|
|
Subscribe / Log in / New account

Lockfiles?

Lockfiles?

Posted Apr 17, 2025 11:50 UTC (Thu) by gioele (subscriber, #61675)
In reply to: Lockfiles? by amarao
Parent article: What's new in APT 3.0

> The problem with reproducibility in Debian is that you have disappearing packages in the archive. Even if you pin it, a month later only newer version is available.

If you want reproducibility you must use the versioned archives provided by https://snapshot.debian.org/ instead of the main archive.

> The second problem is potential double upload, when the same version was replaced by a different binary artifact.

That cannot happen. It has happened only a few times in the past decades due to weird edge-cases (see <https://bugs.debian.org/1072205>), but now there is code in the infra to guard against it.

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds