mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-22 01:57:43 +00:00
f584505ac3
Having a __pycache__ on check can result in all kinds of weird issues. Notaby, the test environment is currently clearing all environment variables, including those responsible for keeping a reproducible build. This is not immediately a problem for functionality, but complicates downstream distribution in systems such as nix, where it is considered a bug [1]. It might also be possible to force determinism by exporting env vars instead: ``` DETERMINISTIC_BUILD=1 PYTHONHASHSEED=0 ``` This forces a special mode on the pycache, where instead of a `moddate`, it will then store a hash of the outputs [2]. This would be an alternative fix, but considering apparmor upstream does not (yet) test for bit-reproducibility, it is likely too fragile here. [1] https://github.com/NixOS/nixpkgs/issues/409032 [2] https://peps.python.org/pep-0552/
What little documentation exists is in include/aalogparse.h. Please file bugs using https://gitlab.com/apparmor/apparmor/-/issues