MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
reproducibility
Search

Fedora Targets 99% Package Reproducibility by October

Saturday April 12, 2025. 12:30 AM , from Slashdot
Fedora Targets 99% Package Reproducibility by October
Fedora has proposed a major change for its upcoming version 43 release that aims to achieve 99% package reproducibility, addressing growing concerns about supply-chain security. According to the change proposal announced March 31, Fedora has already reached 90% reproducibility through infrastructure changes including 'clamping' file modification times and implementing a Rust-based 'add-determinism' tool that standardizes metadata. The remaining 10% will require individual package maintainer involvement, treating reproducibility failures as bugs.

The effort will use a public instance of rebuilderd to independently verify that binary packages can be reproduced from source code. Unlike Debian's bit-by-bit reproducibility definition, Fedora allows differences in package signatures and some metadata while requiring identical payloads. The initiative follows similar efforts by Debian and openSUSE, and comes amid heightened focus on supply-chain security after the recent XZ backdoor incident.

Read more of this story at Slashdot.
Read more at Slashdot
https://linux.slashdot.org/story/25/04/11/2143211/fedora-targets-99-package-reproducibility-by-octob...

Related News

reproducibility Ditch Windows 11 and switch to Fedora Linux 42 BetaNewsApr 15
package Google decides regular human surveillance isn't enough, targets dolphins BoingBoingApr 15
fedora Distribution Release: Fedora 42 DistroWatchApr 15
change Fedora Linux 42 released (Fedora Magazine) LWN.netApr 15
security [$] Don't panic: Fedora 42 is here LWN.netApr 15
metadata Meta Says Llama 4 Targets Left-Leaning Bias SlashdotApr 10
supply-chain US Army Says It Could Acquire Targets Faster With 'Advanced AI' SlashdotApr 9
targets Introducing Fedora Project Leader Jef Spaleta LWN.netApr 2
october [$] Fedora change aims for 99% package reproducibility LWN.netMar 31
reproducibility Blue95: Fedora Atomic Xfce converted to a Windows 95 desktop OS NewsMar 30
package Over 60 percent of malicious traffic targets retailers ahead of PCI DSS 4.0 deadline BetaNewsMar 28
fedora Fedora 42 beta has so many spins, it'll make your head whirl TheRegisterMar 24
change After 47 years, OpenVMS gets a package manager OS NewsMar 19
security Fedora Linux 42 Beta is here with KDE edition, COSMIC spin, Asahi Remix, and major updates BetaNewsMar 18
metadata Development Release: Fedora 42 Beta DistroWatchMar 18
supply-chain PNY CS2342 M.2 2230 NVMe PCIe Gen4 x4 SSD delivers fast speeds in a tiny package BetaNewsMar 18
targets DeepSeek-R1-beating perf in a 32B package? El Reg digs its claws into Alibaba's QwQ TheRegisterMar 16
october Trump targets Maine's funding over clash with governor on transgender athletes BoingBoingMar 13
reproducibility Apple faces UK antitrust threat as regulator targets browsers ComputerWorldMar 12
package Anthropic’s upgraded Console targets more collaboration among developers InfoWorldMar 7
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Apr, Wed 16 - 12:06 CEST