You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
internal/relui: improve reproducibility of signed tarballs
When we get the signed binaries back, the signing process has modified
the tarball somewhat. We want the files to match as much as possible, so
undo those changes. (And avoid making one change ourselves.)
- Don't add a directory entry for the go/ root dir. It's unnecessary and
not included in distpacks. This will affect non-distpack builds, but
nobody is scrutinizing those.
- Remove all other the directory entries too, which were inserted by the
signing process.
- Set the timestamps back to the distribution's timestamps.
- Clear the user information on the modified files.
For golang/go#61513
Change-Id: I0b3508bc2547364e2a2b49e1c6ea7be8fe92b308
Reviewed-on: https://go-review.googlesource.com/c/build/+/511759
Reviewed-by: Dmitri Shuralyov <[email protected]>
Auto-Submit: Heschi Kreinick <[email protected]>
Run-TryBot: Heschi Kreinick <[email protected]>
Reviewed-by: Dmitri Shuralyov <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
0 commit comments