Does it make sense to add a new optional metadata field to store the value of SOURCE_DATE_EPOCH if it's set when a distribution is built? I guess it could cause problems if unpacking & repacking a tarball means that its metadata is no longer accurate, though.
That make sens – and that would be useful, but then that mean you need
to have the sdist to reproduce the sdist...
I was more thinking of a location in the source-tree/commit; for
example in pyproject.toml's tool section.
So if I give you only that you can tell me "When I build the sdist I
get this sha256", and I can do the same independently.
--
M
On Fri, Sep 29, 2017 at 1:02 PM, Thomas Kluyver
On Fri, Sep 29, 2017, at 07:16 PM, Matthias Bussonnier wrote:
Second; is there a convention to store the SDE value ? I don't seem to be able to find one. It is nice to have reproducible build; but if it's a pain for reproducers to find the SDE value that highly decrease the value of SDE build.
Does it make sense to add a new optional metadata field to store the value of SOURCE_DATE_EPOCH if it's set when a distribution is built? I guess it could cause problems if unpacking & repacking a tarball means that its metadata is no longer accurate, though.
Thomas _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig