Skip to content

compress-man-pages: don't leak build timestamp into archive#435295

Merged
raboof merged 1 commit intoNixOS:stagingfrom
raboof:compress-man-pages-reproducible
Aug 24, 2025
Merged

compress-man-pages: don't leak build timestamp into archive#435295
raboof merged 1 commit intoNixOS:stagingfrom
raboof:compress-man-pages-reproducible

Conversation

@raboof
Copy link
Member

@raboof raboof commented Aug 20, 2025

without -n, gzip leaks the file timestamp into the compressed file, which is likely to leak the build timestamp into the output.

This fixes #434930, a regression introduced in c5252e1 / #406922

Things done

Tested by rebuilding attr.man

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@raboof
compress-man-pages: don't leak build timestamp into archive
4108382 
without `-n`, gzip leaks the file timestamp into the compressed file,
which is likely to leak the build timestamp into the output.

This fixes NixOS#434930, a regression introduced in c5252e1 / NixOS#406922
@raboof raboof requested review from DavHau and WilliButz August 20, 2025 15:05
@nix-owners nix-owners bot requested a review from Ericson2314 August 20, 2025 15:07
@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux-stdenv This PR causes stdenv to rebuild on Linux and must target a staging branch. 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild on Darwin and must target a staging branch. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Aug 20, 2025
@nixpkgs-ci nixpkgs-ci bot added the 12.approvals: 1 This PR was reviewed and approved by one person. label Aug 21, 2025
@raboof raboof merged commit 3f7b3e6 into NixOS:staging Aug 24, 2025
33 of 35 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@WilliButz WilliButz WilliButz approved these changes

@DavHau DavHau Awaiting requested review from DavHau

@Ericson2314 Ericson2314 Awaiting requested review from Ericson2314

Assignees

No one assigned

Labels

10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild on Darwin and must target a staging branch. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 10.rebuild-linux-stdenv This PR causes stdenv to rebuild on Linux and must target a staging branch. 12.approvals: 1 This PR was reviewed and approved by one person.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@raboof @WilliButz