| ▲ | MomsAVoxell an hour ago | ||||||||||||||||
Reproducible builds are applicable not only to respond to ‘attacks’, a subject you seem to be bikeshedding, but also for other reasons too. Anyone having to maintain a code base or a distributed fleet of devices will gain from this decision, immensely, as their operational periods come and go. Reproducible builds are about longevity as much as they are about security. Please don’t make bold claims about ‘no reason and little benefit’ while demonstrating ignorance of this hard fact: reproducible builds should have been the norm, in computing, from the get-go. | |||||||||||||||||
| ▲ | bluGill an hour ago | parent [-] | ||||||||||||||||
I longevity is harmed though. Your certs need to expire in a few years we think that your toolchain will not be downloadable. | |||||||||||||||||
| |||||||||||||||||