Compare commits

base: almet:e388fe609094941c0d8f2f28230be6c6c145c077

Branches Tags

almet:main

almet:test/1146-assets

almet:1146-inventory

almet:independent-container-updates

almet:test/1146-inventory

almet:podman-embed

almet:uv-take3

almet:revamp-docs

almet:global-settings

almet:v0.8.1-readme-fix

almet:test-large/969-pytest-group

almet:test/image-publication-cosign-apyrgio

almet:0.8.1-2-fedora

almet:test/image-publication-cosign

almet:1071-quilt

almet:0.8.1-trixie

almet:test/1046-reproducibility-2

almet:sequoia-key-retrieval

almet:test/ubuntu-24-bump

almet:fix-trixie-sq

almet:test/uv

almet:test/wip-reproducible-containers

almet:poetry-export-plugin

almet:test-poetry-export

almet:0.8.1-merge

almet:wip-reproducible-containers

almet:test/2024-11-ubuntu-24-ci

almet:feature-doit

almet:ci-depend-deb

almet:test/macos-runner

almet:ci-win-run-buit-artifact

almet:hotfix-0.7.1

almet:625-host-stream-4

almet:2024-10-fedora-41

almet:625-host-stream-2

almet:merge-hotfix-0.7.1-ci

almet:hotfix-0.7.1-ci

almet:193-instal-fail-wip

almet:test-ci

almet:revert-trixie

almet:hotfix-0.7.0

almet:850-pymupdf-musl

almet:2024-06-fix-runc-secomp

almet:2024-06-update-screenshots

almet:2024-06-docker-desktop-version-check

almet:almet/small-improvements

almet:681-upgrade-circleci-runners

almet:2024-04-pin-mupdf

almet:2024-02_v0.6.0-large-test

almet:424-file-viewer

almet:2023-12-trivy

almet:2023-11-main-largetest-comparison

almet:334-large-test-gh-actions

almet:221-user-ns

almet:v0.9.0

almet:v0.9.0-rc1

almet:v0.8.1

almet:v0.8.0

almet:v0.8.0-rc1

almet:v0.7.1

almet:v0.7.0-2

almet:v0.7.0

almet:v0.6.1

almet:v0.6.1-rc1

almet:v0.6.0-2

almet:v0.6.0

almet:v0.6.0-rc2

almet:v0.6.0-rc1

almet:v0.5.1

almet:v0.5.0

almet:v0.4.2

almet:v0.4.1

almet:v0.4.1-rc3

almet:v0.4.1-rc2

almet:v0.4.1-rc1

almet:v0.4.0-2

almet:v0.4.0

almet:v0.3.2

almet:dev-v0.3.2-rc3

almet:dev-v0.3.2-rc2

almet:dev-v0.3.2-rc1

almet:v0.3.1

almet:v0.3

almet:v0.3.dev1

almet:dev-v0.3.dev1

almet:v0.2.1

almet:v0.2

almet:v0.1.5

almet:v0.1.4

almet:v0.1.3

almet:v0.1.2

almet:v0.1.1

almet:v0.1

almet:v0.0.3

almet:v0.0.2

almet:v0.0.1

..

compare: almet:88a6b377708a56e88173da83bfa9b8ec6ddfa988

Branches Tags

almet:test/1146-assets

almet:1146-inventory

almet:independent-container-updates

almet:main

almet:test/1146-inventory

almet:podman-embed

almet:uv-take3

almet:revamp-docs

almet:global-settings

almet:v0.8.1-readme-fix

almet:test-large/969-pytest-group

almet:test/image-publication-cosign-apyrgio

almet:0.8.1-2-fedora

almet:test/image-publication-cosign

almet:1071-quilt

almet:0.8.1-trixie

almet:test/1046-reproducibility-2

almet:sequoia-key-retrieval

almet:test/ubuntu-24-bump

almet:fix-trixie-sq

almet:test/uv

almet:test/wip-reproducible-containers

almet:poetry-export-plugin

almet:test-poetry-export

almet:0.8.1-merge

almet:wip-reproducible-containers

almet:test/2024-11-ubuntu-24-ci

almet:feature-doit

almet:ci-depend-deb

almet:test/macos-runner

almet:ci-win-run-buit-artifact

almet:hotfix-0.7.1

almet:625-host-stream-4

almet:2024-10-fedora-41

almet:625-host-stream-2

almet:merge-hotfix-0.7.1-ci

almet:hotfix-0.7.1-ci

almet:193-instal-fail-wip

almet:test-ci

almet:revert-trixie

almet:hotfix-0.7.0

almet:850-pymupdf-musl

almet:2024-06-fix-runc-secomp

almet:2024-06-update-screenshots

almet:2024-06-docker-desktop-version-check

almet:almet/small-improvements

almet:681-upgrade-circleci-runners

almet:2024-04-pin-mupdf

almet:2024-02_v0.6.0-large-test

almet:424-file-viewer

almet:2023-12-trivy

almet:2023-11-main-largetest-comparison

almet:334-large-test-gh-actions

almet:221-user-ns

almet:v0.9.0

almet:v0.9.0-rc1

almet:v0.8.1

almet:v0.8.0

almet:v0.8.0-rc1

almet:v0.7.1

almet:v0.7.0-2

almet:v0.7.0

almet:v0.6.1

almet:v0.6.1-rc1

almet:v0.6.0-2

almet:v0.6.0

almet:v0.6.0-rc2

almet:v0.6.0-rc1

almet:v0.5.1

almet:v0.5.0

almet:v0.4.2

almet:v0.4.1

almet:v0.4.1-rc3

almet:v0.4.1-rc2

almet:v0.4.1-rc1

almet:v0.4.0-2

almet:v0.4.0

almet:v0.3.2

almet:dev-v0.3.2-rc3

almet:dev-v0.3.2-rc2

almet:dev-v0.3.2-rc1

almet:v0.3.1

almet:v0.3

almet:v0.3.dev1

almet:dev-v0.3.dev1

almet:v0.2.1

almet:v0.2

almet:v0.1.5

almet:v0.1.4

almet:v0.1.3

almet:v0.1.2

almet:v0.1.1

almet:v0.1

almet:v0.0.3

almet:v0.0.2

almet:v0.0.1

10 commits

e388fe6090 ... 88a6b37770

Author	SHA1	Message	Date
Alex Pyrgiotis	88a6b37770	Add support for Python 3.13 ... Bump our max supported Python version to 3.13, now that PySide6 supports it. Fixes #992	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	fb90243668	Symlink /usr in Debian container image ... Update our Dockerfile and entrypoint script in order to reuse the /usr dir in the inner and outer container image. Refs #1048	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	9724a16d81	Mask some extra paths in gVisor's OCI config ... Mask some paths of the outer container in the OCI config of the inner container. This is done to avoid leaking any sensitive information from Podman / Docker / gVisor, since we reuse the same rootfs Refs #1048	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	cf43a7a0c4	docs: Add design document for artifact reproducibility ... Refs #1047	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	cae4187550	Update RELEASE.md ... Co-authored-by: Alexis Métaireau <alexis@freedom.press>	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	cfa4478ace	ci: Add a CI job that enforces image reproducibility ... Add a CI job that uses the `reproduce.py` dev script to enforce image reproducibility, for every PR that we send to the repo. Fixes #1047	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	2557be9bc0	dev_scripts: Add script for enforcing image reproducibility ... Add a dev script for Linux platforms that verifies that a source image can be reproducibly built from the current Git commit. The reproducibility check is enforced by the `diffoci` tool, which is downloaded as part of running the script.	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	235d71354a	Allow setting a tag for the container image ... Allow setting a tag for the container image, when building it with the `build-image.py` script. This should be used for development purposes only, since the proper image name should be dictated by the script.	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	5d49f5abdb	ci: Scan the latest image for CVEs ... Update the Debian snapshot date to the current one, so that we always scan the latest image for CVEs. Refs #1057	2025-01-27 21:40:27 +02:00
Alex Pyrgiotis	0ce7773ca1	Render the Dockerfile from a template and some params ... Allow updating the Dockerfile from a template and some envs, so that it's easier to bump the dates in it.	2025-01-27 21:40:27 +02:00

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Show stats Expand all files Collapse all files

Diff content is not available