On Thu, Feb 18, 2021 at 12:02 AM Paul Sokolovsky <pmiscml@gmail.com> wrote:

I think to resolve this issue to the completion, and avoid possibility
of an intermediary to add any unexpected changes/mistakes to the
original sources, instead of "someone making a tarball", someone should
make a script, which reproduces making a tarball. Then such a script
can be reviewed and tarball reproduced independently (e.g., by the
admins of python.org).

That's exactly what I did, and attached it to the ticket above:
https://github.com/python/pythondotorg/issues/1734#issuecomment-781129337

For extra details, copying my comment there:

---
I attach my version of such a script (and also paste it below for
reference, but if you use it, please use the attached version to avoid
any discrepancies due to copy-paste).

I got a version to build, but what's supposed to be in patchlevel.h? It was just an int, but that was confusing gcc. I commented out its #include, and things seemed to work without it. The patches I used are at https://stromberg.dnsalias.org/svn/cpythons/trunk/python0.9/exportable-patches

Sadly, it doesn't work that well with my "pythons" script (https://stromberg.dnsalias.org/~strombrg/pythons/), because 0.9.1's interpreter doesn't have a -c option.