Reproducible builds enable anyone to reproduce bit by bit identical binary packages from a given source, so that anyone can verify that a given binary derived from the source it was said to be derived. There is more information about reproducible builds on the Debian wiki and on https://reproducible-builds.org. These pages explain in more depth why this is useful, what common issues exist and which workarounds and solutions are known.
Reproducible Fedora 23 is a (currently somewhat stalled) effort to apply this to Fedora 23, which is rather obvious with 23…
Fedora 23 packages are build twice, with a few variations added and then the resulting packages from the two builds are compared using diffoscope. Please note that the toolchain is not varied at all as the rebuild happens on exactly the same system. More variations are expected to be seen in the wild.
FIXME: explain Fedora 23 test setup here.
There are no variations introduced in the fedora-23 builds yet. Stay tuned.
|release (architecture)||all source packages||reproducible packages||unreproducible packages||packages failing to build||packages in depwait state||packages download failures||unknown state|
|fedora-23 (x86_64)||845||0||786 (93.0%)||54 (6.3%)||5 (.5%)||0||0|