Package: binutils-doc
Version: 2.43.50.20241112-1
Severity: minor
Tags: upstream
User: reproducible-***@lists.alioth.debian.org
Usertags: username

Dear Maintainer,

I'm an occasional volunteer contributor to the Reproducible Builds[1] project,
and noticed recently that the Debian binutils-doc package began failing
automated reproducible build testing[2].

The cause appears to relate to the examples.tar.gz file, that I think began
appearing (as intended) in the package recently, likely related to some
upstream work/fixes[3][4][5] that landed in mid-October 2024.

However: the tar invocation used to construct the file does not guarantee a
deterministic output, because the constructed tarfile encodes the uid and
username of the build user.

A solution for this is described in the Reproducible Builds documentation at:

https://reproducible-builds.org/docs/archives/#users-groups-and-numeric-ids


In particular I believe the goal should be to adjust the tar invocations at:

https://sources.debian.org/src/binutils/2.43.50.20241215-1/gprofng/doc/Makefile.am/#L64
https://sources.debian.org/src/binutils/2.43.50.20241215-1/gprofng/doc/Makefile.in/#L898

...to include '--owner=0 --group=0 --numeric-owner'.


However, I'm not yet entirely sure how to apply that, given that automake may
be involved based on the filename(s).

I'll attempt to provide a patch, either in this bugthread and/or by providing a
merge request on Salsa.

Thanks,
James

[1] - https://reproducible-builds.org/

[2] - https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/binutils.html

[3] - https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=61621e018c847e578b4ce2eae2f6f2899e0c3a1a

[4] - https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=8789556ab4b3b6f736ac101a27b0278fcc3b0e82

[5] - https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=aaa4688f9dbbfb0ff887a15703a657180924334d