-
Notifications
You must be signed in to change notification settings - Fork 151
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Builds are not (fully) reproducible due to file permissions stored in .whl #362
Comments
I fully agree, and I've raised this point in discussions with other PyPA people. So far there have been no objections. |
Isn't it a reasonable assumption that if you want reproducible build system, you set umask in it? |
May be, but May be this can be implemented in a new major release, if there are concerns about back compatibility. For sure this is not a critical topic, it is just about which is the best practice when constructing |
What about executable permission? It is apparently expected wheel will pick up that from workspace. Normalisation can't simply ignore file permissions. |
I did not define what exactly "normalizing file permissions" means, but I'm not advocating just nuking all permissions. Maybe a sensible approach would be to mimic git and use
|
That would not be very reproduceable on Windows. |
For a long time I've been trying to create reproducible builds (wheels). I can't say why I didn't find any information about it earlier. But today I did find out about the However, I ran into this problem not soon after when I started trying to build inside docker images. I was fumbling around quite some time before I figured out that it was a permissions discrepancy inside zip files (wheels) between what I build on my host, and what I build inside docker images. A real pain to be honest. But anyway, seems i got it working really nice now. Inside my
|
In order to obtain a fully reproducible build one has to build the wheel with the same
umask
.Here how to reproduce the issue; tested with wheel 0.34.2, using pypa/sampleproject as an example.
but changing the
umask
I haveThis is due to the fact that file permissions, stored in the
.whl
file, are affected by the umask at build time.I think that file permissions should be normalised in the
.whl
file, and not dependant on the build environment. This same approach is implemented in flit, since v. 0.12The text was updated successfully, but these errors were encountered: