zlacker

[parent] [thread] 1 comments
1. drdrey+(OP)[view] [source] 2020-06-05 04:08:25
See my other comment about determinism: https://news.ycombinator.com/item?id=23424925

Trying to get a bit-to-bit equivalent of a binary lifted from the app store sounds challenging to say the least.

replies(1): >>ryukaf+21
2. ryukaf+21[view] [source] 2020-06-05 04:21:29
>>drdrey+(OP)
Yes, this is more difficult than it sounds - but GP linked to the reproducible builds project which has gotten there already for a lot of software.

See also Guix, which provides tools to challenge servers providing binary packages to see if they match a locally-built version: https://guix.gnu.org/manual/en/html_node/Invoking-guix-chall...

[go to top]