|
|
|
|
|
|
by pabs3
377 days ago
|
|
|
Nitpick: Debian does not sign binary packages, they sign Release files, which contain hashes of Packages files, which contain hashes of .deb binary packages. Debian uses .buildinfo files for builders to record the information about the inputs to building a binary package, including the source hashes, environment variables etc. A site-built package could be a different package, but it could also be a bit-identical package, due to Debian working on Reproducible Builds. https://reproducible-builds.org/ |
|
|