We have successfully created an independent, bit-by-bit-identical rebuild of the nixos-minimal ISO published by Hydra 🎉 Why is this useful? While there are a number of ‘side-benefits’, the main point of Reproducible Builds is that it gives us a reliable way to verify the binaries we ship are faithful to their sources, and have not been tampered with anywhere in the build pipeline (e.g. on Hydra). For general information on Reproducible Builds see: What exactly was reproduced? This me...
I thought NixOS was already reproducible, like, isn’t that the whole point? What’s the big deal here, and why is it a “great achievement” - does the Linux world now completely change? Does this revolutionize how Linux ISOs are built?
From my understanding, Nix is currently reproducible in that you can easily run an install with a script that gets you set up with the packages and configuration that you want, but the announcement is that they can verify the binaries that they ship are faithful to their source, and haven’t been tampered with anywhere in the build pipeline
That is almost word for word would the body of the post says