Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Build reproducibility #77

Open
ia0 opened this issue Mar 28, 2023 · 1 comment
Open

Build reproducibility #77

ia0 opened this issue Mar 28, 2023 · 1 comment
Labels
for:security Improves firmware or project security needs:design Needs design to make progress

Comments

@ia0
Copy link
Member

ia0 commented Mar 28, 2023
edited

Currently, most parts of the build are pinned to a given version using rust-toolchain.toml and Cargo.lock files. However some parts are not, essentially things installed globally, like apt-get install.

It's not great to force a version on the user, so a solution needs to be found to localize those global tools. Building in a chroot? Not enforcing the version but only measuring it?
@ia0 ia0 added needs:design Needs design to make progress for:security Improves firmware or project security labels Mar 28, 2023
@ia0

This comment was marked as outdated.

Sign in to view
@ia0 ia0 mentioned this issue Apr 11, 2023
Merged
ia0 added a commit that referenced this issue Apr 12, 2023
@ia0
Add wrapper script to install dependencies on demand (#102)
cf0524a 
This is a step towards #77.
kofls pushed a commit to kofls/wasefire that referenced this issue Nov 27, 2023
@ia0
Add wrapper script to install dependencies on demand (google#102)
49668e2 
This is a step towards google#77.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
for:security Improves firmware or project security needs:design Needs design to make progress
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ia0