Flatpak builds are not reproducible and why that's a practical problem

jerm · March 27, 2024, 2:46pm

https://ranfdev.com/blog/flatpak-builds-are-not-reproducible/

Guix >>>

lepras · March 27, 2024, 3:04pm

jerm · March 27, 2024, 3:28pm

dngray · March 28, 2024, 8:32am

There’s also this counter article

jerm · March 28, 2024, 9:21am

They fixed some stuff…

from HN:

None of that debunks the 2020 article. It sounds like they kind of fixed some of the stuff a year later, but it’s still largely broken. Am I missing something?

Yeah, they “partially agree” for some point, and “partially disagree” for some other point. Does not sound like they “debunk”.

jerm · March 28, 2024, 11:04pm

https://ejona.ersoft.org/archive/2024/03/03/flatpak-perm-survey/

Topic		Replies	Views
Distributing through Flathub is insecure? Questions	8	577	March 16, 2024
Secureblue - Immutable Fedora Hardening Tool Suggestions rejected	25	1876	March 13, 2024
K-9 Mail successful audited Privacy	3	720	July 24, 2023
Hyperbacked – Encrypted QR using Shamir's Secret Sharing Privacy	15	790	February 18, 2024
Recommended package for Firefox on Linux (Fedora) Questions	0	210	May 9, 2023

Flatpak builds are not reproducible and why that's a practical problem

Related Topics