Reproducible Ironclad

On this site

External links

Reproducible builds enable anyone to reproduce bit by bit identical binary packages from a given source, so that anyone can verify that a given binary derived from the source it was said to be derived. There is more information about reproducible builds on the Debian wiki and on These pages explain in more depth why this is useful, what common issues exist and which workarounds and solutions are known.

We try to apply these principles to Ironclad. We periodically check ironclad master branch and each release tarball before releasing for variations using reprotest.

Build variables

Here are listed the expected variables that will change build output, if they remain constant, Ironclad builds will be reproducible.

Variable Reason
Compiler/linker versions Generated code will change
gprbuild/gnatmake versions Different tooling versions may change flags
OS directory listing order gprbuild/gnatmake use OS directory listing order to fetch source directory contents for compilation and linking, which makes them a compilation variable. Hopefully, that gets fixed soon.