[gnutls-devel] libtasn1 | Tarball reproducibility bug (#54)

Sat Mar 8 14:28:15 CET 2025

Simon Josefsson created an issue: https://gitlab.com/gnutls/libtasn1/-/issues/54

Attempting to reproduce the v4.20.0 release tarballs a couple of weeks after the release builds fine:

https://gitlab.com/gnutls/libtasn1/-/pipelines/1706399616

However they are different compared to the release tarball:

1. The help2man outputs contain current timestamp instead of the release timestamp:

```
│ │ -.TH ASN1CODING "1" "March 2025" "libtasn1 4.20.0" "User Commands"
│ │ +.TH ASN1CODING "1" "February 2025" "libtasn1 4.20.0" "User Commands"
```

This happens for asn1Coding.1, asn1Decoding.1 and asn1Parser.1.

I think the solution is to somehow cause help2man to use the mtime of NEWS as the timestamp source here.  I can't find any parameter to set this, so maybe we need to do some post-processing of the generated files.

2. doc/version.texi (and consequently doc/stamp-vti and doc/libtasn1.info) contains current timestamp instead of release timestamp:

```
│ │ - at set UPDATED 8 March 2025
│ │ - at set UPDATED-MONTH March 2025
│ │ + at set UPDATED 1 February 2025
│ │ + at set UPDATED-MONTH February 2025
```

This happens because the files are generated by `make all` which is before the mtime of NEWS is set to release time by `make dist`, and these files are never rebuilt because the current timestamp of the files is later than the then release time of NEWS.

I think the solution is to rebuild stamp-vti, version.texi and libtasn1.info when mtime of NEWS has changed.  We could also set the mtime of NEWS earlier, before `make dist` time, but I'm not sure that is a good idea.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/54
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250308/39447cbf/attachment-0001.html>