Report forwarded
to debian-bugs-dist@lists.debian.org, reproducible-bugs@lists.alioth.debian.org, Nicolas Mora <babelouest@debian.org>: Bug#966657; Package src:json-c.
(Sat, 01 Aug 2020 10:15:04 GMT) (full text, mbox, link).
Acknowledgement sent
to "Chris Lamb" <lamby@debian.org>:
New Bug report received and forwarded. Copy sent to reproducible-bugs@lists.alioth.debian.org, Nicolas Mora <babelouest@debian.org>.
(Sat, 01 Aug 2020 10:15:04 GMT) (full text, mbox, link).
Source: json-c
Version: 0.15-1
Severity: wishlist
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: buildpath
X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org
Hi,
Whilst working on the Reproducible Builds effort [0] we noticed that
json-c could not be built reproducibly.
This is because it used the full, absolute path name as an (sanitised)
input to a filename, resulting in the binary package containing
/usr/share/doc/libjson-c-dev/html/md__build_1st_json-c-0_815_issues_closed_for_0_813.html
^^^^^^^^^^^^^^^^^^^^^^
or
/usr/share/doc/libjson-c-dev/html/md__build_2_json-c-0_815_2nd_issues_closed_for_0_813.html
^^^^^^^^^^^^^^^^^^^^^^^^
(etc. etc.)
Patch attached.
[0] https://reproducible-builds.org/
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
Information forwarded
to debian-bugs-dist@lists.debian.org, Nicolas Mora <babelouest@debian.org>: Bug#966657; Package src:json-c.
(Sat, 01 Aug 2020 10:33:10 GMT) (full text, mbox, link).
Acknowledgement sent
to "Chris Lamb" <lamby@debian.org>:
Extra info received and forwarded to list. Copy sent to Nicolas Mora <babelouest@debian.org>.
(Sat, 01 Aug 2020 10:33:10 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Nicolas Mora <babelouest@debian.org>: Bug#966657; Package src:json-c.
(Sat, 01 Aug 2020 12:54:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Nicolas Mora <nicolas@babelouest.org>:
Extra info received and forwarded to list. Copy sent to Nicolas Mora <babelouest@debian.org>.
(Sat, 01 Aug 2020 12:54:03 GMT) (full text, mbox, link).
Thanks Chris!
Le 20-08-01 à 06 h 11, Chris Lamb a écrit :
>
> This is because it used the full, absolute path name as an (sanitised)
> input to a filename, resulting in the binary package containing
>
I've already added the following patch [1] in last release 0.15-1
This patch sets the following doxygen value:
FULL_PATH_NAMES = NO
According to the documentation, both our patches are incompatible:
# This tag requires that the tag FULL_PATH_NAMES is set to YES.
I made that patch for the reproducibility as well although yours may be
better. What do you think?
[1] -
https://sources.debian.org/src/json-c/0.15-1/debian/patches/0002-doxygen.patch/
Information forwarded
to debian-bugs-dist@lists.debian.org, Nicolas Mora <babelouest@debian.org>: Bug#966657; Package src:json-c.
(Sun, 02 Aug 2020 08:33:03 GMT) (full text, mbox, link).
Acknowledgement sent
to "Chris Lamb" <lamby@debian.org>:
Extra info received and forwarded to list. Copy sent to Nicolas Mora <babelouest@debian.org>.
(Sun, 02 Aug 2020 08:33:03 GMT) (full text, mbox, link).
To: "Nicolas Mora" <nicolas@babelouest.org>, 966657@bugs.debian.org
Subject: Re: Bug#966657: json-c: please make the build reproducible
Date: Sun, 02 Aug 2020 08:29:05 -0000
Hi Nicolas,
> Thanks Chris!
>
> Le 20-08-01 à 06 h 11, Chris Lamb a écrit :
> >
> > This is because it used the full, absolute path name as an (sanitised)
> > input to a filename, resulting in the binary package containing
> >
>
> I've already added the following patch [1] in last release 0.15-1
> This patch sets the following doxygen value:
> FULL_PATH_NAMES = NO
I did not see that... unfortunately because your patch was not actually
sufficient. :) In other words, your package was still unreproducible
even with your 0002-doxygen patch.
> I made that patch for the reproducibility as well although yours may be
> better. What do you think?
I'm not sure whether applying means that you should back out yours;
clearly they don't cause a fatal error, at least. Up to you.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org 🍥 chris-lamb.co.uk
`-
Information forwarded
to debian-bugs-dist@lists.debian.org, Nicolas Mora <babelouest@debian.org>: Bug#966657; Package src:json-c.
(Sun, 02 Aug 2020 14:09:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Nicolas Mora <nicolas@babelouest.org>:
Extra info received and forwarded to list. Copy sent to Nicolas Mora <babelouest@debian.org>.
(Sun, 02 Aug 2020 14:09:03 GMT) (full text, mbox, link).
>
> Both our patches have the same result. I've compared the output html and
> saw no differences.
>
> >> I made that patch for the reproducibility as well although yours may be
> >> better. What do you think?
> >
> > I'm not sure whether applying means that you should back out yours;
> > clearly they don't cause a fatal error, at least. Up to you.
> >
> Yours was applied upstream, so I can at least disable mine in the next
> release.
>
> /Nicolas
>
>
&In-Reply-To=<7ebbf07c-8273-52d0-42c6-cea76f5f78e2@babelouest.org>&subject=Re: Bug#966657: json-c: please make the build reproducible">reply):
From: Nicolas Mora <nicolas@babelouest.org>
To: Chris Lamb <lamby@debian.org>, 966657@bugs.debian.org
Subject: Re: Bug#966657: json-c: please make the build reproducible
Date: Sun, 2 Aug 2020 10:07:52 -0400
Hello,
Le 20-08-02 à 04 h 29, Chris Lamb a écrit :
>
> I did not see that... unfortunately because your patch was not actually
> sufficient. :) In other words, your package was still unreproducible
> even with your 0002-doxygen patch.
>
Sorry to insist but can you explain why the package is still
unreproducible even with my patch?
If I compare the 3 configurations, I have the following sample results.
- Original doxygen configuration:
<li>/src/workspace/json-c/<a class="el"
href="printbuf_8h.html">printbuf.h</a></li>
- 0002-doxygen patch:
<li><a class="el" href="printbuf_8h.html">printbuf.h</a></li>
- 0004-reproducible-build.patch:
<li><a class="el" href="printbuf_8h.html">printbuf.h</a></li>
Both our patches have the same result. I've compared the output html and
saw no differences.
>> I made that patch for the reproducibility as well although yours may be
>> better. What do you think?
>
> I'm not sure whether applying means that you should back out yours;
> clearly they don't cause a fatal error, at least. Up to you.
>
Yours was applied upstream, so I can at least disable mine in the next
release.
/Nicolas
Information forwarded
to debian-bugs-dist@lists.debian.org, Nicolas Mora <babelouest@debian.org>: Bug#966657; Package src:json-c.
(Tue, 04 Aug 2020 08:33:05 GMT) (full text, mbox, link).
Acknowledgement sent
to "Chris Lamb" <lamby@debian.org>:
Extra info received and forwarded to list. Copy sent to Nicolas Mora <babelouest@debian.org>.
(Tue, 04 Aug 2020 08:33:05 GMT) (full text, mbox, link).
To: "Nicolas Mora" <nicolas@babelouest.org>, 966657@bugs.debian.org
Subject: Re: Bug#966657: json-c: please make the build reproducible
Date: Tue, 04 Aug 2020 08:29:03 -0000
Hi Nicolas,
> Sorry to insist but can you explain why the package is still
> unreproducible even with my patch?
With 0002-doxygen patch (ie. version 0.15-1), the build is not reproducible
in at least two ways I spotted:
(a) Identical files have build-path dependent filenames. For example:
/usr/share/doc/libjson-c-dev/html/md__build_1st_json-c-0_815_issues_closed_for_0_814.html
/usr/share/doc/libjson-c-dev/html/md__build_2_json-c-0_815_2nd_issues_closed_for_0_814.html
(b) Links to the files in (a) then have different anchor href targets to match:
This is because it used the full, absolute path name as an (sanitised)
input to a filename, resulting in the binary package containing:
-<a class="el" href="md__build_1st_json-c-0_815_issues_closed_for_0_813.html"
+<a class="el" href="md__build_2_json-c-0_815_2nd_issues_closed_for_0_813.html"
You can also see this here:
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/json-c.html
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org 🍥 chris-lamb.co.uk
`-
Added tag(s) fixed-upstream.
Request was from debian-bts-link@lists.debian.org
to control@bugs.debian.org.
(Mon, 10 Aug 2020 18:39:23 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Nicolas Mora <babelouest@debian.org>: Bug#966657; Package src:json-c.
(Mon, 09 Nov 2020 18:09:03 GMT) (full text, mbox, link).
Acknowledgement sent
to "Chris Lamb" <lamby@debian.org>:
Extra info received and forwarded to list. Copy sent to Nicolas Mora <babelouest@debian.org>.
(Mon, 09 Nov 2020 18:09:03 GMT) (full text, mbox, link).
Source: json-c
Source-Version: 0.15-2
Done: Nicolas Mora <babelouest@debian.org>
We believe that the bug you reported is fixed in the latest version of
json-c, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 966657@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nicolas Mora <babelouest@debian.org> (supplier of updated json-c package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 03 Feb 2021 07:28:20 -0500
Source: json-c
Architecture: source
Version: 0.15-2
Distribution: unstable
Urgency: low
Maintainer: Nicolas Mora <babelouest@debian.org>
Changed-By: Nicolas Mora <babelouest@debian.org>
Closes: 966657
Changes:
json-c (0.15-2) unstable; urgency=low
.
[Debian Janitor]
* Set upstream metadata fields: Bug-Database, Repository, Repository-Browse.
.
[Nicolas Mora]
* d/patches make build reproductible (Closes: #966657)
* d/control: Update standards version to 4.5.1 (no change)
Checksums-Sha1:
50a595c2b4226a4c1c000385df914a9f76a83f7f 2084 json-c_0.15-2.dsc
673595fab1ae532d07f45859b41340a3917a0d9a 11140 json-c_0.15-2.debian.tar.xz
5245ab2010cbc401a898c857162499a3bcc00339 7877 json-c_0.15-2_amd64.buildinfo
Checksums-Sha256:
f16458d0da837e811ebd854182f1d606e95525a362da1da7f99e6a887a571b5f 2084 json-c_0.15-2.dsc
f1282bb4894df30e4061ae7bad88afb6351d62e06f10b0b070603a8107fffde4 11140 json-c_0.15-2.debian.tar.xz
8e4934db7c5641adefbd983d7a47176e79dcb20323150d30acaf8d34bfccacf9 7877 json-c_0.15-2_amd64.buildinfo
Files:
286f1d64af82a9999b8eb4c6a4b67cfc 2084 libs optional json-c_0.15-2.dsc
3d0d93162438e2f5efddf5d2c4633c83 11140 libs optional json-c_0.15-2.debian.tar.xz
127101a83576dd3ca43471b3e6024b21 7877 libs optional json-c_0.15-2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEhAWwL8wo75dEyPJT/oITlEC9IrkFAmAaymMACgkQ/oITlEC9
IrnxjA//UUdYrw+2ypSBaVed6KEK+tNN1sTO+QPboF+swwZSB+Um8BAQ1LJ+cuzo
sXia7RdfZu8SwSDc3LemuXIS4SoN+zZD/4A/0y/PiWdEJlSluCVCPj8MF1zHteBR
48dPUCzDAXC72Ad4WAaSkTQ+7gTv5gkEWRP/c/KgRXxZmBMT8n+hckerzVs+Fb2X
xRo1KY5+s+N5gE7ozu8YYJUc2efhCuqH/y0+fZ4+3vYwbARS6bTXHtG5jtqtyZ3D
jy3FEXOMnqxdRR502SgwrZlIEfZ04vHDVgsDHDbHWqEsOH+nhPK+LicMXX2BnEc6
AspSJcCUR5n5tu8K9Ahx4kGJGCl/Fk9fFKP9bqW3GmriBkjtfRe3KULAtTAIGLfo
dQU3ySkJnsaNRFybRUiG5Co/QC1Bcq26SQY8FpQ/9DqfRC+/1XkV6Zzat7QZBSh0
skU/k6Sol0zpv3tpqBJW0+c/3Hb1fW7DHUhuce/ieb/jw5+N5rnKybpRlN7IkLcy
YOx55D5tZf4W4QjFKYSsMCuHkQ3Vt3RJmqZZwAFZVH1Jm2xBfr36FOe9T2c+uuAe
ZM84l+ywtqZhsKziIoO4BkGObgpbWXphprr2ppI0kuFQ4wfe58hViq3+KW+AIMes
lCjGTduRvgkk4ZjocMjDk226ctRATpKpNG0I+bYwCbUnxZRq59o=
=+yOp
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Thu, 04 Mar 2021 07:29:43 GMT) (full text, mbox, link).
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.