Tony Arcieri

Perhaps it's doing some kind of locking I'm not familiar with? Can you run some kind of tracing on it to investigate? (e.g. ktrace/dtrace)

Some precedent for this in `block_puk`: https://github.com/iqlusioninc/yubikey-piv.rs/blob/aaaf3b142e5556bbac7950d5f96befbe27efa132/src/yubikey.rs#L469 It sounds like a good feature, although I'd prefer a deterministic counter-based method like the one used in `block_puk` to one based on...

U-Boot seems to have enough high severity security vulnerabilities owing to memory (un)safety I think it's definitely worth investigating whether or not we can eliminate it: https://www.cvedetails.com/vulnerability-list/vendor_id-18843/product_id-48033/Denx-U-boot.html

@hktonylee now that `rust-security-framework` is maintained again, it's probably the way to go, especially as it's already working for you

@dongcarl some what you mentioned calls to mind some important goals this tool should have (IMO): - **Portability**: ideally this tool should work anywhere Cargo itself works - **Simplicity**: there...

@dongcarl that's the basic idea, yes. The idea is to provide an easy-to-use, cargo-driven workflow which leverages the ongoing work in `rustc` to create builds which are fully deterministic, and...

> one thing that needs to be in the design is how we'll represent the "inputs" (perhaps source code + deps + build-tool versions + build configuration) to the build...

That's all great to hear, and given that it certainly sounds like much of the suggested project scope I gave earlier is unnecessary. Given that it seems like the utility...

I can only offer the "Doctor, it hurts when I try to make reproducible builds of programs with nondeterministic procedural macros" solution of: If you want your build to reproducible,...

Based on the discussion above, I propose a `cargo repro` MVP do the following: - `cargo repro build` collects environment details (e.g. OS, rustc version, C compiler version if `cc`...