[arch-commits] Commit in python-oscrypto/trunk (PKGBUILD)
Jonas Witschel
diabonas at gemini.archlinux.org
Thu Mar 31 15:41:53 UTC 2022
Date: Thursday, March 31, 2022 @ 15:41:53
Author: diabonas
Revision: 1177960
upgpkg: python-oscrypto 1.3.0-3: reproducibility rebuild
reproducible.archlinux.org is showing that python-oscrypto 1.3.0-2 is not
reproducible. The diffoscope output shows differences in the compiled bytecode
such as
-000003a0: 6f72 6d5a 1167 6574 7769 6e64 6f77 7376 ormZ.getwindowsv
-000003b0: 6572 7369 6f6e a900 721d 0000 0072 1d00 ersion..r....r..
+000003a0: 6f72 6dda 1167 6574 7769 6e64 6f77 7376 orm..getwindowsv
+000003b0: 6572 7369 6f6e a900 721e 0000 0072 1e00 ersion..r....r..
These look like differences coming from hash randomisation even though makepkg
now sets PYTHONHASHSEED=0 in attempt to prevent such issues.
I can reproduce the problem on my local machine using "repro -n", but only
sporadically: sometimes the package can be reproduced byte for byte, sometimes
it fails with differences like the above, seemingly at random.
On the other hand, simply rebuilding the package seems to fix the problem
completely, the resulting package was reproducible multiple times in a row.
This seems like it has been a transient problem with Python 3.10.2 (we are now
at version 3.10.4), so push the rebuilt package to the repositories and hope
that it stays reproducible from now on.
Modified:
python-oscrypto/trunk/PKGBUILD
----------+
PKGBUILD | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2022-03-31 15:24:44 UTC (rev 1177959)
+++ PKGBUILD 2022-03-31 15:41:53 UTC (rev 1177960)
@@ -1,7 +1,7 @@
# Maintainer: Jonas Witschel <diabonas at archlinux.org>
pkgname=python-oscrypto
pkgver=1.3.0
-pkgrel=2
+pkgrel=3
pkgdesc='Compiler-free Python crypto library backed by the OS'
arch=('any')
url='https://github.com/wbond/oscrypto'
More information about the arch-commits
mailing list