too.
Beta Was this translation helpful? Give feedback.
All reactions