Alexander Sosedkin <asosedkin(a)redhat.com> wrote:
In RPM world, I've even entertained an idea of having a
auditability not unlike how we have debuginfo, since rebuilding a package
reproducibly requires builddep pinning. But if that's avoidable, I’d
rather just not mix artifacts with meta.
Debian is working on this already, they call those “buildinfo” files:
If we want something similar, I’d propose not to completely re-invent the