December 31st 2019

Free software activities in December 2019

Software Freedom Conservancy (the fiscal sponsor for the Reproducible Builds project) have announced their fundraising season with a huge pledge to match donations from a number of illustrious individuals. If you have ever considered joining as a supporter, now would be the time to do so.


Whilst it was a busy month away from the keyboard for me, here is my update covering what I have been doing in the free software world during December 2019 (previous month):


Reproducible builds

Whilst anyone can inspect the source code of free software for malicious flaws almost all software is distributed pre-compiled to end users. The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

The initiative is proud to be a member project of the Software Freedom Conservancy, a not-for-profit 501(c)(3) charity focused on ethical technology and user freedom.

Conservancy acts as a corporate umbrella allowing projects to operate as non-profit initiatives without managing their own corporate structure. If you like the work of the Conservancy or the Reproducible Builds project, please consider becoming an official supporter.


I made the following changes to diffoscope, our in-depth and content-aware diff utility that can locate and diagnose reproducibility issues:


I also:


Debian

Debian LTS

This month I have worked 16½ hours on Debian Long Term Support (LTS) and 12 hours on its sister Extended LTS project.

You can find out more about the project via the following video:


Uploads


FTP Team

As a Debian FTP assistant I ACCEPTed eight packages: fluidsynth, golang-github-bmatcuk-doublestar, golang-github-pearkes-cloudflare, librandomx, meep, meep-mpi-default, meep-openmpi & node-webassemblyjs. I additionally filed two RC bugs against packages that had potentially-incomplete debian/copyright files against fluidsynth & meep.




You can subscribe to new posts via email or RSS.