top | item 43046498

(no title)

mschwaig | 1 year ago

I know about mass rebuilds, but in the parent comment you were talking about fixed output derivations, and committing the hashes for a mass rebuild to version control is technically possible, but not a reasonable workflow, because it makes all changes that are mass rebuilds conflict.

What works better is keep track of those hashes as part of the signatures, which is already happening. There's a lot of interesting things that can be done with that kind of information, I'm one of the people working on that kind of stuff.

Basically I have a paper out about how verifiable and reproducible can come together like that in Nix:

https://dl.acm.org/doi/10.1145/3689944.3696169

discuss

No comments yet.