blob: a6eb62a7fb006c4993c65b287fa32dc9b3a4d1cb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
From a68b0efbd2002aeb6aa1240b8611cbb97b84d7a7 Mon Sep 17 00:00:00 2001
From: Jonas Witschel <diabonas@gmx.de>
Date: Fri, 10 Jul 2020 19:02:43 +0200
Subject: [PATCH] genxpi: make XPI files reproducible
zip records the mtime of packed files, making it harder to reproduce the
generated file bit for bit. Use the SOURCE_DATE_EPOCH specification that is
already respected in other places of this project (package/Makefile) to set the
modification time to a known, reproducible value.
To avoid embedding time zone information and Unix UIDs/GIDs as further sources
of unreproducibilty use "export TZ=UTC" and "zip -X", resp. Also make the mtime
of the generated XPI file reproducible using "zip -o" for good measure.
---
util/genxpi | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)
diff --git a/util/genxpi b/util/genxpi
index 9d7c39e5..36110e02 100755
--- a/util/genxpi
+++ b/util/genxpi
@@ -60,9 +60,10 @@ find chrome/content/modules -name "*.js*" | LC_ALL=C sort > chrome/content/modul
echo "Creating ${xpiFile} file"
-zip -9 --must-match\
- ../${xpiFile} \
- chrome/content/preferences/defaultPrefs.js \
+# Avoid embedding time zone information about the current system into the XPI
+export TZ=UTC
+
+set chrome/content/preferences/defaultPrefs.js \
chrome/content/modules/addrbook.jsm \
chrome/content/modules/amPrefsService.jsm \
chrome/content/modules/app.jsm \
@@ -184,9 +185,15 @@ zip -9 --must-match\
chrome/content/modules/all-modules.txt \
chrome/content/am-enigprefs.xul
-zip -9 \
- ../${xpiFile} \
- chrome/content/ui/*.* \
+# Set modification timestamps to a fixed value for reproducibilty
+[ -n "$SOURCE_DATE_EPOCH" ] && touch --date "@$SOURCE_DATE_EPOCH" -- "$@"
+zip -9 -o -X --must-match ../${xpiFile} "$@"
+
+if [ $? -ne 0 ]; then
+ exit 1
+fi
+
+set chrome/content/ui/*.* \
chrome/skin/aero/*.* \
chrome/skin/modern/*.* \
chrome/skin/tb-mac/*.* \
@@ -198,3 +205,7 @@ zip -9 \
bootstrap.js \
chrome.manifest \
${pkgFile}
+
+# Set modification timestamps to a fixed value for reproducibilty
+[ -n "$SOURCE_DATE_EPOCH" ] && touch --date "@$SOURCE_DATE_EPOCH" -- "$@"
+zip -9 -o -X ../${xpiFile} "$@"
--
2.27.0
|
