tor-android
tor-android copied to clipboard
guardianproject
some timestamps are in javadoc and bundle.jar break reproducibility
The last thing breaking reproducible builds for the entire set of artifacts that are uploaded to Maven Central are timestamps in:
- Javadoc HTML header
- Javadoc search index JAR metadata
- bundle.jar metadata
$ diffoscope bundle.jar ../tor-android_release_0.4.6.8_1b4639dcb48b0f2ee5524d442cb0b8c205f02af8/tor-android-binary/build/outputs/aar/bundle.jar
--- bundle.jar
+++ ../tor-android_release_0.4.6.8_1b4639dcb48b0f2ee5524d442cb0b8c205f02af8/tor-android-binary/build/outputs/aar/bundle.jar
├── zipinfo {}
│ @@ -1,9 +1,9 @@
│ -Zip file size: 11803786 bytes, number of entries: 7
│ --rw---- 2.0 fat 0 bX defN 21-Dec-17 09:46 META-INF/
│ --rw---- 2.0 fat 55 bl defN 21-Dec-17 09:46 META-INF/MANIFEST.MF
│ --rw---- 2.0 fat 402773 bl defN 21-Dec-17 09:46 tor-android-0.4.6.8-javadoc.jar
│ --rw---- 2.0 fat 6055 bl defN 21-Dec-17 09:46 tor-android-0.4.6.8-sources.jar
│ --rw---- 2.0 fat 11441091 bl defN 21-Dec-17 09:45 tor-android-0.4.6.8.aar
│ --rw---- 2.0 fat 882 bl defN 21-Dec-17 09:46 tor-android-0.4.6.8.buildinfo
│ --rw---- 2.0 fat 2095 bl defN 21-Dec-17 09:46 tor-android-0.4.6.8.pom
│ -7 files, 11852951 bytes uncompressed, 11802780 bytes compressed: 0.4%
│ +Zip file size: 11803783 bytes, number of entries: 7
│ +-rw---- 2.0 fat 0 bX defN 21-Dec-17 11:10 META-INF/
│ +-rw---- 2.0 fat 55 bl defN 21-Dec-17 11:10 META-INF/MANIFEST.MF
│ +-rw---- 2.0 fat 402771 bl defN 21-Dec-17 11:10 tor-android-0.4.6.8-javadoc.jar
│ +-rw---- 2.0 fat 6055 bl defN 21-Dec-17 11:10 tor-android-0.4.6.8-sources.jar
│ +-rw---- 2.0 fat 11441091 bl defN 21-Dec-17 11:10 tor-android-0.4.6.8.aar
│ +-rw---- 2.0 fat 882 bl defN 21-Dec-17 11:10 tor-android-0.4.6.8.buildinfo
│ +-rw---- 2.0 fat 2095 bl defN 21-Dec-17 11:10 tor-android-0.4.6.8.pom
│ +7 files, 11852949 bytes uncompressed, 11802777 bytes compressed: 0.4%
├── tor-android-0.4.6.8-javadoc.jar
│ ├── zipinfo {}
│ │ @@ -1,8 +1,8 @@
│ │ -Zip file size: 402773 bytes, number of entries: 64
│ │ +Zip file size: 402771 bytes, number of entries: 64
│ │ drwxr-xr-x 2.0 unx 0 b- defN 80-Feb-01 00:00 META-INF/
│ │ -rw-r--r-- 2.0 unx 25 b- defN 80-Feb-01 00:00 META-INF/MANIFEST.MF
│ │ -rw-r--r-- 2.0 unx 4821 b- defN 80-Feb-01 00:00 allclasses-index.html
│ │ -rw-r--r-- 2.0 unx 1081 b- defN 80-Feb-01 00:00 allclasses.html
│ │ -rw-r--r-- 2.0 unx 4762 b- defN 80-Feb-01 00:00 allpackages-index.html
│ │ -rw-r--r-- 2.0 unx 8819 b- defN 80-Feb-01 00:00 constant-values.html
│ │ -rw-r--r-- 2.0 unx 4252 b- defN 80-Feb-01 00:00 deprecated-list.html
│ │ @@ -59,8 +59,8 @@
│ │ -rw-r--r-- 2.0 unx 11271 b- defN 80-Feb-01 00:00 org/torproject/jni/TorService.LocalBinder.html
│ │ -rw-r--r-- 2.0 unx 35201 b- defN 80-Feb-01 00:00 org/torproject/jni/TorService.html
│ │ -rw-r--r-- 2.0 unx 4911 b- defN 80-Feb-01 00:00 org/torproject/jni/package-summary.html
│ │ -rw-r--r-- 2.0 unx 5211 b- defN 80-Feb-01 00:00 org/torproject/jni/package-tree.html
│ │ drwxr-xr-x 2.0 unx 0 b- defN 80-Feb-01 00:00 resources/
│ │ -rw-r--r-- 2.0 unx 499 b- defN 80-Feb-01 00:00 resources/glass.png
│ │ -rw-r--r-- 2.0 unx 394 b- defN 80-Feb-01 00:00 resources/x.png
│ │ -64 files, 1381552 bytes uncompressed, 394607 bytes compressed: 71.4%
│ │ +64 files, 1381552 bytes uncompressed, 394605 bytes compressed: 71.4%
│ ├── index.html
│ │ @@ -1,12 +1,12 @@
│ │ <!DOCTYPE HTML>
│ │ <!-- NewPage -->
│ │ <html lang="en">
│ │ <head>
│ │ -<!-- Generated by javadoc (11.0.12) on Fri Dec 17 09:46:04 UTC 2021 -->
│ │ +<!-- Generated by javadoc (11.0.12) on Fri Dec 17 11:10:28 UTC 2021 -->
│ │ <title>tor-android-binary API</title>
│ │ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
│ │ <script type="text/javascript">window.location.replace('org/torproject/jni/package-summary.html')</script>
│ │ <noscript>
│ │ <meta http-equiv="Refresh" content="0;org/torproject/jni/package-summary.html">
│ │ </noscript>
│ │ <link rel="canonical" href="org/torproject/jni/package-summary.html">
│ ├── member-search-index.zip
│ │┄ Archive contents identical but files differ, possibly due to different compression levels. Falling back to binary comparison.
│ │ ├── zipinfo {}
│ │ │ @@ -1,3 +1,3 @@
│ │ │ Zip file size: 517 bytes, number of entries: 1
│ │ │ --rw---- 2.0 fat 1986 bl defN 21-Dec-17 09:46 member-search-index.json
│ │ │ +-rw---- 2.0 fat 1986 bl defN 21-Dec-17 11:10 member-search-index.json
│ │ │ 1 file, 1986 bytes uncompressed, 355 bytes compressed: 82.1%
│ │ ├── member-search-index.zip
│ │ │ @@ -1,8 +1,8 @@
│ │ │ -00000000: 504b 0304 1400 0808 0800 c24d 9153 0000 PK.........M.S..
│ │ │ +00000000: 504b 0304 1400 0808 0800 4e59 9153 0000 PK........NY.S..
│ │ │ 00000010: 0000 0000 0000 0000 0000 1800 0000 6d65 ..............me
│ │ │ 00000020: 6d62 6572 2d73 6561 7263 682d 696e 6465 mber-search-inde
│ │ │ 00000030: 782e 6a73 6f6e ad55 4d4b c340 10fd 2b12 x.json.UMK.@..+.
│ │ │ 00000040: 1022 845c 7af3 16d3 b416 3509 c92a 8248 .".\z.....5..*.H
│ │ │ 00000050: 58d2 6ddc 9ace 94cd b428 e27f 77d3 ef4a X.m......(..w..J
│ │ │ 00000060: 3d38 e921 09bc 99f7 e62b bbf3 f2e5 cc9d =8.!.....+......
│ │ │ 00000070: 6b07 4de5 139a b9c1 a92a c99f 8276 3ca7 k.M......*...v<.
│ │ │ @@ -21,13 +21,13 @@
│ │ │ 00000140: ef56 6cdd 3871 42a3 24f1 fe20 84be 6aec .Vl.8qB.$.. ..j.
│ │ │ 00000150: f03f 99ec 9ca4 a110 6733 b92b d5bb d09b .?......g3.+....
│ │ │ 00000160: d761 d147 8ea7 8bf7 f4fa e164 d26c 8f01 .a.G.......d.l..
│ │ │ 00000170: 83bb bef1 8a64 30e8 408e f9dc d5d2 18c5 .....d0.@.......
│ │ │ 00000180: c32e 0a49 9af2 1444 c062 ed80 f39d 97a7 ...I...D.b......
│ │ │ 00000190: 28cb db25 b8de 5eaf 3f50 4b07 08ba edbf (..%..^.?PK.....
│ │ │ 000001a0: 8a63 0100 00c2 0700 0050 4b01 0214 0014 .c.......PK.....
│ │ │ -000001b0: 0008 0808 00c2 4d91 53ba edbf 8a63 0100 ......M.S....c..
│ │ │ +000001b0: 0008 0808 004e 5991 53ba edbf 8a63 0100 .....NY.S....c..
│ │ │ 000001c0: 00c2 0700 0018 0000 0000 0000 0000 0000 ................
│ │ │ 000001d0: 0000 0000 0000 006d 656d 6265 722d 7365 .......member-se
│ │ │ 000001e0: 6172 6368 2d69 6e64 6578 2e6a 736f 6e50 arch-index.jsonP
│ │ │ 000001f0: 4b05 0600 0000 0001 0001 0046 0000 00a9 K..........F....
│ │ │ 00000200: 0100 0000 00 .....
│ ├── package-search-index.zip
│ │┄ Archive contents identical but files differ, possibly due to different compression levels. Falling back to binary comparison.
│ │ ├── zipinfo {}
│ │ │ @@ -1,3 +1,3 @@
│ │ │ Zip file size: 234 bytes, number of entries: 1
│ │ │ --rw---- 2.0 fat 80 bl defN 21-Dec-17 09:46 package-search-index.json
│ │ │ +-rw---- 2.0 fat 80 bl defN 21-Dec-17 11:10 package-search-index.json
│ │ │ 1 file, 80 bytes uncompressed, 70 bytes compressed: 12.5%
│ │ ├── package-search-index.zip
│ │ │ @@ -1,15 +1,15 @@
│ │ │ -00000000: 504b 0304 1400 0808 0800 c24d 9153 0000 PK.........M.S..
│ │ │ +00000000: 504b 0304 1400 0808 0800 4e59 9153 0000 PK........NY.S..
│ │ │ 00000010: 0000 0000 0000 0000 0000 1900 0000 7061 ..............pa
│ │ │ 00000020: 636b 6167 652d 7365 6172 6368 2d69 6e64 ckage-search-ind
│ │ │ 00000030: 6578 2e6a 736f 6e8b ae56 ca51 b252 72cc ex.json..V.Q.Rr.
│ │ │ 00000040: c951 0848 4cce 4e4c 4f2d 56d2 512a 2d02 .Q.HL.NLO-V.Q*-.
│ │ │ 00000050: 0926 e6e4 1440 c574 33f3 5252 2bf4 324a .&[email protected]+.2J
│ │ │ 00000060: 7273 946a 7520 7af2 8bd2 f54a f28b 0a8a rs.ju z....J....
│ │ │ 00000070: f2b3 5293 4bf4 b2f2 3295 6a63 0150 4b07 ..R.K...2.jc.PK.
│ │ │ 00000080: 089d 2404 2046 0000 0050 0000 0050 4b01 ..$. F...P...PK.
│ │ │ -00000090: 0214 0014 0008 0808 00c2 4d91 539d 2404 ..........M.S.$.
│ │ │ +00000090: 0214 0014 0008 0808 004e 5991 539d 2404 .........NY.S.$.
│ │ │ 000000a0: 2046 0000 0050 0000 0019 0000 0000 0000 F...P..........
│ │ │ 000000b0: 0000 0000 0000 0000 0000 0070 6163 6b61 ...........packa
│ │ │ 000000c0: 6765 2d73 6561 7263 682d 696e 6465 782e ge-search-index.
│ │ │ 000000d0: 6a73 6f6e 504b 0506 0000 0000 0100 0100 jsonPK..........
│ │ │ 000000e0: 4700 0000 8d00 0000 0000 G.........
│ ├── type-search-index.zip
│ │┄ Archive contents identical but files differ, possibly due to different compression levels. Falling back to binary comparison.
│ │ ├── zipinfo {}
│ │ │ @@ -1,3 +1,3 @@
│ │ │ Zip file size: 256 bytes, number of entries: 1
│ │ │ --rw---- 2.0 fat 151 bl defN 21-Dec-17 09:46 type-search-index.json
│ │ │ +-rw---- 2.0 fat 151 bl defN 21-Dec-17 11:10 type-search-index.json
│ │ │ 1 file, 151 bytes uncompressed, 98 bytes compressed: 35.1%
│ │ ├── type-search-index.zip
│ │ │ @@ -1,16 +1,16 @@
│ │ │ -00000000: 504b 0304 1400 0808 0800 c24d 9153 0000 PK.........M.S..
│ │ │ +00000000: 504b 0304 1400 0808 0800 4e59 9153 0000 PK........NY.S..
│ │ │ 00000010: 0000 0000 0000 0000 0000 1600 0000 7479 ..............ty
│ │ │ 00000020: 7065 2d73 6561 7263 682d 696e 6465 782e pe-search-index.
│ │ │ 00000030: 6a73 6f6e 95cb 410e 4030 1040 d1ab c8ac json..A.@0.@....
│ │ │ 00000040: e901 ecb0 b563 2716 4d4d a88c 8e4c 4b24 .....c'.MM...LK$
│ │ │ 00000050: d2bb d338 81ed ff79 c30d 0425 5444 5943 ...8...y...%TDYC
│ │ │ 00000060: da7b f490 c321 a969 22f3 a5c2 ba09 2fb5 .{...!.i"...../.
│ │ │ 00000070: 848d 20e6 37ec ef65 9955 60d9 8557 3441 .. .7..e.U`..W4A
│ │ │ 00000080: adce be30 b19e a543 39ad 41d5 b2d1 5427 ...0...C9.A...T'
│ │ │ 00000090: 2c7f 1cc4 f101 504b 0708 2458 e4e8 6200 ,.....PK..$X..b.
│ │ │ 000000a0: 0000 9700 0000 504b 0102 1400 1400 0808 ......PK........
│ │ │ -000000b0: 0800 c24d 9153 2458 e4e8 6200 0000 9700 ...M.S$X..b.....
│ │ │ +000000b0: 0800 4e59 9153 2458 e4e8 6200 0000 9700 ..NY.S$X..b.....
│ │ │ 000000c0: 0000 1600 0000 0000 0000 0000 0000 0000 ................
│ │ │ 000000d0: 0000 0000 7479 7065 2d73 6561 7263 682d ....type-search-
│ │ │ 000000e0: 696e 6465 782e 6a73 6f6e 504b 0506 0000 index.jsonPK....
│ │ │ 000000f0: 0000 0100 0100 4400 0000 a600 0000 0000 ......D.........
@eighthave does this address all of the issues? https://github.com/guardianproject/tor-android/pull/174/files
